<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
A Pi 2 or better could saturate your average <100Mbit/s each way
home connection running as a middle node. However, the Pi won't have
any more processing power to spare for anything else, at least
that's how it was with my Pi 2.<br>
<br>
<div class="moz-cite-prefix">On 30.3.16 1:22, brightsidedarkside
wrote:<br>
</div>
<blockquote cite="mid:56FB62A5.8050100@t-online.de" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
Hey Genral G,<br>
<br>
as far as I see, you plan to use your home connection for your
contribution.<br>
First of all: thanks for volunteering! [Although I'm not Mr
Competence nor Mr InnerCircleofTrust.]<br>
<br>
You should not at all run an exit if you can't, i.e. having a
dedicated IP with lots of traffic and a provider being fine with
Tor exits (which is absolutely not easy to find).<br>
Under no circumstances run an exit on your home connection (and
not with a PI).<br>
Why? An exit always seems to be the origin of all activity running
over it.<br>
So, every abuse complaint concerns the exit in question. Your
favourite law enforcement authority will visit you kindly (based
on different values).<br>
Another point is that IPs from exits are often blocked by
webmasters, so even if you don't use Tor for yourself, you won't
be able to access certain sites from your home connection any
more.<br>
An exit must be a dedicated server with enough power in terms of
traffic.<br>
I only have legacy PIs, but I can't imagine a recent PI would do
the job - at least on my PIs, literally everything including the
network is USB-bottlenecked, it won't even stream blue ray
quality.<br>
Exits are not so widespread which means they see literally all the
traffic going through the network.<br>
<br>
So, you have to decide whether you run a relay or a bridge.<br>
A bridge helps people in censored and/or oppressive areas because
a bridge's IP is not publicly available and therefore is not so
likely associated with the Tor network.<br>
Furthermore, you can setup pluggable transports that obfuscate
traffic so a censor can't easily tell a user connects to the tor
network.<br>
All of this is favourable for users in legislations where the
sheer use of Tor is sufficient for prosecution, be based on laws
or by pure arbitrary will.<br>
A bridge sees users, but not the huge gigs of traffic, so it
suggest it to be the choice for a PI on a home connection.<br>
It's not likely ordinary criminals from our own homes use bridges
- for them, it's legal to use relays that provide the same amount
of anonymity and, furthermore, are easier (automatically) to
connect to.<br>
<br>
I run a bridge and it's the time of political change that drives
my users based on statistics.<br>
A bridges IP is assigned to one of three pools and potential users
can request up to three bridge IPs at a time.<br>
This makes the overall amount of bridges unknown and prevents
blocking all of them.<br>
<br>
A relay provides the same amount of anonymity, but is aimed at
users in legislations letting them legally want to seek anonymity.<br>
The IPs are publicly available and therefore the avarage western
user usually connects automatically, i.e. to a relay.<br>
Relays see more traffic than bridges and a reason might be the
often found better infrastructure in democratic countries
including the according offers like high bandwidth streaming.<br>
On a home connection, abuse complaints and prosecutors won't come
for you running a middle relay.<br>
But, as IPs are public, some webmasters even block all Tor IPs
although this affects only the relays' operators as no Tor traffic
exits a middle relay.<br>
This means that you might be restricted from services even if you
don't use Tor for yourself which could make your home connection
partially useless for your purposes.<br>
<br>
Also, I'm "not quite sure" a PI could stand the traffic and I have
no experience in setting up a stable relay on a PI without
unresponsiveness errors appering in the logs.<br>
Search this mailing list for answers, the problem seems to be
common.<br>
<br>
The next question would be if you want to use Tor for yourself.<br>
I strongly suggest parallel use of Tor Browser Bundle for your own
purposes as your PI probably isn't your everyday dektop.<br>
<br>
If run on a unixoid desktop, you would have the possibility to set
up a virtual address space and iptables rules to route the whole
traffic of a given user including DNS queries through Tor although
there's a caveat in kernel package filter resulting in leaks under
certain circumstances. Tor wiki addresses this topic.<br>
<br>
The third possibility would be to route your whole network
including smart tv und DVD players through tor.<br>
Apart from increased network latency and a PI being slow, you're
not anonymous if you send any personal identifiable information
over the network.<br>
In this scenario, this would affect your whole network.<br>
<br>
My personal opinion is to forget about the concept of plug and
forget and not to be surprised about the concept of ingnorance and
surprise.<br>
<br>
I would suggest you rely on the wiki.<br>
First, it's very good and second, you can't yet judge information
provided by people like me doing here.<br>
<br>
I can't give you a quick introduction to linux administration.<br>
I don't know if "noob" relates to Tor or to Linux in general.<br>
As for Tor, you find an easy setup for a bridge or relay in the
wiki, and for heavens sake, the most important option is
"Exitpolicy reject *:*" in order to prevent obstacles you don't
want to face at the beginning. Everything else just causes
malfunction at worst.<br>
<br>
So, the powepoint abyss ends here and the interesting stuff
begins.<br>
Note: you should be familiar with opening ports in your
router/firewall and forwarding them to your PI.<br>
First, do this:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://www.torproject.org/docs/debian.html.en#ubuntu">https://www.torproject.org/docs/debian.html.en#ubuntu</a>
<br>
<br>
Now this if you want a relay (not a bridge):<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://www.torproject.org/docs/tor-doc-relay.html.en">https://www.torproject.org/docs/tor-doc-relay.html.en</a>
<br>
Notice: on linux, your config is in /etc, so look there for your
torrc or a tor subfolder.<br>
<br>
On the command line, "ls" lists a directory, "ls -al" shows even
the hidden files and sizes and ownership.<br>
"cd" changes directory. "cd /etc" would jump to /etc. "cd .."
would jump to parent directory. Notice the blank space after cd.<br>
<br>
Keep this in mind:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://www.torproject.org/docs/tor-relay-debian.html.en#after">https://www.torproject.org/docs/tor-relay-debian.html.en#after</a><br>
If you want overall automatic updates, I could deliver that later
on, it would make this mail even longer. <br>
<br>
If you want a bridge:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://www.torproject.org/projects/obfsproxy-instructions.html.en#instructions">https://www.torproject.org/projects/obfsproxy-instructions.html.en#instructions</a>
<br>
<br>
I suggest also offering scramblesuit as not all puggable
obfuscation always works for every user.<br>
This would affect the following line:<br>
<tt>ServerTransportPlugin obfs3,scramblesuit exec
/usr/local/bin/obfsproxy managed<br>
</tt>I use Ubuntu and for us privileged, the toproject repository
already offers pluggable transport via normal install and then,
scramblesuit is already available.<br>
I'm not sure about debian, torproject debian repos lack that
python pluggable transport library.<br>
<tt><br>
</tt>And of course, that would need another port forwarded in your
firewall. The procedure is the same as in obsproxy instructions
link.<br>
<br>
As I don't know about your noobiness, I suggest you install nano
first, a command line text editor suitable for beginners.<br>
Believe me, vi is hell, but not in Sartre's terms, there are no
others, just hell and you stuck in it.<br>
<br>
sudo apt-get install nano<br>
<br>
After that, you can type "sudo nano /etc/torrc" (always without
quotation marks) to edit your tor config.<br>
If it's not there, serach for a torrc.<br>
Do "sudo updatedb" and wait.<br>
then type "locate torrc" and remember the path.<br>
<br>
In order not to have to sudo every time to gain administrative
privileges, type "su" or "sudo -i".<br>
<br>
I hope this helps a bit.<br>
Have fun with Tor and hopefully linux.<br>
<br>
Greetings<br>
<br>
christian<br>
<br>
<div class="moz-cite-prefix">Am 30.03.2016 um 03:53 schrieb
Generalgrievous:<br>
</div>
<blockquote
cite="mid:xmv_--WTlvYNMXHyjCJOaeVFpIk2wh6ERe5ktRta_07F8DKLsE4LMpoCdFJQwlghTum1CEzInbJdiz9tlQ3ZlQ==@protonmail.ch"
type="cite">
<div>I have a Banana Pi that I would like to use to help the TOR
network.<br>
</div>
<div>I have installed Debian-Jessie and started researching the
process for setting<br>
</div>
<div>up relay, even an exit. I am a total noob, but willing to
learn. If someone is willing to help me step by step, I would
be excited to help. I've tested my internet speed, Download
average 60 mbps, Upload avreage 6 mbps, <br>
</div>
<div>If I would be more of a hindrance than a benefit, please
say so, no hard feelings. Located Central CA. <br>
</div>
<div><br>
</div>
<div> General G. <br>
</div>
<div><br>
</div>
<div class="protonmail_signature_block">Sent from <a
moz-do-not-send="true" href="https://protonmail.com">ProtonMail</a>,
encrypted email based in Switzerland.<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
tor-relays mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>
</pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
tor-relays mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>
</pre>
</blockquote>
<br>
</body>
</html>