April 2023 - tor-relays - lists.torproject.org

recommended way to run 0.4.7 on armhf?
by ilf 25 Nov '23

25 Nov '23

What's the recommended way to run 0.4.7 on armhf? > The package repository [deb.torproject.org] does not offer 32-bit ARM > architecture (armhf) images (yet). https://support.torproject.org/apt/tor-deb-repo/ Debian has 0.4.7 in bullseye-backports. But Raspbian doesn't have bullseye-backports: http://raspbian.raspberrypi.org/raspbian/dists/ -- ilf If you upload your address book to "the cloud", I don't want to be in it.

3 6

Help Turkmens to bypass Internet censorship: run an obfs4 bridge!
by gus 02 Aug '23

02 Aug '23

Dear Relay operators community, The parliamentary elections in Turkmenistan are coming up very soon on March 26th[1], and the Turkmen government has tightened internet censorship and restrictions even more. In the last few months, the Anti-censorship community has learned that different pluggable transports, like Snowflake, and entire IP ranges, have been blocked in the country. Therefore, running a bridge on popular hosting providers like Hetzner, Digital Ocean, Linode, and AWS won't help as these providers' IP ranges are completely blocked in Turkmenistan. Recently, we learned from the Anti-censorship community[2] and via Tor user support channels that Tor bridges running on residential connections were working fine. Although they were blocked after some days or a week, these bridges received a lot of users and were very important to keep Turkmens connected. How to help Turkmens to access the Internet =========================================== You can help Turkmens to access the free and open internet by running an obfs4 Tor bridge! But here's the trick: you need to run it on a residential connection -- you won't need a static IPv4 --, and it would ideally be run on more robust hardware than just a Raspberry Pi (although that can help, we have found they can get overloaded). You can set up an obfs4 bridge by following our official guide: https://community.torproject.org/relay/setup/bridge/ After you setup a new bridge, you can share your bridge line with the Tor support team at frontdesk(a)torproject.org, and we will share it with users. A complete bridge line is composed of: IP:OBFS4_PORT FINGERPRINT cert=obfs4-certificate iat-mode=0 Check this documentation to learn how to share your bridge line: https://community.torproject.org/relay/setup/bridge/post-install/ Just sharing your bridge fingerprint is not the best, but it's fine. You can read more about censorship against Tor in Turkmenistan here: - https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… - Snowflake blocked: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/iss… Thank you for your support in helping to keep the internet free and open for everyone. Gus [1] https://en.wikipedia.org/wiki/2023_Turkmen_parliamentary_election [2] https://ntc.party/c/internet-censorship-all-around-the-world/turkmenistan/17 https://github.com/net4people/bbs/issues/80 -- The Tor Project Community Team Lead

7 24

Tor Relay Operator Meetup - April 15th, 2023 at 19 UTC
by gus 22 May '23

22 May '23

Hello, The next Tor Relay Operator Meetup will happen on April 15th, 2023, at 19 UTC. We're still working on the agenda, feel free to add your topics and/or questions on the pad: https://pad.riseup.net/p/tor-relay-op-meetup-april-keep onionsite: http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor… WHERE Room link: https://tor.meet.coop/gus-og0-x74-dzn Registration No need for a registration or anything else, just use the room-link above. We will open the room 10 minutes before so you can test your mic setup. Please share with your friends, social media and other mailing lists! Gus -- The Tor Project Community Team Lead

2 2

PSA: Tor 0.4.5 reaches end of life (EOL) on 2023-02-15
by Georg Koppen 17 May '23

17 May '23

Hello! In case it affects you as you are still running your relay or bridge on Tor 0.4.5.x: the 0.4.5 series is going EOL on *2023-02-15* (roughly in 3 weeks from now). That's currently still 760 relays, which means roughly 7% of the advertised bandwidth of the network (and 387 bridges, which means roughly 9% of the advertised bridges bandwidth). Please make sure you have upgraded to the 0.4.7.x series by then. Supported releases in general can be found on the network team wiki.[1] Thanks, Georg [1] https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/CoreTorRele…

6 8

Open call for proposals for improving the health of the Tor relay operator community and the Tor network
by gus 11 May '23

11 May '23

Hello, We accomplished a number of things in our fight against malicious relays over the last 2 years[1]. One area we still need to focus on is strengthening our relay operator community. We're therefore currently collecting proposals from you or anyone else interested that could help to impove the health of the Tor relay operator community and, thus, provide our users a more trusted Tor network. We're accepting both new and old proposals, and we're open to any ideas you may have. Although there are various proposals for improving the network and the Tor relay operator community, not all of them are being enforced at the moment. Nevertheless, some proposals that can help on increasing trust have been adopted by a meaningful fraction of the Tor community (e.g. providing valid contact information). Another great example of such proposals is the "Expectations for Relay Operators"[2] document, where we guide relay operators to keep the Tor community and the network safe, healthy, and sustainable. We'd love to hear your proposal on how to make it more difficult for attackers to run relays while keeping it easy for good contributors to join our network. You can share your proposals on this GitLab ticket[3] and our tor-relays mailing list. It is worth noting that at the moment we are only trying to map these proposals to get an overview over the various options available. We're not in the process of approving any of them. If you have any experience, positive or negative, with Sybil-resistance and online abuse mitigation projects, we welcome your opinion as well. Since in this debate we have seen previous bad actors trying to game this process and thus lowering the effectiveness of our defenses, the Tor team will take all measures to stop people acting in bad faith and enforce the Tor Code of Conduct and policies. During the Tor Relay Operator Meetup on Saturday (March 4, 2023 - 19UTC), we will be discussing some of these proposals we've collected so far. Thank you, Gus [1] https://blog.torproject.org/malicious-relays-health-tor-network/ [2] https://gitlab.torproject.org/tpo/community/team/-/wikis/Expectations-for-R… [3] https://gitlab.torproject.org/tpo/community/relays/-/issues/55 -- The Tor Project Community Team Lead

4 11

Re: [tor-relays] For some reason, my bridge is still saying it has no distribution mechanism, despite it is listed as email in my torrc and says it is overloaded?
by Keifer Bly 23 Apr '23

23 Apr '23

Now its more confusing. That tool says the port is not reachable for both port 8080 and 8081. But the notices.log says the port is reachable. And apparently the accountigmax is being reached..... --Keifer On Wed, Apr 19, 2023 at 8:06 AM meskio <meskio(a)torproject.org> wrote: > Quoting Keifer Bly (2023-04-19 16:46:37) > > How to find that? > > https://community.torproject.org/relay/setup/bridge/post-install/ > > > It gave the message its reachable from the outside. > > This message is saying that the ORPort is reachable from outside, but it > doesn't > test for the obfs4 configured port. You can test it yourself if the port > is > reachable using our reachability test: > https://bridges.torproject.org/scan/ > > Or directly configure the bridgeline in Tor Browser and see if it connects > correctly. > > -- > meskio | https://meskio.net/ > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > My contact info: https://meskio.net/crypto.txt > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Nos vamos a Croatan.

1 1

OpenBSD DoS Mitigation
by null 21 Apr '23

21 Apr '23

Hi all, I'm running a Tor middle/guard relay on OpenBSD. I'm wondering if there are any steps I should take to guard my relay from DoS attacks. My thanks

4 3

For some reason, my bridge is still saying it has no distribution mechanism, despite it is listed as email in my torrc and says it is overloaded?
by Keifer Bly 19 Apr '23

19 Apr '23

Hi, So for my bridge at https://metrics.torproject.org/rs.html#details/4D6E3CA2110FC36D3106C86940A1… Despite my newest torrc, which is here: Nickname gbridge ORPort 8080 SocksPort 0 BridgeRelay 1 PublishServerDescriptor bridge BridgeDistribution email ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy ServerTransportListenAddr obfs4 0.0.0.0:8081 ExtOrPort auto Log notice file /var/log/tor/notices.log ExitPolicy reject *:* AccountingMax 50 GB ContactInfo keiferdodderblyyatgmaildoddercom It still says "Bridge Distribution Mechanism: None". However, that's VERY confusing as it is listed in the torrc file to be distributed by email and apparently despite that it is not distributed, it is overloaded somehow? This is confusing to me as why would it say no distribution mechanism when it is in the torrc as email, and how could it be overloaded if it's not being used? Thanks so much all, --Keifer

3 4

Police request regarding relay
by Finn 13 Apr '23

13 Apr '23

Hello everyone, We are hosting multiple relays under our AS 210558 and received an email from a local police station in Germany requesting user data, nothing unusual. The weird thing is, that the relay in question is only a relay and not an exit node since its creation (185.241.208.179) (https://nusenu.github.io/OrNetStats/w/relay/B67C7039B04487854129A66B16F5EE3…) - anyone has an idea how this happens? Best regards

5 6

new exit relay
by Linux-Hus Oni 12 Apr '23

12 Apr '23

Hi to all, i have setup a new tor exit relay with name TorGate, but there are only a few kb trafic on this? the flags are exit,running,v2dir,valid and its also messured. there are no warns or errors in the tor console any ideas why? regards Lin

4 4