- tor-relays - lists.torproject.org

Relay operators meetup @ Onionspace, Berlin (in solidarity with Torservers)
by Vasilis 27 Jul '18

27 Jul '18

Dear Tor friends and relay operators, This Saturday (21/07) a Tor relay operators meetup will take place at Onionspace, Berlin. When: Sat., 21 July 2018, 13:00 Where: Gottschedstrasse 4, Entrance 4, 13357 Berlin (U Nauener Platz) Map: https://www.openstreetmap.org/#map=18/52.54978/13.36991 Event link: https://blog.torproject.org/events/egypcio-vasilis-and-others-tor-friends-a… Hope to see many of you there. Cheers, ~Vasilis -- Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162 Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

5 6

Expanded Free Trial For Exit Relays
by Conrad Rockenhaus 27 Jul '18

27 Jul '18

Hello, One of the guys trying out my services suggested that I offer a free trial to those who would like to run Linux Tor Exit Relays or just plain relays or even bridges. So I am. I would prefer you would use FreeBSD (Still working on OpenBSD) but I'll offer Linux if it helps expand Tor. So, I'll offer this - 1 vCPU, 2GB RAM, 10GB HDD, 100mbit/unmetered bandwidth. Address space is SWIPed to me. I'm still automating things so I don't have a nice control panel online yet, should have it by this weekend though. If you're interested, please email me a public RSA key and I will create an instance for you. Thanks, Conrad -- Conrad Rockenhaus https://www.rockenhaus.com ------ Get started with GreyPony Anonymization Today! https://www.greyponyit.com

1 0

Moving Tor Files - Backing Up Tor Software On Macos
by Keifer Bly 25 Jul '18

25 Jul '18

Hi, So I am trying to backup my relay software (torrc file, relay fingerprint, etc) using my file backup application. However, there is a problem. The macos operating system only allows accessing the /usr/local/, where tor is saved via the Go -> Go to folder option and does not allow it to be found via the finder no matter what, which my backup application (google backup and sync) requires. I tried running defaults write com.apple.Finder AppleShowAllFiles true as both the normal and sudo user and restarted the computer and finder, and this did nothing. Is it possible to move the tor files to a place where they would be accessible via the Finder or is there a known workaround for this? The software version is tor 0.3.3.9 on macos 10.13.6. Thanks very much.

2 1

How to restore fingerprint on updated RPI3
by Richard Johnston 24 Jul '18

24 Jul '18

I've run a relay for over a year and recently updated from an RPI2 to a RPI3. I've copied the torrc file and the node has the same IP Address and ports. What additional files need to be copied to get the fingerprint (et al) to match the original relay. The updated RPI3 shows up as a new relay and I would like to have it take over the old fingerprint. Any suggestions or procedures? Thanks in advance! -- Rich Johnston

2 2

Bridge relays should upgrade to use the new bridge authority
by Roger Dingledine 24 Jul '18

24 Jul '18

Hi folks! If you run a bridge relay, please upgrade -- so your bridge address can resume being given out to censored users, and so your stats can resume being included in the metrics pages. We just put out new releases (0.2.9.16, 0.3.2.11, 0.3.3.9, 0.3.4.5-rc) that retire the old bridge authority and start using a new one. The new bridge authority is "Serge", and it is operated by George from the Tor BSD Diversity project: https://lists.torproject.org/pipermail/tor-announce/2018-July/000162.html If for whatever reason you can't upgrade yet, you can also manually switch to advertising your bridge descriptor to the new bridge authority by using this torrc line: AlternateBridgeAuthority Serge orport=9001 bridge 66.111.2.131:9030 BA44 A889 E64B 93FA A2B1 14E0 2C2A 279A 8555 C533 Thanks! --Roger

5 15

Temporarily shutting down public relay
by Shawn Webb 23 Jul '18

23 Jul '18

Hey All, As an FYI, I'm temorarily shutting down the non-exit HardenedBSD-based relay I run at home (3CA2B91F2F2720202DD845E0E4C827E720CF5430) due to an upcoming extensive shoulder surgery my wife is having. I need to cut costs as she will be out of work for a year. My plan is to re-enable it once she's fully recovered. Thanks, -- Shawn Webb Cofounder and Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera(a)is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE

1 0

FYI: Subpoena Received
by "IPfail (Tor Admin)" 23 Jul '18

23 Jul '18

FYI, I received a subpoena from a US based court to produce information about individual(s) who were using one of our exit nodes at a specific date/time. In the nearly 3 months that these exits have been in operation, this is the first subpoena and only the second complaint received. For purposes of documenting the approximate ratio of "complaints / traffic processed", these nodes have handled ~515TB and are using the recommended reduced exit policy. https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy

7 8

Bridges and MyFamily setting
by Cristian Consonni 23 Jul '18

23 Jul '18

Hi, I am running a couple of relay nodes and now I would like to set a bridge relay. The `torrc` file says the following: --- ## Uncomment this if you run more than one Tor relay, and add the identity ## key fingerprint of each Tor relay you control, even if they're on ## different networks. You declare it here so Tor clients can avoid ## using more than one of your relays in a single circuit. See ## https://www.torproject.org/docs/faq#MultipleRelays ## However, you should never include a bridge's fingerprint here, as it would ## break its concealability and potentially reveal its IP/TCP address. #MyFamily $keyid,$keyid,... --- I understand that I should not add the bridge fingerprint to the MyFamily setting of my other relays, but should I set MyFamily on my bridge (with the fingerprints of my other nodes)? I suppose that the logic of avoiding to have the same circuit through multiple relay controlled by the same operator is still valid, but I don't know if this could be a problem. C

2 3

[Software Announcement] FamilyGenerator: Tor MyFamily Generator
by Neel Chauhan 22 Jul '18

22 Jul '18

Hi tor-relays mailing list, I have created a tool called FamilyGenerator. FamilyGenerator is a tool to automatically construct a Tor MyFamily line based on Onionoo parameters. Why? If you run multiple relays, it can become hard to keep your MyFamily line updated if you add or remove relays. FamilyGenerator makes it easier (and automated if you use cron, or maybe without it in a future version if it ever comes). Does it integrate with Tor directly? As of now, no. If you want to automatically load FamilyGenerator outputs to Tor, you can: 1. Make sure all your relays has something in common in the Nickname or ContactInfo lines 2. Use a shell script to generate the MyFamily line with FamilyGenerator 3. Use a cron job to reload Tor after FamilyGenerator runs 4. Include the output in a Include line in your torrc Hopefully, a future version can avoid cron (that is, if it comes). FamilyGenerator is available on GitHub at: https://github.com/neelchauhan/FamilyGenerator You can install it from PyPI with: pip install FamilyGenerator A FreeBSD port is underway. For Debian users, sorry, but there's no Debian package in the pipeline as I don't use Debian. That's it. Thank You, Neel Chauhan

5 6

Trying to set up a relay at home, but get no connections
by Gunnar Wolf 21 Jul '18

21 Jul '18

Hello, I have set up a VM at my home server (via fiber DSL) to work as a Tor relay. I have set up port forwarding for ORport and DirPort (defaults, 9001 and 9030). The logs don't give me any useful information — or, possibly, I fail to grok anything useful ;-) The following happens every couple of hours: Jun 07 09:36:19.000 [notice] Heartbeat: It seems like we are not in the cached consensus. Jun 07 09:36:19.000 [notice] Heartbeat: Tor's uptime is 17:59 hours, with 0 circuits open. I've sent 2.71 MB and received 32.26 MB. Jun 07 09:36:19.000 [notice] Average packaged cell fullness: 13.454%. TLS write overhead: 12% Jun 07 09:36:19.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 14/14 NTor. Jun 07 09:36:19.000 [notice] Since startup, we have initiated 0 v1 connections, 0 v2 connections, 0 v3 connections, and 21 v4 connections; and received 0 v1 connections, 0 v2 connections, 0 v3 connections, and 216 v4 connections. Jun 07 09:36:19.000 [notice] DoS mitigation since startup: 0 circuits rejected, 0 marked addresses. 0 connections closed. 0 single hop clients refused. Jun 07 15:36:19.000 [notice] Heartbeat: It seems like we are not in the cached consensus. Jun 07 15:36:19.000 [notice] Heartbeat: Tor's uptime is 23:59 hours, with 0 circuits open. I've sent 3.18 MB and received 42.36 MB. Jun 07 15:36:19.000 [notice] Average packaged cell fullness: 13.454%. TLS write overhead: 14% Jun 07 15:36:19.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 0/0 NTor. Jun 07 15:36:19.000 [notice] Since startup, we have initiated 0 v1 connections, 0 v2 connections, 0 v3 connections, and 21 v4 connections; and received 0 v1 connections, 0 v2 connections, 0 v3 connections, and 284 v4 connections. Jun 07 15:36:19.000 [notice] DoS mitigation since startup: 0 circuits rejected, 0 marked addresses. 0 connections closed. 0 single hop clients refused. Jun 07 21:36:19.000 [notice] Heartbeat: It seems like we are not in the cached consensus. Jun 07 21:36:19.000 [notice] Heartbeat: Tor's uptime is 1 day 5:59 hours, with 0 circuits open. I've sent 3.66 MB and received 53.04 MB. Jun 07 21:36:19.000 [notice] Average packaged cell fullness: 13.454%. TLS write overhead: 16% Jun 07 21:36:19.000 [notice] Circuit handshake stats since last time: 0/0 TAP, 0/0 NTor. Jun 07 21:36:19.000 [notice] Since startup, we have initiated 0 v1 connections, 0 v2 connections, 0 v3 connections, and 21 v4 connections; and received 0 v1 connections, 0 v2 connections, 0 v3 connections, and 351 v4 connections. Jun 07 21:36:19.000 [notice] DoS mitigation since startup: 0 circuits rejected, 0 marked addresses. 0 connections closed. 0 single hop clients refused. What should I look into? Thanks,

11 13