- tor-relays - lists.torproject.org

Re: [tor-relays] Experience with obfuscated bridge on Raspberry Pi Raspian
by TonyXue 20 Aug '13

20 Aug '13

>China's internet censorship / 'firewall' thing seems to have been trying to enumerate bridges for a while now. Yes, it does. I guess it's actually detecting bridges from users. The bridges become 'one-off', you can only use those bridges one time(at least in a period of time) and the second time you try to connect through the same bridges, it won't work. From: tony.x(a)outlook.com To: tor-relays(a)lists.torproject.org Subject: RE: [tor-relays] Experience with obfuscated bridge on Raspberry Pi Raspian Date: Tue, 20 Aug 2013 18:42:41 +0800 >China's internet censorship / 'firewall' thing seems to have been trying to enumerate bridges for a while now. Yes, it does. I guess it's actually detecting bridges from users. The bridges become 'one-off', you can only use those bridges one time(at least in a period of time) and the second time you try to connect through the same bridges, it won't work. From: kostas(a)jakeliunas.com Date: Tue, 20 Aug 2013 13:01:35 +0300 To: tor-relays(a)lists.torproject.org Subject: Re: [tor-relays] Experience with obfuscated bridge on Raspberry Pi Raspian Thanks for sharing your experience! > After the week I decided to shut the bridge down because I heard from people being contacted by the police even though only running a non-exit relay. Do you remember where you did hear this? Was it in writing, are you by chance maybe able to link to it? It would be interesting to know more. All non-bridge relays (exit or non-exit) can be enumerated by anyone (that's by design); this is not the case with bridges. However I suppose the extent to which any potential efforts to do just that may be happening does very much depend on the jurisdiction where that bridge is being run; China's internet censorship / 'firewall' thing seems to have been trying to enumerate bridges for a while now. [1] In any case, as far as I'm concerned, it would be *really* interesting to hear of any incidents between the police and non-exit relay operators. [1]: https://blog.torproject.org/blog/knock-knock-knockin-bridges-doors On Tue, Aug 20, 2013 at 2:00 AM, z0rc <damian.goeldi(a)gmail.com> wrote: Hi, As lately there were many discussions on getting Tor from the experimental repository running on Raspian, I thought I would share my experiences here. First, I tried to install Tor following [1] and [2] and ran into the same compatibility issues as most of you. But then I just downloaded the soft-float version of Raspian "wheezy" from [3]. And I could install Tor and obsproxy from the experimental repository without any issues (i.e. without any compiling or complex configurations). I ran the obfuscated bridge for a week and it relayed a few 100 MB without any problems. The bridge is connected to a standard home cable connection in Switzerland (router runs pfSense). Of course the load was not too high due to only running an obfuscated bridge. After the week I decided to shut the bridge down because I heard from people being contacted by the police even though only running a non-exit relay. As I share a flat with some friends, I absolutely cannot afford being raided or similar. If anyone can give me some advice on running non-exit relays at home in Switzerland, I might consider running the bridge again. Hope this helps. Cheers, Damian [1] https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en#i… [2] https://www.torproject.org/docs/debian.html.en#development [3] http://www.raspberrypi.org/downloads _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

1 0

Re: [tor-relays] Raspberry Pi Relay Node Performance and future Plans on Documentation and more
by tor_bridge＠mail.md 18 Aug '13

18 Aug '13

Hello all, > For any Raspberry Pi Tor node operators breathlessly following this > thread :P I succeeded in building 0.2.4.16-rc on the Pi. We will see > how it performs now vs the circuit creation storms. me too on the pi with kernel 3.6.11, using this source: https://www.torproject.org/dist/tor-0.2.4.16-rc.tar.gz it took 32 minutes to configure and compile (make && make install). > This is not a simple Debian-type binary package install, as the > packages present in the Tor Project experimental repos are built for > *Debian* wheezy - that is, ARMv7 - and not *Raspbian* which was built > to support the ARMv6 CPU on the Pi. I'm wondering, is there any other method for running a tor bridge/relay on the raspberry pi, other than downloading the source and compiling it yourself? Is it possible for the Tor project to make an extra option on the page https://www.torproject.org/download/download-unix.html.en with instructions for people to run a bridge/relay on the Pi? I think it will help people not to spend time on installing the experimental wheezy package for the ARMv7 architecture. Tor_Bridge

8 16

Exit node move from Win to LInux
by var 18 Aug '13

18 Aug '13

Hello everybody after some trouble with our Linux Exit Node, we hope that you can point the finger at the problem. We changed from a Windows Server 2003 + Vidalia Exit Node to a Linux System. With the Windows Server everything went fine no problems. Since we got the Linux server there are a lot of problems. When the relay starts our Internet goes down. Its more like some DNS problem but i cant point the finger on it. The connection is still there but he need a lot of time to resolve the names. Is this a overkill for our router? Any suggestions? Need more info? Cheers guys&girls VarVarna

5 4

Running a relay and a bridge relay in the same time?
by TonyXue 18 Aug '13

18 Aug '13

Is that possible to configure the server to run a relay and a bridge relay in the same time? The comments in the torrc said that BridgeRelay 1 will make the server into a bridge relay. Does that mean the server will only be a bridge relay and not a relay anymore?

2 1

Re: [tor-relays] tor-relays Digest, Vol 31, Issue 23
by tw9eef 18 Aug '13

18 Aug '13

windows 2013/8/13 <tor-relays-request(a)lists.torproject.org> > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. Re: Planningon running bridge with bw limitation - config > help (Kostas Jakeliunas) > 2. Re: Raspberry Pi Relay Node Performance and future Plans on > Documentation and more (tor_bridge(a)mail.md) > 3. Re: Raspberry Pi Relay Node Performance and future Plans on > Documentation and more (Roman Mamedov) > 4. Is it safe to run an exit node from a VPS provider? > (Sindhudweep Sarkar) > 5. Re: Raspberry Pi Relay Node Performance and future Plans on > Documentation and more (Kostas Jakeliunas) > 6. Re: Is it safe to run an exit node from a VPS provider? > (Moritz Bartl) > 7. Re: Is it safe to run an exit node from a VPS provider? > (Steve Snyder) > 8. Question about TOR bandwidth management (tor(a)t-3.net) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 13 Aug 2013 15:20:25 +0300 > From: Kostas Jakeliunas <kostas(a)jakeliunas.com> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Planningon running bridge with bw limitation > - config help > Message-ID: > <CAN0KoyhUfWa+W_T=x= > bcqZ+oerrnS-V0D0hPedu2mG2ywR-c9A(a)mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > On Tue, Aug 13, 2013 at 2:39 PM, Moritz Bartl <moritz(a)torservers.net> > wrote: > > > On 13.08.2013 08:02, Kali Tor wrote: > > > I am actually in double minds about using obsproxy. Is there a demand > > for it? > > > > Yes! Please do set up obfsproxy. > > > Since obfsproxy bridges are usually really low traffic, I think the > combination of an obfsproxy bridge and raspberrypi makes quite a bit of > sense (that's what I'm running in any case, no problems so far (I also had > to compile Tor for armv6 from source)) :) >

1 0

mismatch between sent and received
by Dave Lahr 16 Aug '13

16 Aug '13

Hello There appears to be a growing mismatch between the amount of data sent and received for my relay. Most recent Heartbeats (in GB): sent received 8.07 10.87 7.30 10.10 6.87 9.68 6.41 9.22 6.18 8.50 This seems like something I should be concerned about, my are there GB of data that are stopping at my relay? This is not an exit relay, it is running on a raspberry pi running raspbian (debian). Any thoughts? Thank you in advance, Dave

1 0

'service tor start' not using "/etc/tor/torrc"?
by TonyXue 15 Aug '13

15 Aug '13

Hi, Today when I was using htop to check my Tor server. I found that Tor was running as "/usr/sbin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc --hush" which seems Tor is not using the configuration file "/etc/tor/torrc" but the default one instead. So what should I do to let Tor use /etc/tor/torrc? I tried to use "/usr/sbin/tor -f /etc/tor/torrc --hush" but it returned that 'debain-tor' is the owner of '/var/lib/tor' not the user I was using. Tony.

3 2

Re: [tor-relays] Raspberry Pi Relay Node Performance
by Harold Naparst 14 Aug '13

14 Aug '13

I updated my Raspberry Pi to 0.2.4.16-rc as Gordon Morehouse suggested. Almost immediately I can see a big difference. I now have 700 inbound connections, 4 outbound, and 14 circuits. Before it was about 150/15/50 or so. The download and upload rates are lower than before, but that might be because I have just restarted with the new version. Any thoughts?

2 1

Planningon running bridge with bw limitation - config help
by Kali Tor 14 Aug '13

14 Aug '13

Hi all, I am planning on running a bridge-relay but have a hard 1TB/month outgoing traffic limitation. Can someone help me with a torrc config that works for this setup? Regards, Kali

7 9

Is it safe to run an exit node from a VPS provider?
by Sindhudweep Sarkar 13 Aug '13

13 Aug '13

Hi, Over the past month I've been running a tor exit relay in a spare VPS machine that I am not using. It occurs to me know that this was probably a very poor idea, as I can't control the physical access to the machine or encrypt private key. In the good bad ISPs page<https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs>, I see that some cloud providers are listed (aws, etc). This implies that such a practice is okay, but If linode or a malicious party wanted to read the contents of /var/lib/tor/keys I don't think they'd have any difficulty whatsoever. How do folks secure their relay's keys on a vps environment? Or should I shutdown this relay and run a relay only when I am sure the keys are secured? -JB

5 4