- tor-relays - lists.torproject.org

Re: [tor-relays] new installation of an established TOR relay (RJ Hofmann)
by Wilton Gorske 28 Dec '20

28 Dec '20

Hey RJH, Yep. This has happened to me with my Raspberry Pi too (nickname: mutualaid). Be sure you make a copy somewhere safe of kitchenaid's keys found in /var/lib/tor/keys to pick up where you left off next time. Given the network's extra capacity, I doubt core developers and the community will focus on finding a way to fasttrack a relay's reputation, let alone backing up the private keys in a secure way. It's up to relay operators to create copies of their keys. Alternatively, you can also just do period backups of the entire SD card for the Raspberry Pi relay. Either way, thanks for running one. In solidarity, Wilton tor-relays-request(a)lists.torproject.org: > Message: 2 > Date: Sun, 27 Dec 2020 13:50:03 +0100 > From: RJ Hofmann<cepa(a)weltzustand.de> > To:tor-relays@lists.torproject.org > Subject: [tor-relays] new installation of an established TOR relay > Message-ID:<04381F44-8483-4ACE-8928-6E008FB885B5(a)weltzustand.de> > Content-Type: text/plain; charset="utf-8" > > Hello there, > > caused by a temporary failure of the raspberry I had to completely renew installation of my TOR relay nicknamed mosaik. > > The new installtion is already up and running, but since I had no copies of keys and fingerprints the new relay is completely new in terms of consensus weight etc.. > > I wonder if it is helpful in any way to inform you about this change as to accelerate the relay?s ?reputation? to make it fully functional for the community on the fast track. > > Anyway the relay will work its way up to its former capabilities. > > The old relay named ?mosaik? (see screenshot) is no longer existing, the new one is now called ?kitchenaid? (see screenshot) and active at its former speed. > > with best wishes > RJH > >

1 0

Re: [tor-relays] Help with new relay
by lists＠for-privacy.net 23 Dec '20

23 Dec '20

On 21.12.2020 08:31, Thomas wrote: > It works fine when I run it as sudo, but according to its output, it > "isn't a good idea, nor should it be necessary." So my first question > is: How do I go about getting Nyx to connect to Tor's control socket > as a standard, non-sudo process? That will be FAQ in this list ;-) You have to add yourself to the Tor user 'debian-tor' group. (_tor-00, _tor-01,... if you set up several instances. see below) adduser user_name group_name or usermod -aG user_name group_name usermod -aG debian-tor user > My second question revolves around running the Tor daemon as a > service. It seems as if, again, I need to run it as root to make it > work, otherwise it gives me permission denied errors. What I want is > to be able to run 2 consecutive nodes on different accounts; that way > I can be more safe and secure while running my relay. If that's able > to happen, how would I go about configuring my relay daemons to be > separate, i.e. where would I put my torrc? Create 2 or more Tor instances: ~$ apt install tor-instances installs a helper script on a Debian or Ubuntu system. On other distributions you have to do all of this by hand what this script does! ~$ systemctl stop tor ~$ tor-instance-create 00 ~$ tor-instance-create 01 ~$ ... ~$ systemctl enable tor@00 ~$ systemctl enable tor@01 ~$ ... ~$ systemctl mask tor@default ~$ nano /etc/tor/instances/00/torrc ~$ nano /etc/tor/instances/01/torrc ~$ ... ~$ systemctl start tor@00 ~$ systemctl start tor@01 ... To see if the tor daemon is running: systemctl status _tor@00 systemctl status _tor@01 or '~$ journalctl -xe' to see if everything is ok I wrote it a little more in detail in the PIVX forum. Ignore the PIVX stuff: https://forum.pivx.org/threads/howto-setup-masternode-or-staker-wallet-behi… -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

1 0

Re: [tor-relays] Question: RAM requirement for an exit relay
by BRBfGWMz 21 Dec '20

21 Dec '20

Olaf is right Get a $ 5 per month VPS On Wed, Dec 16, 2020 at 08:28 AM, Olaf Grimm <jeep665(a)posteo.de> wrote: > Hello Amadeus! > > When you talk about a RasPi, I assume you mean a home location. > Please read the recommendations. Never operate an Exit Relay at home! > It will be expensive if the wrong people knock on the door. > > By the way, for an Exit Relay the bandwidth should already be 10MBit/s > or better. > > Olaf > > Am 15.12.20 um 01:44 schrieb Amadeus Ramazotti: > > hey, > > partly related to original question: > > I'm planning to set up a new exit. My very first relay. I'm planning to > use a small SoC with 2GB ram. Something running on ARM like a raspberry pi. > > > > Is this feasible or even a good idea? > > > > Regards > > > > > > On 14 Dec 2020, at 15:10, torix(a)protonmail.com wrote: > > > > I have several 1 G RAM exits running unbound without a problem. They never > seem to hit swap, either. On FreeBSD: > > last pid: 83973; load averages: 0.86, 0.71, 0.62 up 130+15:44:28 16:02:04 > > 23 processes: 2 running, 21 sleeping > > CPU: 43.1% user, 0.0% nice, 2.7% system, 5.5% interrupt, 48.6% idle > > Mem: 101M Active, 734M Inact, 444M Wired, 151M Buf, 210M Free > > Swap: 512M Total, 512M Free > > > > Go for it, > > > > \--Torix > > > > > > Original Message > >> On Monday, December 14, 2020 1:11 PM, <lists(a)for-privacy.net> wrote: > >> > >>> On 14.12.2020 13:58, lists(a)for-privacy.net wrote: > >>> > >>> grep VmPeak/proc/$PID/status = 181836 kB > >> A non exit has less: > >> grep VmPeak/proc/$PID/status = 57336 kB > >> tor-proxy-02.for-privacy.net ^^ > >> > >> > \----------------------------------------------------------------------------------------------- > >> > >> p_o Ciao Marco! > >> > >> Debian GNU/Linux > >> > >> It's free software and it gives you freedom! > >> > >> tor-relays mailing list > >> tor-relays(a)lists.torproject.org > >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > _______________________________________________ > > tor-relays mailing list > > tor-relays(a)lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > _______________________________________________ > > tor-relays mailing list > > tor-relays(a)lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > _______________________________________________ > tor-relays mailing list > tor-relays(a)lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > \-- Sent using MsgSafe.io's Free Plan Private, encrypted, online communication For everyone. https://www.msgsafe.io

4 4

Help with new relay
by Thomas 21 Dec '20

21 Dec '20

Hi all! I'm a fairly new relay operator and I have a few questions regarding some of the nitty-gritty setup on Debian. I've set it up a couple times before, but I can't seem to be able to run my relay as non-root. Every time I boot up Nyx without using sudo, it says We were unable to read tor's authentication cookie... Path: /run/tor/control.authcookie Issue: Authentication failed: unable to read '/run/tor/control.authcookie' ([Errno 13] Permission denied: '/run/tor/control.authcookie') It works fine when I run it as sudo, but according to its output, it "isn't a good idea, nor should it be necessary." So my first question is: How do I go about getting Nyx to connect to Tor's control socket as a standard, non-sudo process? My second question revolves around running the Tor daemon as a service. It seems as if, again, I need to run it as root to make it work, otherwise it gives me permission denied errors. What I want is to be able to run 2 consecutive nodes on different accounts; that way I can be more safe and secure while running my relay. If that's able to happen, how would I go about configuring my relay daemons to be separate, i.e. where would I put my torrc? Any help would be much appreciated. Thanks! Thomas

1 0

Well, that escalated quickly
by enrollado 17 Dec '20

17 Dec '20

Hello all. I started an exit relay on Saturday. Last night I took a look at the log and I saw something like 30 active circuits at the heartbeat and the relay had passed a few tens of megabytes. I just logged in and saw 8,000 active circuits at the heartbeat and > 2 GB passed. Is it normal for an exit relay to suddenly ramp up like that? Just curious. Sent with ProtonMail Secure Email.

4 3

Authorithy clock skew in consensus health page
by torjoy 16 Dec '20

16 Dec '20

Hi all, Its just a curiosity question... What is the reference source used in comparsions of authorities clock skew in consensus health? Are they synced throught NTP daemons (like chrony or opentpd for example)? TOR can take advange of very accurate timing in the authorities and relays? I know that just few seconds (or miliseconds?) are fine of clock offset. And if the relay's clock has some fluctuation of hundreds of miliseconds? For example going from -100mS of offset to +300mS offset and them to -200 mS offset... I mean, too much clock noise can be a problem for TOR? Best regards, Luiz Sent with [ProtonMail](https://protonmail.com) Secure Email.

2 2

Re: [tor-relays] I created a way of running tor relays on Windows easier
by Keifer Bly 16 Dec '20

16 Dec '20

Here it is, thank you. https://github.com/thecomputermaster/TorWrapperWindows/blob/main/WindowsTor… --Keifer On Wed, Dec 16, 2020 at 8:39 AM Gisle Vanem <gisle.vanem(a)gmail.com> wrote: > > This is a project I have been working on which allows users to run > relays on Windows with ease. Made this for > > volunteers who want to run relays, but only have Windows. See here > > > > https://www.youtube.com/watch?v=Vpk6yvUWQqU > > The link to GoogleDrive cannot be accessed; > " ... in violation of Google's blah-blah .." > > Do you have a Release on Github instead? > > -- > --gv >

1 0

I created a way of running tor relays on Windows easier
by Keifer Bly 16 Dec '20

16 Dec '20

1 0

Question: RAM requirement for an exit relay
by Olaf Grimm 15 Dec '20

15 Dec '20

Hello! I would like to activate a local DNS resolver with unbound at the exit relays, but I am concerned about the RAM size with 1GB. On an example machine I have 2GB RAM and the exit relay occupies 400MB at 22.9 MiB/s according to the metrics. Does anyone have experience with such values? My smaller exit relays only have 1GB of RAM. Well, there is still the problem that simply trying it out is not possible. If I overrun the RAM and it comes to SWAP activities, then already on a local machine almost no access was possible. With a VPS this is a no-go. Kind regards! Olaf

8 11

No port IPv4 80 so not an called exit even when 443 open wide.
by Dr Gerard Bulger 14 Dec '20

14 Dec '20

It is now out of date that Tor servers are required to have port 80 IPv4 open, even if limited to a single Class A network in order that the relay can be labelled as an exit. Port 443 should be enough. For reasons I do not understand, if I open port IPv4 80 to a wider range I get abuse notices within a day, usually DMCA, as if some man in the middle is scanning the html! So far, wide open IPv6 port 80 attracts zero attention from those alleging abuse. http://example.com called as an IPv4 address cannot be reached by my tor exits as port 80 IPv4 too limited. Port 443 IPv4 and IPv6 on my exits are wide open to all, and we should all be on https anyway. https://example.com can be reached from my exits. Example.com does have an IPv6 address so in theory can be reached from my exits on port 80 as IPv6 port 80 is wide open I assume not used as the DNS requested for example.com gives IPv4 address. Can an Exits now be defined as an exit with port 443 open IPv4? And then tested that is an exit with https requests not http. Gerry Bulger

2 2