Hi,
On Wed, Sep 06, 2023 at 09:11:02PM +0200, telekobold wrote:
Hi,
On 06.09.23 09:25, gus wrote:
Have you tried to connect to your own bridge and see if it works? Here is how you build your obfs4 bridge line (note: it's your bridge fingerprint and not your hashed bridge fingerprint): https://community.torproject.org/relay/setup/bridge/post-install/
there seems to be a mismatch between the description linked above and the Tor browser UI to manually add a Tor bridge: If one starts the Tor browser, click on "Configure Tor connections" and then on "Add a Bridge Manually" (seems to be the only possibility to test your own Bridge directly in the Tor browser), there is only the option to provide the bridge's IP address and the obfs4 port, but not, as mentioned in the description linked above the fingerprint and the obfs4 certificate. When I try to add the fingerprint and the obfs4 certificate of my bridges, no connection is established.
Yes, there is a mismatch in Tor Browser UI. See these tickets:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40552
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41913
So, where is the advantage on additionally providing the fingerprint and the obfs4 certificate when connecting to Tor (I can imagine that it has something to do with authenticity)? And how can one do that using the Tor software respectively the Tor browser bundle?
If you add just IP:ORPort (**ORPort** and not the OBFS4 Port) you have a "vanilla" Tor bridge: a bridge that doesn't obfuscate your Tor traffic. So it may not work in countries/ISPs doing DPI. To use your own obfs4 bridge, you need to build the "complete bridge line"[1].
cheers, Gus [1] https://gitlab.torproject.org/tpo/web/manual/-/issues/130