thanks do i have to install something in first line to perform this gpg lines? you say "| apt-key add -" torproject.org says "| sudo apt-key add -" doesnt sudo matter cause im useing root? is it possible to just deactive login/ssh to be save or is it just better/necessary to deal with rsa key? will tor be utoupdated at new release with "apt-get -y upgrade" or how to manage automated actuality?
On Saturday, April 18, 2015 3:46 PM, Julien ROBIN julien.robin28@free.fr wrote:
Hi !
You can try a mix between this (ultra simple), from https://www.torproject.org/docs/debian.html.en :
You need to add the following entry in /etc/apt/sources.list or a new file in /etc/apt/sources.list.d/:
deb http://deb.torproject.org/torproject.org wheezy main deb-src http://deb.torproject.org/torproject.org wheezy main
gpg --keyserver keys.gnupg.net --recv 886DDD89 gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
apt-get update apt-get install tor deb.torproject.org-keyring
This will make your "apt-get" using the last table version of Tor from the Tor Project servers, with signatures check making sure that no one "car jacked" the server before you download from it ;)
You will have to find a way to make your "apt-get update" and "apt-get -y upgrade" automatic, may be "reboot" too (when kernel have been updated for example, but here I cannot say precisely how to know if you have to reboot !)
And a second link, that can give you a lot of tips also
http://www.torservers.net/wiki/setup/server
Including disabling password authentification, but if you want to completely lock your server, a good way could be to make "/etc/init.d/ssh" unable to run (you delete the "x" permission for example)
After the reboot, you will not be able to connect anymore using SSH on your server, and you will have to use tools from your ISP if you want to drive your server again !
Personnaly, I always do a minimalist installation in order to have nothing else than OpenSSH listening (and Tor, of course !). Because if others things that I don't know (rpc bind port 111 etc) are listening I'm not sure that I have everything into control.
----- Mail original ----- De: tor-server-creator@use.startmail.com À: tor-relays@lists.torproject.org Envoyé: Samedi 18 Avril 2015 12:06:07 Objet: [tor-relays] simple relay setup
I need some help. My dedicated server is running debian and is new, set up by my serverhoster.
I want to run a TOR-Relay:
- It should always update to latest stable automatically.
- It should be save.
I will edit the torrc by myself. What i need is simple copy+paste codeline for:
- isntall and run functional auto-update for tor (is it libevent?)
just simply @root user without user/pgp dealing stuff. pgp stuff is confusing me!
- deactivate complete access (ssh disable?) to ensure savety (i have
to reinstall the system by serverhoster-website if change needet) i want to lock out even myself.
Is this a practical idea to most easy set-up and let run without struggle? Please help, thanks. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays