Alright, problem solved although I don't understand why. Hope someone can educate me:
What I did. (1) Turned on Log debug stderr in torrc, and I could see obfs4 loading correctly. (2) Then I realized obfs4 writes to a file to help people construct the bridgeline for tow browser in pt_state/obfs4_bridgeline.txt
The format is like: Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=[scrubbed] iat-mode=[scrubbed]
Which is different from the bridge line I used by hand, i.e. has FINGERPRINT, has cert=? and iat-mode=?. These extra bits made all the difference, but why?
Jack
30. Mar 2018 15:02 by jackoreamnos@tutanota.com mailto:jackoreamnos@tutanota.com:
Am a novice compiling Tor (0.3.2.9) and been successful using this from a Tor Browser as a private bridge by entering "a.b.c.d:9001" into Tor Browser. However, pointing my Tor Browser to the obfs4 on the same machine fails with something like General SOCKS failure in the log. Below is my torrc:
SOCKSPort 0 CookieAuthentication 1 ControlPort 9051 ORPort 9001 ExtORPort auto ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy # ServerTransportListenAddr obfs4 [::]:60443 ServerTransportListenAddr obfs4 0.0.0.0:60443 ExitRelay 0 BridgeRelay 1 PublishServerDescriptor 0
Tests I have done: (1) using obfs4 compiled from git repository, as well as the OS package. (2) opening port 60443, as well as dropping all firewalls - does not make a difference; meanwhile, pointing telnet at a.b.c.d 60443 connects successfully (3) using Tor Browser with default supplied obfs4 bridges works well (log shows I was able to download a list of bridges and their fingerprints).
So I think I have ruled out problems with my Tor client (Tor Browser), and I have ruled out firewall configurations on the server, and ruled out obfs4 being blocked on my ISP. Since Tor itself works, and I have tried obfs4 from source as well as from the OS package, the only thing I can think of is something wrong with the config above.
Any hints would be appreciated, as well as any steps I can do to further diagnose would be helpful.
Thanks, Jack