Does Setting Up a Bridge Relay Disable the Browser?
This may be a naïve question, but I've fired up my 64-bit Debian box now that the nights are cool, and editing the torrc to establish a bridge relay borks the browser. I provide anonymity much more than I use it myself, but is the bridge relay copacetic? Thanks in advance.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Thanks for this. But why do you want to run your bridge instance among the same Tor daemon as the one handling Tor Browser? If you are on Debian, install Tor package separately with apt-get install tor (recommended you add deb.torproject.org to your apt/sources.list file so you get the latest versions all the time - see https://www.sky-ip.org/configure-relay-debian-ubuntu.html ) overwrite the torrc file with this: ORPort 443 ExtORPort auto Nickname <#yourdesirednickname> ContactInfo <#someemailaddresshere> BridgeRelay 1 ExitPolicy reject *:* While you are at it, you might want to install obf4s4proxy package and provide a pluggable transport bridge. (deb http://deb.torproject.org/torproject.org obfs4proxy main) and add in torrc: ServerTransportPlugin obfs3,obfs4 exec /usr/bin/obfs4proxy ServerTransportListenAddr obfs3 [::]:<#someport> ServerTransportListenAddr obfs4 [::]:<#someport> On 9/7/2015 9:11 AM, Kenneth Freeman wrote:
This may be a naïve question, but I've fired up my 64-bit Debian box now that the nights are cool, and editing the torrc to establish a bridge relay borks the browser. I provide anonymity much more than I use it myself, but is the bridge relay copacetic? Thanks in advance.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJV7SvmAAoJEIN/pSyBJlsR034H/j32IUGpjbSB8AIW6WNOWxPL iNXGqS4KtUFPnPA8Ya6X9Wz3nEwPDl84F2OoiRsxoJ1dFp7DApoNnMtfHxeNVP5x hsdV0c8ph0ttUt97Jng+JvWSJVGs5NEOU8Kmluthr0ZxUSUQimI+7l4imXs1JNN6 4BcsADrIOW1FExefG7itFXcARsBwr7kQD0MRZv8GLWF+vMmFiTGHRVNe5pYg+ii+ sTFQlWI9eAXAoWdwYmTUrZHQiPLrlmMFDFLk0nvKY+AjWseZL6mI/NiDAb8mwNua awy2m4jQA1UHknj+H/cOEh0f+/HGm7vbUK7zhyKZ2R1sOO1ZNZP6cIizJkOQs2E= =Nl0D -----END PGP SIGNATURE-----
On 09/07/2015 12:17 AM, s7r wrote:
Hi,
Thanks for this. But why do you want to run your bridge instance among the same Tor daemon as the one handling Tor Browser?
I don't, necessarily. I should explain that I've been running a long-term relay on my 32-bit Ubuntu box (Anosognosia: 6473E357BEF916BB63DB589FC85FC9E981E1B0F8), wherein the Tor browser functions just fine; the 64-bit Debian box is my test bed for messing about, but it does seem flaky.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Well, people suggest that, unless you give <100KB/s, you should run a relay, not a bridge, as more relays are used (and we have Tor weather and such). You should be using Tor's daemon (apt-get install tor tor-arm) for the relay or bridge itself. - -Poke On 07/09/2015 07:11, Kenneth Freeman wrote:
This may be a naïve question, but I've fired up my 64-bit Debian box now that the nights are cool, and editing the torrc to establish a bridge relay borks the browser. I provide anonymity much more than I use it myself, but is the bridge relay copacetic? Thanks in advance.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJV7Sw/AAoJEHukJMVt72wmuzIP/1w2y/WIQT/eVrg1omEhKxvD nxr0qu4qZDnR9i0aqCt4lDgxkaXe3ehaBBfzPFms8HY9nsb3q8ulUU/QFMRTMAaQ P/0PxmSy6qb3aaX3qvY6kFJmSkwj4bMgHaLqKre8gZArlUIqZKjTBBqqgb7Dj0cR DbK//9JLGDWjXEoUHvg5UqiNMciy3imSeRsfjkgnMJmMg/C9dGg9iMZvWmDeCqfO shmdalaMf/maB3F9WUx919RLbaSp4VdvLwsIJtBeBp3T8c+JaPZztrR8cgxY/XBg /LSxIvnTsk9xNLopqPFeHkaf0PnnpYtA5KpnoeKoszBSS6M25ywYLCiCrL+J9rr/ 7eXPyf5UBLAWAunyLeZ0RWqxy4KPO/lPhmf+mjeYApDYwM0cWsJC1CWP81ybq0kJ hqtN0KUToH8qg943gR/s7bxPvV0VTHItVNGtfFFhWrCuxw/sBm2QTUSJOxcZ1PB1 wl4XjOHo1FM3+3tx32y7QHMjouEUhpld1L2uvFC2jjzZbSc2wx1KSod+EVkCOpbE mltireiYhqqyH5+9XQbvpN4+7zPcP9vAIjmj/r8+ThnjApQY+2koaPnz/Hq8gIX3 y3aPD8aGb+U0gR/ATZz9NbTNngloQMRztZE99udMV3V4+4i2M5E7yT1u74mqpR7d pQGSpA7si7j/1i7JDZXD =gkNr -----END PGP SIGNATURE-----
On 09/07/2015 12:18 AM, Billy Humphreys wrote:
Well, people suggest that, unless you give <100KB/s, you should run a relay, not a bridge, as more relays are used (and we have Tor weather and such). You should be using Tor's daemon (apt-get install tor tor-arm) for the relay or bridge itself. -Poke
I shall try this. If I have the bandwidth I'll run two relays, but for now I'd like to run a relay and a bridge relay.
On 09/07/2015 01:07 PM, Kenneth Freeman wrote:
On 09/07/2015 12:18 AM, Billy Humphreys wrote:
Well, people suggest that, unless you give <100KB/s, you should run a relay, not a bridge, as more relays are used (and we have Tor weather and such). You should be using Tor's daemon (apt-get install tor tor-arm) for the relay or bridge itself. -Poke
I shall try this. If I have the bandwidth I'll run two relays, but for now I'd like to run a relay and a bridge relay.
The whole point of a bridge is to provide access to Tor for people whose networks blacklist all normal relays, and those networks normally do that by IP address. Therefore, bridges need to not be on the same IP address as a normal relay. Even being in the same /24 can be problematic, IIUC. zw
On 09/07/2015 11:17 AM, Zack Weinberg wrote:
On 09/07/2015 01:07 PM, Kenneth Freeman wrote:
On 09/07/2015 12:18 AM, Billy Humphreys wrote:
Well, people suggest that, unless you give <100KB/s, you should run a relay, not a bridge, as more relays are used (and we have Tor weather and such). You should be using Tor's daemon (apt-get install tor tor-arm) for the relay or bridge itself. -Poke
I shall try this. If I have the bandwidth I'll run two relays, but for now I'd like to run a relay and a bridge relay.
The whole point of a bridge is to provide access to Tor for people whose networks blacklist all normal relays, and those networks normally do that by IP address. Therefore, bridges need to not be on the same IP address as a normal relay. Even being in the same /24 can be problematic, IIUC.
Ah! Makes sense. I've been involved with Tor for at least five years now, keeping its Wikipedia article up to date and such, but after all this time I'm still parsing the forest from the trees.
On Mon, Sep 07, 2015 at 12:11:28AM -0600, Kenneth Freeman wrote:
This may be a naïve question, but I've fired up my 64-bit Debian box now that the nights are cool, and editing the torrc to establish a bridge relay borks the browser. I provide anonymity much more than I use it myself, but is the bridge relay copacetic? Thanks in advance.
Well, it depends what you put in the torrc file. I assume you edited the torrc file that's inside the tor browser directory tree? Perhaps you did something there that it didn't like. Maybe you followed one of the instructions that suggested setting your socksport to 0, which would disable the client part of your Tor? The simplest approach in my opinion would be to install the Tor deb and configure it to be a bridge: https://www.torproject.org/docs/tor-relay-debian and in step 2, be sure to uncomment the 'bridgerelay 1' line too. Then use your Tor Browser totally separately from this Tor. (It's great that you're using Debian -- not because it's the best OS, though some good arguments can be made that it is, but rather because the Linux Tor packages are maintained best for Debian.) --Roger
On 09/07/2015 12:25 AM, Roger Dingledine wrote:
Well, it depends what you put in the torrc file. I assume you edited the torrc file that's inside the tor browser directory tree? Perhaps you did something there that it didn't like. Maybe you followed one of the instructions that suggested setting your socksport to 0, which would disable the client part of your Tor?
That's exactly it.
The simplest approach in my opinion would be to install the Tor deb and configure it to be a bridge: https://www.torproject.org/docs/tor-relay-debian and in step 2, be sure to uncomment the 'bridgerelay 1' line too.
Then use your Tor Browser totally separately from this Tor.
I'll give this a shot.
(It's great that you're using Debian -- not because it's the best OS, though some good arguments can be made that it is, but rather because the Linux Tor packages are maintained best for Debian.)
I like routine updates, I cannot lie. Incidentally, Wendy Fox is giving a presentation on social media under the aegis of the OSHER Lifelong Learning Institute at BSU as I'm typing this. I've given my spiel about Tor on her show (Tennis Court Disco on KRBX Radio Boise), and she's said that she'll mention the Tor Project. After all, your privacy is more configurable than you may realize, and this holds true for retirees and octogenarians too! Description's on Page 8. http://extendedstudies.boisestate.edu/osher/files/2015/05/Osher_Fall2015_Cat...
participants (5)
-
Billy Humphreys -
Kenneth Freeman -
Roger Dingledine -
s7r -
Zack Weinberg