[tor-commits] r25866: {website} make the obfsproxy bridge debian instructions more likely to (website/trunk/projects/en)

Roger Dingledine arma at torproject.org
Fri Nov 9 20:28:18 UTC 2012


Author: arma
Date: 2012-11-09 20:28:18 +0000 (Fri, 09 Nov 2012)
New Revision: 25866

Modified:
   website/trunk/projects/en/obfsproxy-debian-instructions.wml
Log:
make the obfsproxy bridge debian instructions more likely to work


Modified: website/trunk/projects/en/obfsproxy-debian-instructions.wml
===================================================================
--- website/trunk/projects/en/obfsproxy-debian-instructions.wml	2012-11-06 22:40:33 UTC (rev 25865)
+++ website/trunk/projects/en/obfsproxy-debian-instructions.wml	2012-11-09 20:28:18 UTC (rev 25866)
@@ -2,7 +2,7 @@
 # Revision: $Revision$
 # Translation-Priority: 4-optional
 
-#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8"
+#include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"
 
 <div id="content" class="clearfix">
   <div id="breadcrumbs">
@@ -14,65 +14,55 @@
 
     <!-- PUT CONTENT AFTER THIS TAG -->
 
-    <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1>
+    <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>
 
     <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
 
     <p>
-    This guide will help you setup an obfuscated bridge on a Debian/Ubuntu system.
+    This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.
     </p>
 
-    <h3>Step 0: Add Tor repositories to APT</h3>
+    <h3>Step 0: Move to the development version of Tor</h3>
     <br>
 
     <p>
-    You need
-    to <a href="https://www.torproject.org/docs/debian#development">install
-    the experimental official Tor Project APT repositories</a>,
-    because a fresh version of Tor (0.2.4.x) is required (Older
-    versions of Tor don't report their bridge addresses to BridgeDB).
+    Add the <a href="<page docs/debian>#development">development Tor
+    APT repository</a> and run the specified commands to install tor
+    and deb.torproject.org-keyring. You need Tor 0.2.4.x Tor because
+    it knows how to automatically report your obfsproxy address to <a
+    href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
     </p>
 
-    <h3>Step 1: Install Tor and obfsproxy</h3>
+    <h3>Step 1: Install obfsproxy</h3>
     <br>
 
-    <p>
-    Now install tor and obfsproxy:
-    </p>
-
     <pre style="margin: 1.5em 0 1.5em 2em">
-\# apt-get update
-\# apt-get install obfsproxy tor
+\# apt-get install obfsproxy
     </pre>
 
     <p>
-      Note that obfsproxy requires
-    libevent2 and your distribution (e.g. Debian stable) might not
-    have it in its repos.  You can
-    <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try
-    our experimental backport libevent2 debs</a>,
-    or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build
-    libevent2 from source</a>.
+    Obfsproxy requires libevent2. If your distribution (e.g. Debian
+    squeeze) doesn't include it, you can get it from the <a
+    href="http://packages.debian.org/search?keywords=libevent-2.0-5">backports</a>
+    repository.
     </p>
 
-    <h3>Step 2: Set up Tor</h3>
+    <h3>Step 2: Configure Tor</h3>
     <br>
 
     <p>
-    You will need an appropriate
-    Tor <a href="<page docs/faq>#torrc">configuration file</a>
-    (usually at <i>/etc/tor/torrc</i>):
+    Edit your <i>/etc/tor/torrc</i> to add:
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 SocksPort 0
-ORPort auto
+ORPort 443 # or some other port if you already run a webserver/skype
 BridgeRelay 1
 Exitpolicy reject *:*
 
-\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like.
+\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like
 Nickname CHANGEME_1
-\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example.
+\## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
 \#ContactInfo CHANGEME_2
 
 ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
@@ -82,11 +72,12 @@
     Don't forget to edit the <i>CHANGEME</i> fields!
     </p>
 
-    <h3>Step 3: Launch Tor and verify that it works</h3>
+    <h3>Step 3: Launch Tor and verify that it bootstraps</h3>
     <br>
 
     <p>
-    Restart Tor for the the new configuration file to be in effect:
+    Restart Tor to use the new configuration file.
+    (Preface with sudo if needed.)
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
@@ -112,10 +103,16 @@
     100%.
     </p>
 
+    <h3>Step 4: Set up port forwarding if needed</h3>
+    <br>
+
     <p>
-    Now you need to find the address on which obfsproxy is
-    listening. To do this, check your Tor logs for a line similar to
-    this one:
+    If you're behind a NAT/firewall, you'll need to make your bridge
+    reachable from the outside world — both on the ORPort and
+    the obfsproxy port. The ORPort is whatever you defined in step two
+    above. To find your obfsproxy port, check your Tor logs for a line
+    similar to this one:
+    </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
@@ -123,19 +120,11 @@
 
     <p>
     The last number, in this case <i>26821</i>, is the TCP port number
-    that your clients should point their obfsproxy to. So for example,
-    if your public IP is 1.2.3.4, your clients should put <i>Bridge
-    obfs2 1.2.3.4:26821</i> in their configuration file.
-    </pre>
+    that you need to forward through your firewall. (This port is randomly
+    chosen the first time Tor starts, but Tor will cache and reuse the
+    same number in future runs.)
     </p>
 
-    <p>
-    <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
-    <b>Don't forget!</b> If you are behind a NAT, you should <b>port
-    forward</b> the port that obfsproxy is listening on. In the
-    example above you would have to forward port <i>26821</i>.
-    </p>
-
   </div>
   <!-- END MAINCOL -->
   <div id = "sidecol">



More information about the tor-commits mailing list