[tor-dev] The Torouter and the DreamPlug
jacob at appelbaum.net
Thu Jun 9 15:55:43 UTC 2011
On Thu, Jun 9, 2011 at 2:57 PM, Runa A. Sandvik <runa.sandvik at gmail.com>wrote:
> On Wed, Jun 8, 2011 at 4:02 PM, Andrew Lewman <andrew at torproject.org>
> > On Tue, 7 Jun 2011 15:36:45 -0700
> > Jacob Appelbaum <jacob at appelbaum.net> wrote:
> >> > We would also need a way for users to easily change the hashed
> >> > password. I can't remember if this is a feature that is already
> >> > present in Vidalia.
> >> Yes, we do need a way to change the password. We will also need a way
> >> to reset the password if the user is locked out of the control port. I
> >> generally think that this means we'll need a web UI... :-)
> > It's built into vidalia. Just click Advanced and you can change the
> > password all you want.
> >> I think the best thing is to make an autoconfiguring device with a
> >> web UI; we can easily rate limit Tor to something reasonable and make
> >> it a middle node by default. In all cases it stands alone and simply
> >> plugging it into a wall (power/ethernet) will provide more capacity
> >> to the network if the OR port is reachable (ala tor-fw-helper + tor +
> >> init.d scripts to start Tor on boot).
> > Most of me wants to wait for the freedombox people to derive their web
> > interface, and then we can plug tor into it. I realize this could be
> > years at the current rate of progress. If someone whips up a quick
> > interface that isn't a security nightmare, we could use that until
> > freedombox has something tangible.
> Yeah, I was hoping the freedombox people would have something we could
> use. Doesn't seem like it, though. I think that, at some point, we
> should create a web ui for the dreamplug. But not having one right now
> should not be a blocker for the dreamplug-torouter.
Well, I'm not sure what you mean... The FB is just a Debian machine. Pick a
web server, write a cgi and perhaps that will be the main interface? :-) I'd
email the FBF list and ask. Perhaps the best web UI is one that is already
written? Is the web UI for the Excito free software?
> I suggest we ship the dreamplug with cli access only for those who want
> > a cheap device to be a bridge or relay.
> I guess we can set up dreamplugs as bridges by default and include a
> leaflet explaining the steps to take to change the configuration. Do
> you think we should touch the default setup of the dreamplug (it
> serves an open wifi by default, for example)?
I believe that by default we should be shipping middle relays and we should
be shipping 0.2.3.x with tor-fw-helper enabled by default as well.
I think the boxes should be re-flashed to have Debian or a modern Ubuntu and
locked down except with Tor and OpenSSH as listening services. We also need
things to sync time and so on.
> > I suggest we ship the excito with the web ui as the easy to use
> > option.
> Yep, the Tor web ui for the Excito B3 should be ready at the end of the
Is it Free Software? Can we use it on the DreamPlug until we have something
> > In either case, we need to start testing, not keep thinking about what
> > we could do. We're going to get a flood of feedback from actual people
> > testing the excito or dreamplug.
> Valid point.
I think we need to talk about what we need for the OS. I suspect we need
OpenSSH + Tor (tor-fw-helper, etc) + a few stock configuration files + time
syncing (clockskew for example) + a randomly generated password that we
uniquely key for each router in some non-silly way.
Is there a trac ticket for the OS part of the Torouter?
All the best,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev