[tor-dev] [tor-relays] Private Tor Research Network

Tim Wilson-Brown - teor teor2345 at gmail.com
Sat Apr 9 00:34:01 UTC 2016

> On 9 Apr 2016, at 04:21, Nicholas R. Parker (RIT Student) <nrp7859 at rit.edu> wrote:
> Hi all,
> I've got an issue that I'm seeking help with. I'm with a small group out of RIT that's trying to construct a private TOR network for research purposes, but we've hit a bit of a snag.
> I've worked with both liu fengyun's (http://liufengyun.chaos-lab.com/prog/2015/01/09/private-tor-network.html) and Ritter's write up (https://ritter.vg/blog-run_your_own_tor_network.html), but when trying to set up authority directories the whole thing really falls apart.

Depending on your research needs, you might find chutney helpful:

chutney configures and launches a tor network on the local machine.
It's designed to quickly smoke-test tor's key functionality, so it has a lot of torrc options set that speed things up.

You should be able to get it to run using:
1. git clone https://git.torproject.org/chutney.git
2. git clone https://git.torproject.org/tor.git
3. cd tor
4. make test-network-all

You might find this useful to test your code changes, or to give you a set of starting configurations that you can then modify to your own needs (including putting various nodes on different IP addresses).

> Trying to edit the torrc file gives errors where it doesn't attempt to bind to the correct ports and trying to set --dirserver or --datadirectory results in errors that there isn't permission to access /var/lib/tor regardless of the owner of the directory (we've tried leaving it as being owned by _tor, tried changing ownership to root, etc) so we can't get the authority directories off the ground.

At the high level of detail your provided, these sound like typical network daemon configuration issues.
Have you tried consulting a network daemon FAQ for your OS?

Typically, ports under 1024 shouldn't be used, because they often require root permissions or OS-specific capabilities.
Each tor authority has a configured IP and ports, and these need to be consistent in each authority, relay, and client's torrc.
Multiple tor instances on the same machine should not use the same ports - this includes default ports like SOCKSPort. (Set to 0 to disable).
Do you have any other services running on these machines?
Do you have old tor processes still running?

Typically, network daemons need to be run as the user that owns the directory (or, at the very least, the user needs permission to modify it).
Have you tried using a user / permissions FAQ for your OS to help you configure the user and permissions correctly?
Tor also has more specific requirements for security reasons, this protects the keys from other users on the system.

It's hard to give more advice without more specific details.
If this advice doesn't help, please copy and paste the configuration options you used, and the errors you got, and then tell us what you've tried to do to fix them.


Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160409/937d70d7/attachment-0001.sig>

More information about the tor-dev mailing list