[tor-relays] tor-relays Digest, Vol 31, Issue 23

Sun Aug 18 06:16:35 UTC 2013

windows


2013/8/13 <tor-relays-request at lists.torproject.org>

> Send tor-relays mailing list submissions to
>         tor-relays at lists.torproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> or, via email, send a message with subject or body 'help' to
>         tor-relays-request at lists.torproject.org
>
> You can reach the person managing the list at
>         tor-relays-owner at lists.torproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-relays digest..."
>
>
> Today's Topics:
>
>    1. Re: Planningon running bridge with bw limitation - config
>       help (Kostas Jakeliunas)
>    2. Re: Raspberry Pi Relay Node Performance and future Plans on
>       Documentation and more (tor_bridge at mail.md)
>    3. Re: Raspberry Pi Relay Node Performance and future Plans on
>       Documentation and more (Roman Mamedov)
>    4. Is it safe to run an exit node from a VPS provider?
>       (Sindhudweep Sarkar)
>    5. Re: Raspberry Pi Relay Node Performance and future Plans on
>       Documentation and more (Kostas Jakeliunas)
>    6. Re: Is it safe to run an exit node from a VPS provider?
>       (Moritz Bartl)
>    7. Re: Is it safe to run an exit node from a VPS provider?
>       (Steve Snyder)
>    8. Question about TOR bandwidth management (tor at t-3.net)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 13 Aug 2013 15:20:25 +0300
> From: Kostas Jakeliunas <kostas at jakeliunas.com>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Planningon running bridge with bw limitation
>         - config help
> Message-ID:
>         <CAN0KoyhUfWa+W_T=x=
> bcqZ+oerrnS-V0D0hPedu2mG2ywR-c9A at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Tue, Aug 13, 2013 at 2:39 PM, Moritz Bartl <moritz at torservers.net>
> wrote:
>
> > On 13.08.2013 08:02, Kali Tor wrote:
> > > I am actually in double minds about using obsproxy. Is there a demand
> > for it?
> >
> > Yes! Please do set up obfsproxy.
>
>
> Since obfsproxy bridges are usually really low traffic, I think the
> combination of an obfsproxy bridge and raspberrypi makes quite a bit of
> sense (that's what I'm running in any case, no problems so far (I also had
> to compile Tor for armv6 from source)) :)
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.torproject.org/pipermail/tor-relays/attachments/20130813/975ded58/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 2
> Date: Tue, 13 Aug 2013 12:02:35 +0000
> From: <tor_bridge at mail.md>
> To: <tor-relays at lists.torproject.org>
> Subject: Re: [tor-relays] Raspberry Pi Relay Node Performance and
>         future Plans on Documentation and more
> Message-ID: <321f63c47ce0285ad4d6be231f2e920c at 172.16.17.3>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>
> Hello all,
>
> > For any Raspberry Pi Tor node operators breathlessly following this
> > thread :P I succeeded in building 0.2.4.16-rc on the Pi.  We will see
> > how it performs now vs the circuit creation storms.
>
> me too on the pi with kernel 3.6.11, using this source:
> https://www.torproject.org/dist/tor-0.2.4.16-rc.tar.gz
> it took 32 minutes to configure and compile (make && make install).
>
> > This is not a simple Debian-type binary package install, as the
> > packages present in the Tor Project experimental repos are built for
> > *Debian* wheezy - that is, ARMv7 - and not *Raspbian* which was built
> > to support the ARMv6 CPU on the Pi.
>
> I'm wondering, is there any other method for running a tor
> bridge/relay on
> the raspberry pi, other than downloading the source and compiling it
> yourself?
>
> Is it possible for the Tor project to make an extra option on the page
> https://www.torproject.org/download/download-unix.html.en
> with instructions for people to run a bridge/relay on the Pi? I think
> it
> will help people not to spend time on installing the experimental
> wheezy
> package for the ARMv7 architecture.
>
> Tor_Bridge
>
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 13 Aug 2013 18:58:12 +0600
> From: Roman Mamedov <rm at romanrm.net>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Raspberry Pi Relay Node Performance and
>         future Plans on Documentation and more
> Message-ID: <20130813185812.11d05c5b at natsu>
> Content-Type: text/plain; charset="us-ascii"
>
> On Tue, 13 Aug 2013 12:02:35 +0000
> <tor_bridge at mail.md> wrote:
>
> > I'm wondering, is there any other method for running a tor
> > bridge/relay on
> > the raspberry pi, other than downloading the source and compiling it
> > yourself?
>
> Raspbian has it in the repositories[1].
>
>   apt-get install tor
>
> Done. No need to build anything from the source.
>
> [1] http://archive.raspbian.org/raspbian/pool/main/t/tor/
>
> --
> With respect,
> Roman
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 198 bytes
> Desc: not available
> URL: <
> http://lists.torproject.org/pipermail/tor-relays/attachments/20130813/b950ce6a/attachment-0001.sig
> >
>
> ------------------------------
>
> Message: 4
> Date: Tue, 13 Aug 2013 09:04:10 -0400
> From: Sindhudweep Sarkar <sindhudweep.sarkar at gmail.com>
> To: tor-relays at lists.torproject.org
> Subject: [tor-relays] Is it safe to run an exit node from a VPS
>         provider?
> Message-ID:
>         <
> CAJXBjy3RLQdHgRk+DsrzFf_Q0tJEr2-bGSVBj4VXMBDibcOUYg at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi,
>
> Over the past month I've been running a tor exit relay in a spare VPS
> machine that I am not using.
>
> It occurs to me know that this was probably a very poor idea, as I can't
> control the physical access to the machine or encrypt private key.
>
> In the good bad ISPs
> page<https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs>,
> I see that some cloud providers are listed (aws, etc). This implies that
> such a practice is okay, but If linode or a malicious party wanted to read
> the contents of /var/lib/tor/keys I don't think they'd have any difficulty
> whatsoever. How do folks secure their relay's keys on a vps environment? Or
> should I shutdown this relay and run a relay only when I am sure the keys
> are secured?
>
>
> -JB
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.torproject.org/pipermail/tor-relays/attachments/20130813/4f5abddb/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 5
> Date: Tue, 13 Aug 2013 16:04:42 +0300
> From: Kostas Jakeliunas <kostas at jakeliunas.com>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Raspberry Pi Relay Node Performance and
>         future Plans on Documentation and more
> Message-ID:
>         <
> CAN0KoyjLO9tYM6qoD1YKfZg_WpLqy8CF+Ru8rHofDCrcLL6cFw at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Tue, Aug 13, 2013 at 3:58 PM, Roman Mamedov <rm at romanrm.net> wrote:
>
> > On Tue, 13 Aug 2013 12:02:35 +0000
> > <tor_bridge at mail.md> wrote:
> >
> > > I'm wondering, is there any other method for running a tor
> > > bridge/relay on
> > > the raspberry pi, other than downloading the source and compiling it
> > > yourself?
> >
> > Raspbian has it in the repositories[1].
> >
> >   apt-get install tor
> >
> > Done. No need to build anything from the source.
> >
>
> You need Tor 0.2.4.* to run an obfsproxy bridge, which I wanted to do.
> Wheezy repo only has 0.2.3.*; 0.2.4.* is only in the experimental Debian
> distro repo [1], afaik.
>
> [1]: http://packages.debian.org/experimental/tor
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.torproject.org/pipermail/tor-relays/attachments/20130813/32d6b123/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 6
> Date: Tue, 13 Aug 2013 15:32:02 +0200
> From: Moritz Bartl <moritz at torservers.net>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Is it safe to run an exit node from a VPS
>         provider?
> Message-ID: <520A3552.3060503 at torservers.net>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 13.08.2013 15:04, Sindhudweep Sarkar wrote:
> > Over the past month I've been running a tor exit relay in a spare VPS
> > machine that I am not using.
> > It occurs to me know that this was probably a very poor idea, as I can't
> > control the physical access to the machine or encrypt private key.
>
> This is a very valid question. So far, we have weighted in favor of
> "more exit capacity". If you require all exits to be on dedicated
> machines, you lose a lot of diversity and thus, potentially, anonymity.
>
> Of course, you should prefer dedicated machines over virtual machines,
> and own hardened hardware over off-the-shelf servers. We're not yet in a
> (well-funded?) state where we can expect everyone to do this.
>
> --
> Moritz Bartl
> https://www.torservers.net/
>
>
> ------------------------------
>
> Message: 7
> Date: Tue, 13 Aug 2013 09:58:34 -0400
> From: Steve Snyder <swsnyder at snydernet.net>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Is it safe to run an exit node from a VPS
>         provider?
> Message-ID: <520A3B8A.1050606 at snydernet.net>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>
>
> On 08/13/2013 09:04 AM, Sindhudweep Sarkar wrote:
> > Hi,
> >
> > Over the past month I've been running a tor exit relay in a spare VPS
> > machine that I am not using.
> >
> > It occurs to me know that this was probably a very poor idea, as I can't
> > control the physical access to the machine or encrypt private key.
>
> Running an exit node in a VM is better than not running an exit node at
> all.
>
> That said, not all virtualization is created equally.  An OpenVZ
> container (which is really not virtualization at all) leaves all your
> files being just files on the host disk.
>
> Anyone on the host console can just do a "locate fingerprint" to see
> those files in all containers and can list the processes running to see
> your relay.
>
> At least with Xen/KVM/VMware you're running on your own virtual disk,
> and are running all processes in a self-contained environment.  The
> traffic can still be sniffed by the host, of course, but you get more
> privacy than you would in an OpenVZ container.
>
>
> ------------------------------
>
> Message: 8
> Date: Tue, 13 Aug 2013 09:46:08 -0400
> From: tor at t-3.net
> To: <tor-relays at lists.torproject.org>
> Subject: [tor-relays] Question about TOR bandwidth management
> Message-ID: <520a38a0.570.f8a3f700.312df8c8 at t-3.net>
> Content-Type: text/plain; charset="us-ascii"; Format="flowed"
>
>
> Hello,
>
> Is it possible to configure a TOR node  to have different bandwidth
> limits at different times of day and on different days of the week?
>
> Thank you.
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.torproject.org/pipermail/tor-relays/attachments/20130813/9d0b2a45/attachment.html
> >
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
> ------------------------------
>
> End of tor-relays Digest, Vol 31, Issue 23
> ******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20130818/50c44122/attachment-0001.html>