[tor-relays] New obfsproxy transport: scramblesuit [bridge operators: please upgrade!]

George Kadianakis desnacked at riseup.net
Mon Feb 10 17:54:21 UTC 2014


Grozdan <neutrino8 at gmail.com> writes:

> On Mon, Feb 10, 2014 at 5:04 PM, George Kadianakis <desnacked at riseup.net> wrote:
>> Greetings,
>>
>> a few days ago we integrated ScrambleSuit to obfsproxy. ScrambleSuit
>> is a pluggable transport by Philipp Winter; you can find more about it
>> at: http://www.cs.kau.se/philwint/scramblesuit/
>>
>> If you are running a bridge, please consider upgrading your obfsproxy
>> to the latest version (0.2.6) by using pip or fetching the latest git
>> master.  Unfortunately, we don't have Linux packages yet, but we will
>> hopefully have some soon. In the meanwhile, we would appreciate some
>> testing :)
>>
>> After you upgrade obfsproxy, please change your ServerTransportPlugin
>> line from:
>>      ServerTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy managed
>> to:
>>      ServerTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed
>>
>> This will disable obfs2 [0] and enable scramblesuit.
>>
>> It's also important to know that scramblesuit is a password-based
>> pluggable transport, which means that each scramblesuit bridge has a
>> password and if the user doesn't know the password he/she can't
>> connect to the bridge. If you publishing your bridge to BridgeDB, Tor
>> will automatically send the ScrambleSuit password to BridgeDB so that
>> clients can get it. By default ScrambleSuit will generate a random
>> password; if you want to specify your own password, you can use a
>> torrc line like this:
>>       ServerTransportOptions scramblesuit password=LLDNOWV7I4P6RKFJMDEMIY2GNU2IQISA
>>
>> By the way, expect not to see any scramblesuit users in the
>> beginning. After a few people have set up scramblesuit bridges, we
>> will roll out a Tor Browser Bundle with scramblesuit enabled.
>>
>> Feel free to ask any questions you have!
>
> I just installed version 0.2.6 and tried to make my normal bridge a
> bridge with obfsproxy, but it fails to start it. In Tor log all i see
> is the below
>
> Feb 10 18:30:44.000 [warn] The communication stream of managed proxy
> '/usr/bin/obfsproxy' is 'closed'. Most probably the managed proxy
> stopped running. This might be a bug of the managed proxy, a bug of
> Tor, or a misconfiguration. Please enable logging on your managed
> proxy and check the logs for errors.
>
> My torrc config contains the following:
>
> ServerTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed
>


Hm.

Can you make sure that obfsproxy is in /usr/bin/obfsproxy? Depending
on how you installed obfsproxy-0.2.6, the executable might be in
/usr/local/bin/ or elsewhere.

If that doesn't work, try this torrc line instead:
   ServerTransportPlugin obfs3,scramblesuit exec /usr/local/bin/obfsproxy --log-min-severity=debug --log-file=/home/user/obfs.log managed

this will turn on logging for obfsproxy and create a logfile in your
home directory (fix the /home/user/obfs.log path). Please start up Tor
again and check out the log file. If the log file doesn't get created
it means that obfsproxy failed before writing the log file (this might
be a permissions problem, or something else).


More information about the tor-relays mailing list