[tor-relays] Call for obfs4 bridges, and a brief discussion of obfs4proxy.
baumanno at cip.ifi.lmu.de
Sat Oct 11 16:17:34 UTC 2014
On 10/09/14, Yawning Angel wrote:
> On Thu, 9 Oct 2014 21:01:24 +0200
> Oliver Baumann <baumanno at cip.ifi.lmu.de> wrote:
> > FYI, I installed obfs4 today on my Pi using this:
> > https://packages.debian.org/sid/armhf/obfs4proxy/download
> > Just pick a mirror near you and wget/curl/... the .deb directly. It
> > installs via `dpkg -i` without ado. Whether it's working correctly
> > might be a different story. Log does show this, though:
> > [notice] Registered server transport 'obfs4' at '0.0.0.0:<PORT>'
> > ... which indicates to me that _something_ clicked ;) Also shows up in
> > the "transport" string from onionoo.
> Since you're running the latest and greatest version of the code, you
> can look in /var/lib/tor/pt_state/obfs4_bridgeline.txt for your
> bridgeline, and try connecting to it with the TBB alpha snapshots
> I've been providing.
> Also, odd. Debian's wiki states that armhf shouldn't work, but maybe
> I'm misreading the documentation (https://wiki.debian.org/RaspberryPi).
> Glad to know that it works, and my continued appreciation to Lunar who
> made the Debian packages, and thanks for running an obfs4 bridge!
> (obfs4proxy can also speak obfs3 if you also want to run one of those,
> as an alternative to installing obfsproxy. That code is well exercised
> at this point and we have a bridge running it that has pushed multiple
> TB worth of obfs3 traffic.)
> Yawning Angel
> : I added that in 0.0.3, you still need to figure out your bridge
> IP/port and fingerprint, but it beats pulling out the shared secret
> from the json file.
I fought long and hard with this and found out something.
Not being able to connect via obfs4 using the info from bridgeline.txt,
I conducted some experiments using info from IRC and obfs4_state.json.
For me to be able to connect to my obfs4-RPi-bridge, I need a bridgeline
bridge obfs4 <IP>:<PORT> $fp $cert $public-key $node-id $iat-mode
... where $public-key and $node-id can be taken from the state.json and
PORT is (obviously?) the obfs4-port, not the ORPort (this was not quite
so obvious to me).
This bridgeline-format worked for at least one other person having difficulties
connecting to their obfs4-bridge, so it might be worth adding a hint
Let me know if I can assist,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 473 bytes
Desc: not available
More information about the tor-relays