[tor-relays] Call for obfs4 bridges, and a brief discussion of obfs4proxy.

Oliver Baumann baumanno at cip.ifi.lmu.de
Sat Oct 11 16:17:34 UTC 2014 

On 10/09/14, Yawning Angel wrote:
> On Thu, 9 Oct 2014 21:01:24 +0200
> Oliver Baumann <baumanno at cip.ifi.lmu.de> wrote:
> > FYI, I installed obfs4 today on my Pi using this:
> > https://packages.debian.org/sid/armhf/obfs4proxy/download
> > 
> > Just pick a mirror near you and wget/curl/... the .deb directly. It
> > installs via `dpkg -i` without ado. Whether it's working correctly
> > might be a different story. Log does show this, though:
> > [notice] Registered server transport 'obfs4' at '0.0.0.0:<PORT>'
> > 
> > ... which indicates to me that _something_ clicked ;) Also shows up in
> > the "transport" string from onionoo.
> 
> Since you're running the latest and greatest version of the code, you
> can look in /var/lib/tor/pt_state/obfs4_bridgeline.txt for your
> bridgeline[0], and try connecting to it with the TBB alpha snapshots
> I've been providing.
> 
> https://lists.torproject.org/pipermail/tor-dev/2014-September/007535.html
> 
> Also, odd.  Debian's wiki states that armhf shouldn't work, but maybe
> I'm misreading the documentation (https://wiki.debian.org/RaspberryPi).
> 
> Glad to know that it works, and my continued appreciation to Lunar who
> made the Debian packages, and thanks for running an obfs4 bridge!
> 
> (obfs4proxy can also speak obfs3 if you also want to run one of those,
>  as an alternative to installing obfsproxy.  That code is well exercised
>  at this point and we have a bridge running it that has pushed multiple
>  TB worth of obfs3 traffic.)
> 
> -- 
> Yawning Angel
> 
> [0]: I added that in 0.0.3, you still need to figure out your bridge
> IP/port and fingerprint, but it beats pulling out the shared secret
> from the json file.

Hey Yawning,

I fought long and hard with this and found out something. 
Not being able to connect via obfs4 using the info from bridgeline.txt,
I conducted some experiments using info from IRC and obfs4_state.json.

For me to be able to connect to my obfs4-RPi-bridge, I need a bridgeline
like this:

bridge obfs4 <IP>:<PORT> $fp $cert $public-key $node-id $iat-mode

... where $public-key and $node-id can be taken from the state.json and
PORT is (obviously?) the obfs4-port, not the ORPort (this was not quite
so obvious to me).

This bridgeline-format worked for at least one other person having difficulties
connecting to their obfs4-bridge, so it might be worth adding a hint
somewhere.

Let me know if I can assist,

O.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141011/057a071f/attachment.sig>

More information about the tor-relays mailing list