[tor-relays] Installing obfs4 on Raspberry Pi bridge

jchase jchase at riseup.net
Sun Mar 29 19:31:47 UTC 2015


Thanks for your answer.
Your instructions were good and explicit, but you hit on two of the
problems I run into. I installed tor 0.2.5.11-1 from torproject.org and
got two error messages that I couldn't solve. I would have to go back
and re-install 0.2.5.11-1 to tell you what they were. In any case they
weren't configuration problems. I had pretty much the same problem
months ago when I installed a tor 0.2.5.x on Pi.
Which leads me to want to use a raspbian repo. only I am unable to get
/etc/apt/sources.list to recognize
http://archive.raspbian.org/raspbian/pool/main/t/tor/ (or variations
thereof) as a repository. And in my main raspian repo tor doesn't go any
higher than 0.2.4.26 . So simply updating tor does not work. How do I add
http://archive.raspbian.org/raspbian/pool/main/t/tor/
http://archive.raspbian.org/raspbian/pool/main/o/obfs4proxy/
http://archive.raspbian.org/raspbian/pool/main/libc/libcap2/
as one or more alternative repositories or force an install?
Thanks,
J. Chase


tor-relays-request at lists.torproject.org:
> Message: 4
> Date: Sun, 29 Mar 2015 00:19:14 +0200
> From: s7r <s7r at sky-ip.org>
> To: tor-relays at lists.torproject.org
> Subject: Re: [tor-relays] Installing obfs4 on Raspberry Pi bridge
> Message-ID: <551728E2.4030705 at sky-ip.org>
> Content-Type: text/plain; charset=windows-1252
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Hi,
> 
> obfs4 will not run on 0.2.4.x , you need at least 0.2.5.x or 0.2.6.x
> 
> First, upgrade your Tor.
> 
> You can use torproject.org repositories. If you are running wheezy:
> 
> 1. Add the repository:
> # echo "deb http://deb.torproject.org/torproject.org wheezy main" >>
> /etc/apt/sources.list
> 
> 2. Add the signing key:
> # gpg --keyserver keys.gnupg.net --recv 886DDD89; gpg --export
> A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add ?
> 
> 3. Install keyring:
> # apt-get update && apt-get -y install deb.torproject.org-keyring
> 
> Now upgrade your Tor, an apt-get -y install tor would upgrade to 0.2.5.1
> 1.
> 
> You can install obfs4proxy from deb.torproject.org too:
> 
> # echo "deb http://deb.torproject.org/torproject.org obfs4proxy main"
>>> >> /etc/apt/sources.list
> # apt-get update && apt-get -y install obfs4proxy
> 
> Now, modify your torrc to enable the obfs4 transport. Make sure you
> also add ExtORPort auto in torrc so it will report some useful
> statistics. obfs4proxy also supports obfs3, and some users still use
> that, so if you can be an obfs3 and obfs4 bridge at the same time
> (requires just one more open port) it would be great.
> 
> Sample torrc entry for enabling obfs4 and obfs3:
> ExtORPort auto
> ServerTransportPlugin obfs3,obfs4 exec /usr/bin/obfs4proxy
> ServerTransportListenAddr obfs3 [::]:port
> ServerTransportListenAddr obfs4 [::]:port
> 
> To make the bridge even better, you can bind obfs3 and obfs4 to lower
> ports (< 1024), if you have them free, such as obfs3 on 80 and obfs4
> on 443 (for example). This will help users behind really restrictive
> firewalls who only allow connections on few ports. You can easily do
> this with libcap2-bin package:
> 
> # apt-get -y install libcap2-bin
> # setcap 'cap_net_bind_service=+ep' /usr/bin/obfs4proxy
> 
> To make this persistent after a reboot, edit the /etc/rc.local file
> and add this line before 'exit 0':
> setcap 'cap_net_bind_service=+ep' /usr/bin/obfs4proxy
> 
> Hope this helps. If you don't want to use deb.torproject.org,
> everything required is also included in raspbian main repo:
> 
> http://archive.raspbian.org/raspbian/pool/main/t/tor/
> http://archive.raspbian.org/raspbian/pool/main/o/obfs4proxy/
> http://archive.raspbian.org/raspbian/pool/main/libc/libcap2/
> 
> If you want to use raspbian repo, simply ignore the lines where you
> add deb.torproject.org to your sources.list file and just upgrade,
> install the required packages and modify your torrc file.
> 
> Thanks for running a bridge.


More information about the tor-relays mailing list