![]() However, for users of TBB 2.x and 3.0, this release includes important security updates to Firefox. We hope to have combined packages available in a beta soon.įor people already using TBB 3.5rc1, the changes are not substantial, and are included below. Packages are now available from the Tor download page as well as the Tor Package archive.įor now, the Pluggable Transports-capable TBB is still a separate package, maintained by David Fifield. The 2.x stable series of the Tor Browser Bundle has officially been deprecated, and all users are encouraged to upgrade to the 3.5 series. See inline and see the FAQ link for more details. If your bridge is now running, check out the post-install notes.Update 12/20: Test builds of Pluggable Transport bundles are now available. If you are having trouble setting up your bridge, have a look at our help section. Self-testing indicates your ORPort is reachable from the outside. (this may take up to 20 minutes - look for log messages indicating success) Now checking whether ORPort :3818 is reachable. Looks like client functionality is working. Registered server transport 'obfs4' at ':46396' Your Tor bridge's hashed identity key fingerprint is ' ' To confirm your bridge is running with no issues, you should see something like this (usually in /var/log/syslog or run # journalctl -e -u Your Tor server's identity key fingerprint is ' ' Or restart it if it was running already, so configurations take effect: # systemctl restart tor.service You can use our reachability test to see if your obfs4 port is reachable from the Internet.Įnable and Start tor: # systemctl enable -now tor.service If your bridge is behind a firewall or NAT, make sure to open both ports. Note that both Tor's OR port and its obfs4 port must be reachable.To work around systemd hardening, you will also need to set NoNewPrivileges=no in and and then run systemctl daemon-reload. Sudo setcap cap_net_bind_service=+ep /usr/bin/obfs4proxy If you decide to use a fixed obfs4 port smaller than 1024 (for example 80 or 443), you will need to give obfs4 CAP_NET_BIND_SERVICE capabilities to bind the port with a non-root user:.This is optional.ĭon't forget to change the ORPort, ServerTransportListenAddr, ContactInfo, and Nickname options. # Pick a nickname that you like for your bridge. # Replace "" with your email address so we can contact you if there are problems with your bridge. Don't try to set a specific port number, nor listen on 0.0.0.0. # "Ext" means "extended", not "external". # Local communication port between Tor and obfs4. ServerTransportListenAddr obfs4 0.0.0.0:TODO2 # This port must be externally reachable and must be different from the one specified for ORPort. # Replace "TODO2" with an obfs4 port of your choice. ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy # Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port. ![]() # This port must be externally reachable. # Replace "TODO1" with a Tor port of your choice. Edit your Tor config file, usually located at /etc/tor/torrc and replace its content with: BridgeRelay 1 If you're running any of them, sudo apt-get install obfs4proxy should work. On Ubuntu, bionic, cosmic, disco, eoan, and focal have the package. Explanation: tor meta, always run latest version of obfs4proxy By default, backports packages are not installed, so to install the latest version of obfs4proxy you need to use the following command sudo apt install -t bullseye-backports obfs4proxy or to pin the package with a config similar to this one that you will place in /etc/apt/preferences.d/obfs4proxy.pref. On Debian, the latest version obfs4proxy package is available in stable-backports. Install TorĮnsure you update the packages database before installing the package, than call apt to install it: # apt update ![]() Note: Ubuntu users need to get Tor from the Tor Project's repository. Please follow those instructions before proceeding. Configure Tor Project's RepositoryĬonfiguring the Tor Project's package repository for Debian/Ubuntu is recommended and documented on Support portal. One of the most important things to keep your relay secure is to install security updates timely and ideally automatically so you can not forget about it.įollow the instructions to enable automatic software updates for your operating system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |