- #TOR BRIDGE RELAY SETUP HOW TO#
- #TOR BRIDGE RELAY SETUP INSTALL#
- #TOR BRIDGE RELAY SETUP UPDATE#
- #TOR BRIDGE RELAY SETUP PC#
ServerTransportListenAddr obfs4 0.0.0.0:443 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
Also replace PonteVecchio with your choice for a bridge nickname. You must replace with your actual email address. Replace port 443 with your choice of port number for incoming obfuscated connections. Since it should be redundant with setting BridgeRelay 1. The line ExitPolicy reject *:* is an optional safeguard,. While preventing BridgeDB from giving out the bridge. That will make your bridge publish its statistics in the metrics dataset We specify PublishServerDescriptor 0 in the sample configuration file below,īut you can alternatively specify BridgeDistribution none. Although the ORPort is set to the default of 9001, that port is not open in the firewall,Īnd so the server is not open to probing. Press the keys dG on your computer keyboard to delete the existing lines. Configure TorĮdit the Tor configuration file: sudo vi /etc/tor/torrc Then run: sudo systemctl daemon-reload 4. Use the x key three times to delete three characters.Ĭhange the line to read: NoNewPrivileges=noĮdit the service file: sudo vi it says NoNewPrivileges=yes, repeat the process to change it to read: NoNewPrivileges=no Press the w key twice to go forward to the word yes. Use the down arrow key to reach the line that says NoNewPrivileges=yes. Is still outstanding, you must also amend two Systemd service files as follows.Įdit the default service file: sudo vi the Page Down key on your keyboard. #TOR BRIDGE RELAY SETUP INSTALL#
Install the package for obfs4: sudo apt install obfs4proxyĪllow obfs4proxy to bind to privileged ports: sudo setcap cap_net_bind_service=+ep /usr/bin/obfs4proxy Install Tor and the Tor Debian keyring from the Tor project repository: sudo apt install tor -keyring 3.
#TOR BRIDGE RELAY SETUP UPDATE#
Update your package lists: sudo apt update sudo apt install gpgĪ3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg -import You can, if you wish, omit the escape characterĪnd enter the commands as a single line. The escape character (backslash) appears in the commands below to escape a line break. To write the file to disk and quit the editor.Īdd the GNU Privacy Guard (GPG) key used to sign the Tor packages. Press the Esc key on your computer keyboard to escape from insert mode. Press Shift+ g to navigate to the bottom of the file.Īdd lines at the bottom for the Tor project repositories: deb buster main Install the prerequisite package: sudo apt install apt-transport-httpsĪdd the Tor repositories to your Advanced Packaging Tool (APT) sources list: sudo vi /etc/apt/sources.list Save these rules so that they persist across reboots: sudo su -c 'nft list ruleset > /etc/nf' 2. Sudo nft add rule inet filter input tcp dport 443 counter acceptĭrop any unexpected traffic: sudo nft add rule inet filter input counter drop
Ip saddr YOUR.PC.IP.ADDRESS counter accept Sudo nft add rule inet filter input tcp dport 22 \
Sudo nft add rule inet filter input iif lo counter accept Sudo nft add rule inet filter input ct state related,established \ You can, if you wish, omit the escape character
The escape character (backslash) appears in the commands below to escape a line break. 
This is to prevent the server from responding to scans for Tor relays, pending the completion of
Note that the firewall is not opened for general Tor traffic on the ORPort. Also replace the choice of port to reach the obfs4 bridge, which in our example below was chosen to be port 443,. (or a range of IP addresses, such as YOUR.PC.0.0/16, if your IP address changes from time to time but always falls within a range). #TOR BRIDGE RELAY SETUP PC#
For SSH on port 22, replace YOUR.PC.IP.ADDRESS with your actual PC IP address. Then install Nftables to implement your server’s firewall: sudo apt install nftables Install FirewallĪfter you first create your server, update all the existing packages: sudo apt update To create a private obfs4 bridge, you will need a virtual private server (VPS) running Debian 10. #TOR BRIDGE RELAY SETUP HOW TO#
Create Tor Private Obfs4 Bridges How to Create Tor Private Obfs4 Bridges
0 kommentar(er)
