1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
'tor' is an implementation of The Onion Routing system, as
described in a bit more detail at http://www.onion-router.net/. You
can read list archives, and subscribe to the mailing list, at
http://archives.seul.org/or/dev/.
Is your question in the FAQ? Should it be?
**************************************************************************
Quickstart version for users:
0) Download the absolute newest version. No, really.
http://freehaven.net/tor/ (unfortunately they're all unreadable now,
so you must skip this step)
1) tar xvf it, and then cd into the directory.
2) ./configure (or do the two-line version below, if you're on bsd)
3) make
4) cd src/config
5) ../or/tor -f oprc
You don't need to run this as root, and you probably shouldn't.
6) point your browser to socks4 proxy at localhost port 9050. In mozilla,
this is in edit|preferences|advanced|proxies. This allows you to test
to make sure tor is installed correctly.
7) make sure you've set it up correctly: go to
http://www.junkbusters.com/cgi-bin/privacy and see what IP it says
you're coming from. If it works, you should probably go on to step 8,
to get better privacy.
8) Optionally, install privoxy (www.privoxy.org), and add the line
"forward-socks4a / localhost:9050 ." (without the quotes) to its config
file. Then change your mozilla to http proxy at localhost port 8118 (and
no socks proxy). This step will give you good html scrubbing as well.
If this works for you, you can stop reading. Otherwise, below is a more
detailed version.
**************************************************************************
You only need to look beyond this point if the above doesn't work for you.
**************************************************************************
Dependencies:
For tor itself, you're going to need openssl (0.9.5 or later
-- including the dev stuff and includes). If you're on Linux,
everything will probably work fine. OS X and BSD (but see below under
troubleshooting) may work too. Let us know if you get it working
elsewhere.
If you got the source from cvs:
Run "./autogen.sh", which will run the various auto* programs and then
run ./configure for you. From there, start at step 3 in the quickstart
list above.
If the quickstart doesn't work for you:
If you have problems finding libraries, try
CPPFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" \
./configure
rather than simply ./configure.
Check out the list archives at http://archives.seul.org/or/dev/ and see
if somebody else has reported your problem. If not, please subscribe
and let us know what you did to fix it, or give us the details and
we'll see what we can do.
Do you want to run a tor server?
First, set up a config file for your node (start with sample-orrc and
edit the top portion). Then run the node (as above, but with the new
config file) to generate keys. One of the generated files is your
'fingerprint' file. Mail it to arma@mit.edu. Remember that you won't
be able to authenticate to the other tor nodes until I've added you
to the directory.
How to use it for web browsing:
Download privoxy (www.privoxy.org). Install it. Add the following
line to your 'config' file (it might be in /etc/privoxy/config) :
forward-socks4a / localhost:9050 .
Don't forget the . at the end.
From here, you can point your browser/etc to localhost port 8118 (as
an http proxy) and your traffic will go through Privoxy, then through
the onion proxy, to the onion routing network.
You can also ignore the whole privoxy thing and set your Mozilla to
use localhost 9050 directly as a socks4 server. But see doc/CLIENTS
for why this may not give you the anonymity you want.
For more convenient command-line use, I recommend making a ~/.wgetrc
with the line
http_proxy=http://localhost:8118
Then you can do things like "wget seul.org" and watch as it downloads
from the onion routing network.
For fun, you can wget a very large file (a megabyte or more), and
then ^z the wget a little bit in. The onion routers will continue
talking for a while, queueing around 500k in the kernel-level buffers.
When the kernel buffers are full, and the outbuf for the AP connection
also fills, the internal congestion control will kick in and the exit
connection will stop reading from the webserver. The circuit will
wait until you fg the wget -- and other circuits will work just fine
throughout. Then try ^z'ing the onion routers, and watch how well it
recovers. Then try ^z'ing several of them at once. :)
How to use it for ssh:
Download tsocks (tsocks.sourceforge.net) and configure it to talk to
localhost:9050 as a socks4 server. My /etc/tsocks.conf simply has:
server_port = 9050
server = 127.0.0.1
(I had to "cd /usr/lib; ln -s /lib/libtsocks.so" to get the tsocks
library working after install, since my libpath didn't include /lib.)
Then you can do "tsocks ssh arma@moria.mit.edu". But note that since
ssh is suid root, you either need to do this as root, or cp a local
version of ssh that isn't suid.
|