Or restart it if it was running already, so configurations take effect: # systemctl restart tor.service You can use our reachability test to see if your obfs4 port is reachable from the Internet.Įnable and Start tor: # systemctl enable -now tor.service
If your bridge is behind a firewall or NAT, make sure to open both ports. Note that both Tor's OR port and its obfs4 port must be reachable.To work around systemd hardening, you will also need to set NoNewPrivileges=no in and and then run systemctl daemon-reload. Sudo setcap cap_net_bind_service=+ep /usr/bin/obfs4proxy If you decide to use a fixed obfs4 port smaller than 1024 (for example 80 or 443), you will need to give obfs4 CAP_NET_BIND_SERVICE capabilities to bind the port with a non-root user:.This is optional.ĭon't forget to change the ORPort, ServerTransportListenAddr, ContactInfo, and Nickname options. # Pick a nickname that you like for your bridge. # Replace "" with your email address so we can contact you if there are problems with your bridge. Don't try to set a specific port number, nor listen on 0.0.0.0. # "Ext" means "extended", not "external". # Local communication port between Tor and obfs4. ServerTransportListenAddr obfs4 0.0.0.0:TODO2 # This port must be externally reachable and must be different from the one specified for ORPort. # Replace "TODO2" with an obfs4 port of your choice. ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy # Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port. # This port must be externally reachable.
# Replace "TODO1" with a Tor port of your choice. Edit your Tor config file, usually located at /etc/tor/torrc and replace its content with: BridgeRelay 1 If you're running any of them, sudo apt-get install obfs4proxy should work. On Ubuntu, bionic, cosmic, disco, eoan, and focal have the package. On Debian, the latest version obfs4proxy package is available in stable-backports. Install TorĮnsure you update the packages database before installing the package, than call apt to install it: # apt update Note: Ubuntu users need to get Tor from the Tor Project's repository. Please follow those instructions before proceeding. Configure Tor Project's RepositoryĬonfiguring the Tor Project's package repository for Debian/Ubuntu is recommended and documented on Support portal.
One of the most important things to keep your relay secure is to install security updates timely and ideally automatically so you can not forget about it.įollow the instructions to enable automatic software updates for your operating system.
0 kommentar(er)
