I have been playing with this for months. A Linux newbie who has just installed Ubuntu, and wants to have Tor for own secure web browsing with Firefox and make their copy of Tor volunteer as a ‘Bridge’ that (hopefully) helps users in countries that have blocked Tor to access information censored by the state – may find this article helpful.
Read more about the Tor Software and the Tor Network. https://www.torproject.org and https://blog.torproject.org
The official guide for Debian/Ubuntu Linux is already very exhaustive, but I think it would make the Vidalia part easier by also incorporating tips elsewhere. My current versions of softwares involved in this case are:
I already have:
Ubuntu 10.04.1 Lucid Lynx (installed on my hard drive)
I need to install the following in this guide:
The latest stable version of Tor I want to install (0.2.1.26)
TorButton for Firefox
For graphical control, I also need the latest stable version of Vidalia (0.2.9)
Now let’s kick start. (first connect to the internet of course :D )
For Part 1-4 please see official guide for details. I only include brief notes and command line (Terminal) records here.
# 1. Install Tor
# Open Terminal. (Applications –> Accessories –> Terminal OR Ctrl+Alt+T) When you see a prompt like ‘kent@kent-laptop:~$ ’, enter the following command to edit your software sources file which is /etc/apt/sources.list with super user privileges (gksudo) the window-based text editor gedit.
gksudo gedit /etc/apt/sources.list
# For the sake of brevity, commands like this will be shown below as :
kent@kent-laptop:~$ gksudo gedit /etc/apt/sources.list
# where you only type the part after ‘kent@kent-laptop:~$’, and hit enter.
# In the gedit window that comes up, add a new independent line anywhere with this content,
deb http://deb.torproject.org/torproject.org lucid main
# Save and exit
# Back to the Terminal, we want to import a key thing, run command:
kent@kent-laptop:~$ gpg --keyserver keys.gnupg.net --recv 886DDD89
# which returns:
gpg: directory `/home/kent/.gnupg' created
gpg: new configuration file `/home/kent/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/kent/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/kent/.gnupg/secring.gpg' created
gpg: keyring `/home/kent/.gnupg/pubring.gpg' created
gpg: requesting key 886DDD89 from hkp server keys.gnupg.net
gpg: /home/kent/.gnupg/trustdb.gpg: trustdb created
gpg: key 886DDD89: public key "deb.torproject.org archive signing key" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
# we then follow by:
kent@kent-laptop:~$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
# which returns:
OK
# And then,
kent@kent-laptop:~$ sudo apt-get update
# When the list finished generating,
kent@kent-laptop:~$ sudo apt-get install tor tor-geoipdb
# installation will start, ansewer ‘Y’ when prompted. When installation is finished, check whether a tor process is running by looking up its process ID:
kent@kent-laptop:~$ pidof tor
# which should return a 3- or 4-digit number.
# 2. Configure polipo
# Then download https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf to your home folder (‘~’). Let it replace the existing polipo configuration file /etc/polipo/config (There are two consecutive commands here below)
kent@kent-laptop:~$ sudo cp /etc/polipo/config ~/polipo.config.backup
kent@kent-laptop:~$ sudo cp ~/polipo.conf /etc/polipo/config
# Save all your other work and restart:
kent@kent-laptop:~$ sudo shutdown -r now
# After this reboot, check that tor is running:
kent@kent-laptop:~$ pidof tor
# (which returns)
xxxx
(a 3- or 4-digit number)
# 3. Edit configuration file torrc
# The following should deviate a bit from the official guide, making the use of Vidalia easier. Back in the Terminal, we want to create a password Vidalia can access Tor by:
kent@kent-laptop:~$ tor --hash-password kingdom
# replace ‘kingdom’ with another password strong enough that you can think of (which returns)
Aug 22 02:26:57.858 [notice] Tor v0.2.1.26. This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
16:050611BAD67BDEAA6059CF0F8290E0A0BD9E2E8C12E3203F6888CB1546
## Copy and paste this long string after ‘16:’ to somewhere we can access later
###(Note: the following command-line record follows the above format, with comments and explanations which are only for you to read and should not be typed in, marked by ‘#’s at the beginning)
# edit the Tor configuration file torrc
kent@kent-laptop:~$ gksudo gedit /etc/tor/torrc
## In the gedit windows that pops up, we can do the make work of making tor work the way that suit our own needs. First we want to apply that hash password with a long string that we just find and Uncomment (remove the '#' before) the line 'ControlPort 9051'
## Two lines below, uncomment 'HashedControlPassword 16:EAA005966CF7BDF8290BAD0E0A0BD9E12E3203F6885061546112E8C8CB (or whatever this long string happens to be)'; replace EAA005966CF7BDF8290BAD0E0A0BD9E12E3203F6885061546112E8C8CB with 050611BAD67BDEAA6059CF0F8290E0A0BD9E2E8C12E3203F6888CB1546 (make sure this is pasted from the actual hashed password generated just now by the previous command ‘tor --hash-password ’)
## Under 'This section is just for relays, uncomment line 'ORPort 9001'; replace 9001 with 443
## Uncomment line 'ContactInfo Random Person <nobody AT example dot com>'; replace email address with your email address, leave ‘AT’ and ‘dot’ as they are
## At the end of file, uncomment line 'BridgeRelay 1' and 'ExitPolicy reject *:*'
## Save and exit
# 4. Check that configuration is correct
kent@kent-laptop:~$ tor --verify-config
Aug 22 02:45:05.237 [notice] Tor v0.2.1.26. This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
Aug 22 02:45:05.239 [notice] Choosing default nickname 'kentlaptop'
Configuration was valid
## Save your work and restart
kent@kent-laptop:~$ sudo shutdown -r now
...
# 5. Install TorButton
## Install TorButton in Firefox by googling... When done, apply tor in Firefox. Open https://check.torproject.org to make sure it is working.
# 6. Install Vidalia
kent@kent-laptop:~$ sudo apt-get install vidalia
...
## When seeing a pop-up blue-in-colour text interface asking 'Let Vidalia start Tor after stopping existing Tor process:', Choose 'No'
...
## installation should go on for a while. When finished, go to 'Applications -> Internet -> Vidalia'; in the upcoming 'Password Required' dialog box, type 'kingdom' (or the password you choose if you chose one), tick 'Remember my password', then 'OK'
## The Vidalia main panel should show that Tor is running now. :) Click ‘Message Log’ in the main panel, it should show whether you are connected to the Tor network at least as a client, and whether your relay (as a bridge or public node) is working (‘port reachability test successful/failed’).
Finally,
By all this we will have Tor as a process running in the background whenever your computer starts, Vidalia as a graphical control interface whenever we launch it ‘attached’ to this existing process. This bit of information comes from: https://trac.vidalia-project.net/wiki/FAQ#ExistingTor
Also because we chose to be a tor Bridge relay, a very small volume of encrypted traffic must be handled by your computer and internet connection when your Bridge is used by someone. Unlike being a puclic exit node, this will not get you into trouble by making you the source of abuse or spam messages. If you still don’t want to be a bridge relay, edit /etc/tor/torrc file, and put a # mark before the line ‘BridgeRelay 1’ near the end of the file.
## Please note, that if you are behind a router sharing an internet connection with several others, chances are your relay (Bridge/Public) will not work in the first instance. Ask the person who have access to the router setting (which is usually with the LAN IP of ‘192.168.1.1’ or ‘10.0.0.1’) to set Port Forwarding properly for you, provided you are the only person that run tor behind this router. Forward your relay port 443 or 9001 to the internal IP that your computer is currently allocated, e.g. ‘192.168.1.x’.
Try restart Tor or computer. Hopefully your relay will work. If not, it might help talking to you ISP.
The client function that enables anonymous browsing would usually work better anyway.
