projects/en/obfsproxy-debian-instructions.wml
7d4caa99
 ## translation metadata
 # Revision: $Revision$
 # Translation-Priority: 4-optional
 
76669803
 #include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"
7d4caa99
 
 <div id="content" class="clearfix">
   <div id="breadcrumbs">
     <a href="<page index>">Home &raquo; </a>
     <a href="<page projects/projects>">Projects &raquo; </a>
     <a href="<page projects/obfsproxy>">obfsproxy</a>
   </div>
   <div id="maincol">
 
     <!-- PUT CONTENT AFTER THIS TAG -->
 
76669803
     <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>
7d4caa99
 
     <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
 
     <p>
59ada101
     <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
     <b> Hey! </b>
     If you are <b>not</b> using Debian or Ubuntu, you better look
d301eeee
     <a href="<page projects/obfsproxy-instructions>">at this other guide</a>
59ada101
     which sets up Obfsproxy from source.
     </p>
     <br><br>
 
 
     <p>
       This is a <b>Debian/Ubuntu</b> guide for installing the Python
92709113
       version of obfsproxy. If you are still using the C version, we
59ada101
       recommend you to upgrade to the Python version!
7d4caa99
     </p>
 
15e8cfbf
     <h3>Step 0: Install a recent version of Tor (>= 0.2.4.1)</h3>
7d4caa99
     <br>
 
     <p>
15e8cfbf
     Add the <a href="<page docs/debian>#ubuntu">official Tor
59ada101
     APT repository</a> and run the specified commands to install <code>tor</code>
     and <code>deb.torproject.org-keyring</code>. You need <em>Tor 0.2.4.x</em> because
76669803
     it knows how to automatically report your obfsproxy address to <a
     href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
7d4caa99
     </p>
 
76669803
     <h3>Step 1: Install obfsproxy</h3>
eef87f7d
     <br>
 
     <p>
     Since you installed the Tor APT repository, installing obfsproxy is now a matter of running a command:
     </p>
7d4caa99
 
     <pre style="margin: 1.5em 0 1.5em 2em">
76669803
 \# apt-get install obfsproxy
7d4caa99
     </pre>
 
76669803
     <h3>Step 2: Configure Tor</h3>
7d4caa99
     <br>
 
     <p>
76669803
     Edit your <i>/etc/tor/torrc</i> to add:
7d4caa99
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 SocksPort 0
76669803
 ORPort 443 # or some other port if you already run a webserver/skype
7d4caa99
 BridgeRelay 1
 Exitpolicy reject *:*
 
76669803
 \## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like
eb590f09
 \#Nickname CHANGEME_1
76669803
 \## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
7d4caa99
 \#ContactInfo CHANGEME_2
 
5271d888
 ServerTransportPlugin obfs3 exec /usr/bin/obfsproxy managed
7d4caa99
     </pre>
 
     <p>
eb590f09
     Don't forget to uncomment and edit the <i>CHANGEME</i> fields!
7d4caa99
     </p>
 
76669803
     <h3>Step 3: Launch Tor and verify that it bootstraps</h3>
7d4caa99
     <br>
 
     <p>
76669803
     Restart Tor to use the new configuration file.
     (Preface with sudo if needed.)
7d4caa99
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
59ada101
 \# service tor restart
7d4caa99
     </pre>
 
     <p>
     Now check <i>/var/log/tor/log</i> and you should see something
     like this:
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 Nov 05 16:40:45.000 [notice] We now have enough directory information to build circuits.
 Nov 05 16:40:45.000 [notice] Bootstrapped 80%: Connecting to the Tor network.
 Nov 05 16:40:46.000 [notice] Bootstrapped 85%: Finishing handshake with first hop.
 Nov 05 16:40:46.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.
 Nov 05 16:40:48.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
 Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done.
     </pre>
 
     <p>
eb590f09
     If Tor is earlier in the bootstrapping phase, wait until it gets to
7d4caa99
     100%.
     </p>
 
76669803
     <h3>Step 4: Set up port forwarding if needed</h3>
     <br>
 
7d4caa99
     <p>
76669803
     If you're behind a NAT/firewall, you'll need to make your bridge
     reachable from the outside world &mdash; both on the ORPort and
59ada101
     the obfsproxy ports. The ORPort is whatever you defined in step two
     above. To find your obfsproxy ports, check your Tor logs for a line
76669803
     similar to this one:
     </p>
7d4caa99
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
59ada101
 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs3' at '0.0.0.0:42000
7d4caa99
     </pre>
 
     <p>
59ada101
     The last number in each line, in this case <i>26821</i> and
     <i>42000</i>, is the TCP port number that you need to forward
     through your firewall. (The ports are randomly chosen the first
     time Tor starts, but Tor will cache and reuse the same number in
     future runs.) If you want to change the number, use Tor
     0.2.4.7-alpha or later, and set something similar to
     "ServerTransportListenAddr obfs2 0.0.0.0:26821" in your torrc.
7d4caa99
     </p>
 
   </div>
   <!-- END MAINCOL -->
   <div id = "sidecol">
 #include "side.wmi"
 #include "info.wmi"
   </div>
   <!-- END SIDECOL -->
 </div>
 <!-- END CONTENT -->
 #include <foot.wmi>