tor-webwml.git

1) ## translation metadata
2) # Revision: $Revision$
3) 

4) #include "head.wmi" TITLE="Server Configuration Instructions"

5) 
6) <div class="center">
7) 
8) <div class="main-column">
9) 
10) <h1>Configuring a <a href="<page index>">Tor</a> server</h1>
11) <br />
12) 
13) <p>
14) The Tor network relies on volunteers to donate bandwidth. The more
15) people who run servers, the faster the Tor network will be. If you have
16) at least 20 kilobytes/s each way, please help out Tor by configuring your
17) Tor to be a server too. We have many features that make Tor servers easy
18) and convenient, including rate limiting for bandwidth, exit policies so
19) you can limit your exposure to abuse complaints, and support for dynamic
20) IP addresses.</p>
21) 
22) <p>Having servers in many different places on the Internet is what
23) makes Tor users secure. <a
24) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerAnonymity">You
25) may also get stronger anonymity yourself</a>,
26) since remote sites can't know whether connections originated at your
27) computer or were relayed from others.</p>
28) 
29) <p>Setting up a Tor server is easy and convenient:
30) <ul>
31) <li>Tor has built-in support for <a
32) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate
33) limiting</a>. Further, if you have a fast link
34) but want to limit the number of bytes per day
35) (or week or month) that you donate, check out the <a
36) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Hibernation">hibernation
37) feature</a>.
38) </li>
39) <li>Each Tor server has an <a
40) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#RunAServerBut">exit
41) policy</a> that specifies what sort of outbound connections are allowed
42) or refused from that server. If you are uncomfortable allowing people
43) to exit from your server, you can set it up to only allow connections
44) to other Tor servers.
45) </li>
46) <li>It's fine if the server goes offline sometimes. The directories
47) notice this quickly and stop advertising the server. Just try to make
48) sure it's not too often, since connections using the server when it
49) disconnects will break.
50) </li>
51) <li>We can handle servers with dynamic IPs just fine, as long as the
52) server itself knows its IP. Have a look at this
53) <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#DynamicIP">
54) entry in the FAQ</a>.
55) </li>
56) <li>If your server is behind a NAT and it doesn't know its public
57) IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port
58) forwarding. Forwarding TCP connections is system dependent but <a
59) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerForFirewalledCli
60) ents">this FAQ entry</a> offers some examples on how to do this.
61) </li>
62) <li>Your server will passively estimate and advertise its recent
63) bandwidth capacity, so high-bandwidth servers will attract more users than
64) low-bandwidth ones. Therefore having low-bandwidth servers is useful too.
65) </li>
66) </ul>
67) 
68) <p>You can run a Tor server on
69) pretty much any operating system, but see <a
70) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerOS">this
71) FAQ entry</a> for advice about which ones work best and other problems
72) you might encounter.</p>
73) 
74) <hr />
75) <a id="zero"></a>
76) <h2><a class="anchor" href="#zero">Step Zero: Download and Install Tor</a></h2>
77) <br />
78) 
79) <p>Before you start, you need to make sure that Tor is up and running.
80) </p>
81) 
82) <p>For Windows users, this means at least <a

83) href="<page docs/tor-doc-win32>#installing">step one</a>

84) of the Windows Tor installation howto. Mac OS X users need to do at least

85) <a href="<page docs/tor-doc-osx>#installing">step one</a>

86) of OS X Tor installation howto.  Linux/BSD/Unix users should do at least

87) <a href="<page docs/tor-doc-unix>#installing">step one</a>

88) of the Unix Tor installation howto.
89) </p>
90) 
91) <p>If it's convenient, you might also want to use it as a client for a
92) while to make sure it's actually working.</p>
93) 
94) <hr />
95) <a id="one"></a>
96) <h2><a class="anchor" href="#one">Step One: Set it up as a server</a></h2>
97) <br />
98) 
99) <p>
100) 1. Verify that your clock is set correctly. If possible, synchronize
101) your clock with public time servers. 
102) </p>
103) 
104) <p>
105) 2. Make sure name resolution works (that is, your computer can resolve addresses correctly).
106) </p>
107) 
108) <p>
109) 3. Edit the bottom part of your torrc. (See <a
110) href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#torrc">this
111) FAQ entry</a> for help.)
112) Make sure to define at least Nickname and ORPort. Create the DataDirectory
113) if necessary, and make sure it's owned by the user that will be running
114) tor. <em>If you want to run more than one server that's great, but
115) please set <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#MultipleServers">the
116) MyFamily option</a> in all your servers' configuration files.</em>
117) </p>
118) 
119) <p>
120) 4. If you are using a firewall, open a hole in your firewall so
121) incoming connections can reach the ports you configured (ORPort, plus
122) DirPort if you enabled it). Make sure you allow all outgoing connections,
123) so your server can reach the other Tor servers.
124) </p>
125) 
126) <p>
127) 5. Start your server: if you installed from source you can just
128) run <tt>tor</tt>, whereas packages typically launch Tor from their

129) initscripts or startup scripts. If it logs any
130) warnings, address them. (By default Tor logs to stdout,
131) but some packages log to <tt>/var/log/tor/</tt> or <a
132) href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Logs">other
133) locations</a>. You can edit your torrc to configure log locations.)