Browse code

streamlined relay instructions for debian/ubuntu

Roger Dingledine authored on 17/11/2012 22:53:35
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,177 @@
1
+## translation metadata
2
+# Revision: $Revision$
3
+# Translation-Priority: 2-medium
4
+
5
+#include "head.wmi" TITLE="Tor Project: Relay Configuration Instructions on Debian/Ubuntu" CHARSET="UTF-8"
6
+<div id="content" class="clearfix">
7
+  <div id="breadcrumbs">
8
+    <a href="<page index>">Home &raquo; </a>
9
+    <a href="<page docs/documentation>">Documentation &raquo; </a>
10
+    <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>
11
+  </div>
12
+  <div id="maincol">
13
+
14
+    <h1>Configuring a Tor relay on Debian/Ubuntu</h1>
15
+
16
+    <hr>
17
+
18
+    <p>
19
+    The Tor network relies on volunteers to donate bandwidth. The more
20
+    people who run relays, the faster the Tor network will be. If you have
21
+    at least 50 kilobytes/s each way, please help out Tor by configuring your
22
+    Tor to be a relay too.
23
+    </p>
24
+
25
+    <hr>
26
+    <a id="zero"></a>
27
+    <a id="install"></a>
28
+    <h2><a class="anchor" href="#install">Step One: Download and Install Tor</a></h2>
29
+    <br>
30
+
31
+    <p>If you're on Debian, you can just "apt-get install tor".</p>
32
+
33
+    <p><b>Do not use the packages in Ubuntu's universe.</b> If you're
34
+    on Ubuntu or if you want to track newer Tor packages, follow the
35
+    <a href="<page docs/debian>#ubuntu">Tor on Ubuntu or Debian</a>
36
+    instructions to use our repository.
37
+    </p>
38
+
39
+    <hr>
40
+    <a id="setup"></a>
41
+    <h2><a class="anchor" href="#setup">Step Two: Set it up as a relay</a></h2>
42
+
43
+    <p>
44
+    1. Make sure your clock, date, and timezone are set correctly. Install
45
+    the ntp or openntpd (or similar) package to keep it that way.
46
+    </p>
47
+
48
+    <p>
49
+    2. Edit the bottom part of <a href="<page
50
+    docs/faq>#torrc">/etc/tor/torrc</a>. Define an ORPort. Note
51
+    that public relays default to being <a href="<page
52
+    docs/faq>#ExitPolicies">exit relays</a> &mdash; either change your
53
+    ExitPolicy line or read our <a
54
+href="https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines">guidelines
55
+    for exit relay operators</a>. Be sure to set your ContactInfo line
56
+    so we can contact you if you need to upgrade or something goes wrong.
57
+    </p>
58
+
59
+    <p>
60
+    3. If you are using a firewall, open a hole in your firewall
61
+    so incoming connections can reach the ports you configured
62
+    (ORPort, plus DirPort if you enabled it). If you have a
63
+    hardware firewall (Linksys box, cablemodem, etc) you might like <a
64
+    href="http://portforward.com/">portforward.com</a>. Also, make sure you
65
+    allow all <em>outgoing</em> connections too, so your relay can reach the
66
+    other Tor relays.
67
+    </p>
68
+
69
+    <p>
70
+    4. Restart your relay: "service tor reload" (as root).
71
+    </p>
72
+
73
+    <hr>
74
+    <a id="check"></a>
75
+    <h2><a class="anchor" href="#check">Step Three: Make sure it is working</a></h2>
76
+    <br>
77
+
78
+    <p>Once your relay connects to the network, it will
79
+    try to determine whether the ports you configured are reachable from
80
+    the outside. This step is usually fast, but it may take a few minutes.
81
+    Look for a <a href="<page docs/faq>#Logs">log entry</a> in your
82
+    /var/log/tor/log like
83
+    <tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>
84
+    If you don't see this message, it means that your relay is not reachable
85
+    from the outside &mdash; you should re-check your firewalls, check that it's
86
+    testing the IP and port you think it should be testing, etc.
87
+    </p>
88
+
89
+    <p>When it decides that it's reachable, it will upload a "server
90
+    descriptor" to the directories, to let clients know
91
+    what address, ports, keys, etc your relay is using. You can <a
92
+    href="https://metrics.torproject.org/relay-search.html">search the
93
+    relay database"</a> to see whether it's there. Note that you'll need
94
+    to wait a few hours to give enough time to propagate.</p>
95
+
96
+    <hr>
97
+    <a id="after"></a>
98
+    <h2><a class="anchor" href="#after">Step Four: Once it is working</a></h2>
99
+    <br>
100
+
101
+    <p>
102
+    5. Read
103
+    <a href="<wiki>doc/OperationalSecurity">about operational security</a>
104
+    to get ideas how you can increase the security of your computer.
105
+    </p>
106
+
107
+    <p>
108
+    6. Decide about rate limiting. Cable modem, DSL, and other users
109
+    who have asymmetric bandwidth (e.g. more down than up) should
110
+    rate limit to their slower bandwidth, to avoid congestion. See the <a
111
+    href="<wikifaq>#LimitBandwidth">rate
112
+    limiting FAQ entry</a> for details.
113
+    </p>
114
+
115
+    <p>
116
+    7. If your computer isn't running a webserver, please consider
117
+    changing your ORPort to 443 and/or your DirPort to 80. Many Tor users
118
+    are stuck behind firewalls that only let them browse the web, and
119
+    this change will let them reach your Tor relay. If you are already
120
+    using ports 80 and 443, other useful ports are 22, 110, and 143.
121
+    </p>
122
+
123
+    <p>
124
+    8. Consider backing up your Tor relay's private key
125
+    ("/var/lib/tor/keys/secret_id_key"). You'll need this identity key to
126
+    <a href="<wikifaq>#UpgradeRelay">move or restore your Tor relay</a>.
127
+    </p>
128
+
129
+    <p>
130
+    9. If you control the name servers for your domain, consider setting your
131
+    reverse DNS hostname to 'anonymous-relay', 'proxy' or 'tor-proxy', so when
132
+    other people see the address in their web logs, they will more quickly
133
+    understand what's going on. Adding the <a
134
+    href="<gitblob>contrib/tor-exit-notice.html">Tor
135
+    exit notice</a> on a vhost for this name can go a long way to deterring abuse
136
+    complaints to you and your ISP if you are running an exit node.
137
+    </p>
138
+
139
+    <p>
140
+    10. Subscribe to the <a
141
+    href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce">tor-announce</a>
142
+    mailing list. It is very low volume, and it will keep you informed
143
+    of new stable releases. You might also consider subscribing to <a
144
+    href="<page docs/documentation>#MailingLists">the higher-volume Tor lists</a>
145
+    too (especially tor-relays).
146
+    </p>
147
+
148
+    <p>
149
+    11. <a href="https://weather.torproject.org/">Tor Weather</a> provides
150
+    an email notification service to any users who want to monitor the
151
+    status of a Tor node. Upon subscribing, you can specify what types of
152
+    alerts you would like to receive. The main purpose of Tor Weather is
153
+    to notify node operators via email if their node is down for longer
154
+    than a specified period, but other notification types are available.
155
+    </p>
156
+
157
+    <p>
158
+    12. If you want to run more than one relay that's great, but please set <a
159
+    href="<page docs/faq>#MultipleRelays">the
160
+    MyFamily option</a> in all your relays' configuration files.
161
+    </p>
162
+
163
+    <hr>
164
+
165
+    <p>If you have suggestions for improving this document, please <a
166
+    href="<page about/contact>">send them to us</a>. Thanks!</p>
167
+  </div>
168
+  <!-- END MAINCOL -->
169
+  <div id = "sidecol">
170
+#include "side.wmi"
171
+#include "info.wmi"
172
+  </div>
173
+  <!-- END SIDECOL -->
174
+</div>
175
+<!-- END CONTENT -->
176
+#include <foot.wmi>
177
+