make the obfsproxy bridge debian instructions more likely to work (766698032)

projects/en/obfsproxy-debian-instructions.wml

@@ -2,7 +2,7 @@
 # Revision: $Revision$
 # Translation-Priority: 4-optional
 
-#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8"
+#include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"
 
 <div id="content" class="clearfix">
   <div id="breadcrumbs">
@@ -14,7 +14,7 @@
 
     <!-- PUT CONTENT AFTER THIS TAG -->
 
-    <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1>
+    <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>
 
     <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
 
@@ -22,57 +22,47 @@
     This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.
     </p>
 
-    <h3>Step 0: Add Tor repositories to APT</h3>
+    <h3>Step 0: Move to the development version of Tor</h3>
     <br>
 
     <p>
-    You need
-    to <a href="https://www.torproject.org/docs/debian#development">install
-    the experimental official Tor Project APT repositories</a>,
-    because a fresh version of Tor (0.2.4.x) is required (Older
-    versions of Tor don't report their bridge addresses to BridgeDB).
+    Add the <a href="<page docs/debian>#development">development Tor
+    APT repository</a> and run the specified commands to install tor
+    and deb.torproject.org-keyring. You need Tor 0.2.4.x Tor because
+    it knows how to automatically report your obfsproxy address to <a
+    href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
     </p>
 
-    <h3>Step 1: Install Tor and obfsproxy</h3>
+    <h3>Step 1: Install obfsproxy</h3>
     <br>
 
-    <p>
-    Now install tor and obfsproxy:
-    </p>
-
     <pre style="margin: 1.5em 0 1.5em 2em">
-\# apt-get update
-\# apt-get install obfsproxy tor
+\# apt-get install obfsproxy
     </pre>
 
     <p>
-      Note that obfsproxy requires
-    libevent2 and your distribution (e.g. Debian stable) might not
-    have it in its repos.  You can
-    <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try
-    our experimental backport libevent2 debs</a>,
-    or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build
-    libevent2 from source</a>.
+    Obfsproxy requires libevent2. If your distribution (e.g. Debian
+    squeeze) doesn't include it, you can get it from the <a
+    href="http://packages.debian.org/search?keywords=libevent-2.0-5">backports</a>
+    repository.
     </p>
 
-    <h3>Step 2: Set up Tor</h3>
+    <h3>Step 2: Configure Tor</h3>
     <br>
 
     <p>
-    You will need an appropriate
-    Tor <a href="<page docs/faq>#torrc">configuration file</a>
-    (usually at <i>/etc/tor/torrc</i>):
+    Edit your <i>/etc/tor/torrc</i> to add:
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 SocksPort 0
-ORPort auto
+ORPort 443 # or some other port if you already run a webserver/skype
 BridgeRelay 1
 Exitpolicy reject *:*
 
-\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like.
+\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like
 Nickname CHANGEME_1
-\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example.
+\## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
 \#ContactInfo CHANGEME_2
 
 ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
@@ -82,11 +72,12 @@ ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
     Don't forget to edit the <i>CHANGEME</i> fields!
     </p>
 
-    <h3>Step 3: Launch Tor and verify that it works</h3>
+    <h3>Step 3: Launch Tor and verify that it bootstraps</h3>
     <br>
 
     <p>
-    Restart Tor for the the new configuration file to be in effect:
+    Restart Tor to use the new configuration file.
+    (Preface with sudo if needed.)
     </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
@@ -112,10 +103,16 @@ Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done.
     100%.
     </p>
 
+    <h3>Step 4: Set up port forwarding if needed</h3>
+    <br>
+
     <p>
-    Now you need to find the address on which obfsproxy is
-    listening. To do this, check your Tor logs for a line similar to
-    this one:
+    If you're behind a NAT/firewall, you'll need to make your bridge
+    reachable from the outside world &mdash; both on the ORPort and
+    the obfsproxy port. The ORPort is whatever you defined in step two
+    above. To find your obfsproxy port, check your Tor logs for a line
+    similar to this one:
+    </p>
 
     <pre style="margin: 1.5em 0 1.5em 2em">
 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
@@ -123,17 +120,9 @@ Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:268
 
     <p>
     The last number, in this case <i>26821</i>, is the TCP port number
-    that your clients should point their obfsproxy to. So for example,
-    if your public IP is 1.2.3.4, your clients should put <i>Bridge
-    obfs2 1.2.3.4:26821</i> in their configuration file.
-    </pre>
-    </p>
-
-    <p>
-    <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
-    <b>Don't forget!</b> If you are behind a NAT, you should <b>port
-    forward</b> the port that obfsproxy is listening on. In the
-    example above you would have to forward port <i>26821</i>.
+    that you need to forward through your firewall. (This port is randomly
+    chosen the first time Tor starts, but Tor will cache and reuse the
+    same number in future runs.)
     </p>
 
   </div>


...	...	@@ -2,7 +2,7 @@
2	2	# Revision: $Revision$
3	3	# Translation-Priority: 4-optional
4	4
5		-#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8"
	5	+#include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"
6	6
7	7	<div id="content" class="clearfix">
8	8	<div id="breadcrumbs">
...	...	@@ -14,7 +14,7 @@
14	14
15	15	<!-- PUT CONTENT AFTER THIS TAG -->
16	16
17		- <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1>
	17	+ <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>
18	18
19	19	<img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
20	20
...	...	@@ -22,57 +22,47 @@
22	22	This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.
23	23	</p>
24	24
25		- <h3>Step 0: Add Tor repositories to APT</h3>
	25	+ <h3>Step 0: Move to the development version of Tor</h3>
26	26	<br>
27	27
28	28	<p>
29		- You need
30		- to <a href="https://www.torproject.org/docs/debian#development">install
31		- the experimental official Tor Project APT repositories</a>,
32		- because a fresh version of Tor (0.2.4.x) is required (Older
33		- versions of Tor don't report their bridge addresses to BridgeDB).
	29	+ Add the <a href="<page docs/debian>#development">development Tor
	30	+ APT repository</a> and run the specified commands to install tor
	31	+ and deb.torproject.org-keyring. You need Tor 0.2.4.x Tor because
	32	+ it knows how to automatically report your obfsproxy address to <a
	33	+ href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
34	34	</p>
35	35
36		- <h3>Step 1: Install Tor and obfsproxy</h3>
	36	+ <h3>Step 1: Install obfsproxy</h3>
37	37	<br>
38	38
39		- <p>
40		- Now install tor and obfsproxy:
41		- </p>
42		-
43	39	<pre style="margin: 1.5em 0 1.5em 2em">
44		-\# apt-get update
45		-\# apt-get install obfsproxy tor
	40	+\# apt-get install obfsproxy
46	41	</pre>
47	42
48	43	<p>
49		- Note that obfsproxy requires
50		- libevent2 and your distribution (e.g. Debian stable) might not
51		- have it in its repos. You can
52		- <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try
53		- our experimental backport libevent2 debs</a>,
54		- or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build
55		- libevent2 from source</a>.
	44	+ Obfsproxy requires libevent2. If your distribution (e.g. Debian
	45	+ squeeze) doesn't include it, you can get it from the <a
	46	+ href="http://packages.debian.org/search?keywords=libevent-2.0-5">backports</a>
	47	+ repository.
56	48	</p>
57	49
58		- <h3>Step 2: Set up Tor</h3>
	50	+ <h3>Step 2: Configure Tor</h3>
59	51	<br>
60	52
61	53	<p>
62		- You will need an appropriate
63		- Tor <a href="<page docs/faq>#torrc">configuration file</a>
64		- (usually at <i>/etc/tor/torrc</i>):
	54	+ Edit your <i>/etc/tor/torrc</i> to add:
65	55	</p>
66	56
67	57	<pre style="margin: 1.5em 0 1.5em 2em">
68	58	SocksPort 0
69		-ORPort auto
	59	+ORPort 443 # or some other port if you already run a webserver/skype
70	60	BridgeRelay 1
71	61	Exitpolicy reject :
72	62
73		-\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like.
	63	+\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like
74	64	Nickname CHANGEME_1
75		-\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example.
	65	+\## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
76	66	\#ContactInfo CHANGEME_2
77	67
78	68	ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
...	...	@@ -82,11 +72,12 @@ ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
82	72	Don't forget to edit the <i>CHANGEME</i> fields!
83	73	</p>
84	74
85		- <h3>Step 3: Launch Tor and verify that it works</h3>
	75	+ <h3>Step 3: Launch Tor and verify that it bootstraps</h3>
86	76	<br>
87	77
88	78	<p>
89		- Restart Tor for the the new configuration file to be in effect:
	79	+ Restart Tor to use the new configuration file.
	80	+ (Preface with sudo if needed.)
90	81	</p>
91	82
92	83	<pre style="margin: 1.5em 0 1.5em 2em">
...	...	@@ -112,10 +103,16 @@ Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done.
112	103	100%.
113	104	</p>
114	105
	106	+ <h3>Step 4: Set up port forwarding if needed</h3>
	107	+ <br>
	108	+
115	109	<p>
116		- Now you need to find the address on which obfsproxy is
117		- listening. To do this, check your Tor logs for a line similar to
118		- this one:
	110	+ If you're behind a NAT/firewall, you'll need to make your bridge
	111	+ reachable from the outside world — both on the ORPort and
	112	+ the obfsproxy port. The ORPort is whatever you defined in step two
	113	+ above. To find your obfsproxy port, check your Tor logs for a line
	114	+ similar to this one:
	115	+ </p>
119	116
120	117	<pre style="margin: 1.5em 0 1.5em 2em">
121	118	Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
...	...	@@ -123,17 +120,9 @@ Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:268
123	120
124	121	<p>
125	122	The last number, in this case <i>26821</i>, is the TCP port number
126		- that your clients should point their obfsproxy to. So for example,
127		- if your public IP is 1.2.3.4, your clients should put <i>Bridge
128		- obfs2 1.2.3.4:26821</i> in their configuration file.
129		- </pre>
130		- </p>
131		-
132		- <p>
133		- <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
134		- <b>Don't forget!</b> If you are behind a NAT, you should <b>port
135		- forward</b> the port that obfsproxy is listening on. In the
136		- example above you would have to forward port <i>26821</i>.
	123	+ that you need to forward through your firewall. (This port is randomly
	124	+ chosen the first time Tor starts, but Tor will cache and reuse the
	125	+ same number in future runs.)
137	126	</p>
138	127
139	128	</div>
140	129

tor-webwml.git