tor-webwml.git

@@ -10,118 +10,7 @@

     <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>

   </div>

   <div id="maincol">

-

-    <h1>Configuring a Tor relay</h1>

-

-    <hr>

-

-    <p>

-    The Tor network relies on volunteers to donate bandwidth. The more

-    people who run relays, the faster the Tor network will be. If you have

-    at least 2 megabits/s for both upload and download, please help out

-    Tor by configuring your Tor to be a relay too.

-    </p>

-

-    <p>You can run a Tor relay on pretty much any operating system. Tor relays

-    work best on current distributions of Linux, FreeBSD, NetBSD, and

-    Windows Server.

-    </p>

-

-    <p>

-    The best approach for most users is to <a href="<page

-    docs/tor-relay-debian>">run your relay on Debian or Ubuntu</a> using

-    the system Tor package — the deb takes care of running Tor as a

-    separate user, making sure it has enough file descriptors available,

-    starting it at boot, and so on. Tor relays also run nicely on other

-    Linux flavors, and on FreeBSD and NetBSD for those who are comfortable

-    with those operating systems.

-    </p>

-

-    <hr>

-    <a id="torrc"></a>

-    <h2><a class="anchor" href="#torrc">Configure Tor by editing the torrc file</a></h2>

-    <br />

-

-    <p>

-    Tor's

-    configuration file is named 'torrc'.</p>

-    <p>Locate the file on your system, open it with a text editor and add the

-    following lines:</p>

-

-    <pre>

-    ORPort 443

-    Exitpolicy reject *:*

-    Nickname ididntedittheconfig

-    ContactInfo human@...

-    </pre>

-

-# TODO: Update link to PT setup docs

-    <p>If you want to be a bridge, read about the BridgeRelay and

-    ServerTransportPlugin values <a

-    href="<page docs/pluggable-transports>">on

-    this page</a>.</p>

-

-    <p>Tor will use all your bandwidth if you don't set limits for it. Some

-    options are described in <a href="<page docs/faq>#LimitTotalBandwidth">these</a>

-    <a href="<page docs/faq>#BandwidthShaping">FAQ entries</a>.</p>

-

-    <p>See the <a href="https://gitweb.torproject.org/tor.git/plain/src/config/torrc.sample.in">sample

-    torrc file</a> and the <a

-    href="<page docs/tor-manual>">man

-    page</a> for other Tor options you may want to set.</p>

-

-    <hr>

-    <a id="check"></a>

-    <h2><a class="anchor" href="#check">Make sure your relay is reachable</a></h2>

-    <br>

-

-    <p>If you are using a firewall, open a hole in your firewall

-    so incoming connections can reach the ports you configured

-    (ORPort, plus DirPort if you enabled it). If you have a

-    hardware firewall (Linksys box, cable modem, etc) you might find <a

-    href="http://portforward.com/">portforward.com</a> useful. Also, make sure you

-    allow all <em>outgoing</em> connections too, so your relay can reach the

-    other Tor relays.

-    </p>

-

-    <p>Restart your relay. If it <a

-    href="<page docs/faq>#Logs">logs

-    any warnings</a>, address them.

-    </p>

-

-    <p>As soon as your relay manages to connect to the network, it will

-    try to determine whether the ports you configured are reachable from

-    the outside. This step is usually fast, but may take up to 20

-    minutes. Look for a <a href="<page docs/faq>#Logs">log entry</a> like

-    <pre>Self-testing indicates your ORPort is reachable from the outside. Excellent.</pre>

-    If you don't see this message, it means that your relay is not reachable

-    from the outside — you should re-check your firewalls, check that it's

-    testing the IP and port you think it should be testing, etc.

-    </p>

-

-    <p>When your relay has decided that it's reachable, it will upload a "server

-    descriptor" to the directories, to let clients know

-    what address, ports, keys, etc your relay is using. You can search <a

-    href="https://atlas.torproject.org/">Atlas</a> or <a

-    href="https://globe.torproject.org/">Globe</a> for

-    the nickname you configured, to make sure it's there. You may need to wait

-    up to one hour for the directories to publish the new server information.</p>

-

-    <hr>

-    <a id="after"></a>

-    <h2><a class="anchor" href="#after">Once your relay is working</a></h2>

-    <br>

-

-    <p>To learn more about the proper care and feeding for your relay,

-    see the advice on the <a href=<page docs/tor-relay-debian>#after>Tor

-    relay on Debian/Ubuntu</a> page.

-    </p>

-

-    <hr>

-

-    <p>If you have suggestions for improving this document, please <a

-    href="<page about/contact>">send them to us</a>. Thanks

-    for helping to make the Tor network grow!</p>

+  The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>.

   </div>

   <!-- END MAINCOL -->

   <div id = "sidecol">

@@ -10,181 +10,7 @@

     <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>

   </div>

   <div id="maincol">

-

-    <h1>Configuring a Tor relay on Debian/Ubuntu</h1>

-

-    <hr>

-

-    <p>

-    The Tor network relies on volunteers to donate bandwidth. The more

-    people who run relays, the faster the Tor network will be. If you have

-    at least 250 kilobytes/s each way, please help out Tor by configuring your

-    Tor to be a relay too.

-    </p>

-

-    <hr>

-    <a id="zero"></a>

-    <a id="install"></a>

-    <h2><a class="anchor" href="#install">Step One: Download and Install Tor</a></h2>

-    <br>

-

-    <p>If you're on Debian, start with "apt install tor".</p>

-

-    <p><b>Do not use the packages in Ubuntu's universe.</b> If you're

-    on Ubuntu or if you want to track newer Tor packages, follow the

-    <a href="<page docs/debian>#ubuntu">Tor on Ubuntu or Debian</a>

-    instructions to use our repository.

-    </p>

-

-    <p>For other Unix/Linux users, you can download Tor from one of our

-    <a href="<page download/download-unix>">repositories</a>.</p>

-

-    <hr>

-    <a id="setup"></a>

-    <h2><a class="anchor" href="#setup">Step Two: Set it up as a relay</a></h2>

-

-    <p>

-    1. Make sure your clock, date, and timezone are set correctly. Install

-    the ntp or openntpd (or similar) package to keep it that way.

-    </p>

-

-    <p>

-    2. Edit the bottom part of <a href="<page

-    docs/faq>#torrc">/etc/tor/torrc</a>. Define an ORPort. <b>Note

-    that public relays default to being <a href="<page

-    docs/faq>#ExitPolicies">exit relays</a></b> &mdash; either change your

-    ExitPolicy line or read our <a

-href="<wiki>/doc/TorExitGuidelines">guidelines

-    for exit relay operators</a>. Be sure to set your ContactInfo line

-    so we can contact you if you need to upgrade or something goes wrong.

-    </p>

-

-    <p>

-    3. If you are using a firewall, open a hole in your firewall

-    so incoming connections can reach the ports you configured

-    (ORPort, plus DirPort if you enabled it). If you have a

-    hardware firewall (Linksys box, cablemodem, etc) you might like <a

-    href="http://portforward.com/">portforward.com</a>. Also, make sure you

-    allow all <em>outgoing</em> connections too, so your relay can reach the

-    other Tor relays.

-    </p>

-

-    <p>

-    4. Restart your relay: "systemctl reload tor" (as root).

-    </p>

-

-    <hr>

-    <a id="check"></a>

-    <h2><a class="anchor" href="#check">Step Three: Make sure it is working</a></h2>

-    <br>

-

-    <p>Once your relay connects to the network, it will

-    try to determine whether the ports you configured are reachable from

-    the outside. This step is usually fast, but it may take a few minutes.

-    Look for a <a href="<page docs/faq>#Logs">log entry</a> in your

-    /var/log/tor/log like

-    <tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>

-    If you don't see this message, it means that your relay is not reachable

-    from the outside — you should re-check your firewalls, check that it's

-    testing the IP and port you think it should be testing, etc.

-    </p>

-

-    <p>When it decides that it's reachable, it will upload a "server

-    descriptor" to the directory authorities, to let clients know

-    what address, ports, keys, etc your relay is using. After a few

-    hours (to give it enough time to propagate), you can query

-    <a href="https://atlas.torproject.org/">Atlas</a> to see whether your

-    relay has successfully registered in the network.</p>

-

-    <hr>

-    <a id="after"></a>

-    <h2><a class="anchor" href="#after">Step Four: Once it is working</a></h2>

-    <br>

-

-    <p>

-    5. Read

-    <a href="<wiki>doc/OperationalSecurity">about operational security</a>

-    to get ideas how you can increase the security of your computer.

-    </p>

-

-    <p>

-    6. Decide about rate limiting. Cable modem, DSL, and other users

-    who have asymmetric bandwidth (e.g. more down than up) should

-    rate limit to their slower bandwidth, to avoid congestion. See the <a

-    href="<page docs/faq>#BandwidthShaping">rate

-    limiting FAQ entry</a> for details.

-    </p>

-

-    <p>

-    7. If your computer isn't running a webserver, and you haven't set

-    AccountingMax, please consider

-    changing your ORPort to 443 and/or your DirPort to 80. Many Tor users

-    are stuck behind firewalls that only let them browse the web, and

-    this change will let them reach your Tor relay. If you are already

-    using ports 80 and 443, other useful ports are 22, 110, and 143.

-    </p>

-

-    <p>

-    8. Consider backing up your Tor relay's private keys

-    ("/var/lib/tor/keys/secret_id_key" and

-    "/var/lib/tor/keys/ed25519_master_id_secret_key").

-    You'll need these identity keys to

-    <a href="<page docs/faq>#UpgradeOrMove">move or restore your Tor relay</a>.

-    </p>

-

-    <p>

-    9. If you run an exit relay (great!), don't miss out on our <a

-    href="<wiki>doc/TorExitGuidelines">Exit Guidelines</a>, including

-    setting your reverse DNS hostname to make it obvious that you're

-    a Tor exit relay, and serving the <a

-    href="<gitblob>contrib/operator-tools/tor-exit-notice.html">Tor

-    exit notice</a> page on your DirPort.

-    </p>

-

-    <p>

-    10. Subscribe to the <a

-    href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce">tor-announce</a>

-    mailing list. It is very low volume, and it will keep you informed

-    of new stable releases.

-    As a relay operator, you should consider subscribing to the

-    <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">

-    tor-relays mailing list</a> too.

-    We have more <a href="<page docs/documentation>#MailingLists">mailing

-    lists</a> as well.

-    </p>

-

-    <p>

-    11. Read the <a 

-    href="https://blog.torproject.org/blog/lifecycle-of-a-new-relay">"Lifecycle 

-    of a New Relay"</a> document to learn what sort of activity and usage 

-    patterns you can expect during your relay's first weeks of operation.

-    </p>

-

-    <p>

-    12. If you want to run more than one relay that's great, but please set <a

-    href="<page docs/faq>#MultipleRelays">the

-    MyFamily option</a> in all your relays' configuration files.

-    </p>

-

-    <p>

-    13. You might like to use the <a

-    href="https://nyx.torproject.org/">Nyx</a> relay monitor to watch

-    your relay's activities from the command line. First, "sudo pip install

-    nyx". Second, as the user that will be running nyx, run

-    "sudo adduser $USER debian-tor" to add your user to the debian-tor

-    group so it can reach Tor's controlsocket. Then log out and log back

-    in (so your user is actually in the group), and run "nyx".

-    </p>

-

-    <p>

-    14. When you change your Tor configuration, remember to verify that

-    your relay still works correctly after the change.

-    </p>

-

-    <hr>

-

-    <p>If you have suggestions for improving this document, please <a

-    href="<page about/contact>">send them to us</a>. Thanks!</p>

+  The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>.

   </div>

   <!-- END MAINCOL -->

   <div id = "sidecol">