Roger Dingledine commited on 2006-06-02 04:58:24
Zeige 1 geänderte Dateien mit 52 Einfügungen und 48 Löschungen.
also, teach arma to count in a monotonically increasing way. (well, almost)
... | ... |
@@ -92,8 +92,8 @@ of the Unix Tor installation howto. |
92 | 92 |
while to make sure it's actually working.</p> |
93 | 93 |
|
94 | 94 |
<hr /> |
95 |
-<a id="one"></a> |
|
96 |
-<h2><a class="anchor" href="#one">Step One: Set it up as a server</a></h2> |
|
95 |
+<a id="setup"></a> |
|
96 |
+<h2><a class="anchor" href="#setup">Step One: Set it up as a server</a></h2> |
|
97 | 97 |
<br /> |
98 | 98 |
|
99 | 99 |
<p> |
... | ... |
@@ -102,7 +102,8 @@ your clock with public time servers. |
102 | 102 |
</p> |
103 | 103 |
|
104 | 104 |
<p> |
105 |
-2. Make sure name resolution works (that is, your computer can resolve addresses correctly). |
|
105 |
+2. Make sure name resolution works (that is, your computer can resolve |
|
106 |
+Internet addresses correctly). |
|
106 | 107 |
</p> |
107 | 108 |
|
108 | 109 |
<p> |
... | ... |
@@ -151,13 +152,9 @@ If you are running the development version of Tor the manual is available |
151 | 152 |
<a href="<page tor-manual-cvs>">here</a>. |
152 | 153 |
</p> |
153 | 154 |
|
154 |
-<p> |
|
155 |
-8. Read |
|
156 |
-<a href="http://wiki.noreply.org/noreply/TheOnionRouter/OperationalSecurity">this document</a> |
|
157 |
-to get ideas how you can increase the security of your server. |
|
158 | 155 |
<hr /> |
159 |
-<a id="two"></a> |
|
160 |
-<h2><a class="anchor" href="#two">Step Two: Make sure it's working</a></h2> |
|
156 |
+<a id="check"></a> |
|
157 |
+<h2><a class="anchor" href="#check">Step Two: Make sure it's working</a></h2> |
|
161 | 158 |
<br /> |
162 | 159 |
|
163 | 160 |
<p>As soon as your server manages to connect to the network, it will |
... | ... |
@@ -179,46 +176,22 @@ there. You may need to wait a few seconds to give enough time for it to |
179 | 176 |
make a fresh directory.</p> |
180 | 177 |
|
181 | 178 |
<hr /> |
182 |
-<a id="three"></a> |
|
183 |
-<h2><a class="anchor" href="#three">Step Three: Register your nickname</a></h2> |
|
179 |
+<a id="after"></a> |
|
180 |
+<h2><a class="anchor" href="#after">Step Three: Once it's working</a></h2> |
|
184 | 181 |
<br /> |
185 | 182 |
|
186 | 183 |
<p> |
187 |
-Once you are convinced it's working (after a day or two maybe), you should |
|
188 |
-register your server. |
|
189 |
-This reserves your nickname so nobody else can take it, and lets us |
|
190 |
-contact you if you need to upgrade or something goes wrong. |
|
191 |
-</p> |
|
192 |
- |
|
193 |
-<p> |
|
194 |
-Send mail to <a |
|
195 |
-href="mailto:tor-ops@freehaven.net">tor-ops@freehaven.net</a> with a |
|
196 |
-subject of '[New Server] <your server's nickname>' and |
|
197 |
-include the following information in the message: |
|
184 |
+We recommend the following steps as well: |
|
198 | 185 |
</p> |
199 |
-<ul> |
|
200 |
-<li>Your server's nickname</li> |
|
201 |
-<li>The fingerprint for your server's key (the contents of the |
|
202 |
-"fingerprint" file in your DataDirectory — on Windows, look in |
|
203 |
-\<i>username</i>\Application Data\tor\ or \Application Data\tor\; |
|
204 |
-on OS X, look in /Library/Tor/var/lib/tor/; and on Linux/BSD/Unix, |
|
205 |
-look in /var/lib/tor or ~/.tor) |
|
206 |
-</li> |
|
207 |
-<li>Who you are, so we know whom to contact if a problem arises</li> |
|
208 |
-<li>What kind of connectivity the new server will have</li> |
|
209 |
-</ul> |
|
210 |
- |
|
211 |
-<hr /> |
|
212 |
-<a id="four"></a> |
|
213 |
-<h2><a class="anchor" href="#four">Step Four: Once it's working</a></h2> |
|
214 |
-<br /> |
|
215 | 186 |
|
216 | 187 |
<p> |
217 |
-We recommend the following steps as well: |
|
188 |
+8. Read |
|
189 |
+<a href="http://wiki.noreply.org/noreply/TheOnionRouter/OperationalSecurity">this document</a> |
|
190 |
+to get ideas how you can increase the security of your server. |
|
218 | 191 |
</p> |
219 | 192 |
|
220 | 193 |
<p> |
221 |
-6. Decide what exit policy you want. By default your server allows |
|
194 |
+9. Decide what exit policy you want. By default your server allows |
|
222 | 195 |
access to many popular services, but we restrict some (such as port 25) |
223 | 196 |
due to abuse potential. You might want an exit policy that is |
224 | 197 |
less restrictive or more restrictive; edit your torrc appropriately. |
... | ... |
@@ -230,7 +203,7 @@ sure your ISP is ok with that choice. |
230 | 203 |
</p> |
231 | 204 |
|
232 | 205 |
<p> |
233 |
-7. Decide about rate limiting. Cable modem, DSL, and other users |
|
206 |
+10. Decide about rate limiting. Cable modem, DSL, and other users |
|
234 | 207 |
who have asymmetric bandwidth (e.g. more down than up) should |
235 | 208 |
rate limit to their slower bandwidth, to avoid congestion. See the <a |
236 | 209 |
href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#LimitBandwidth">rate |
... | ... |
@@ -238,7 +211,7 @@ limiting FAQ entry</a> for details. |
238 | 211 |
</p> |
239 | 212 |
|
240 | 213 |
<p> |
241 |
-8. Back up your Tor server's private key (stored in "keys/secret_id_key" |
|
214 |
+11. Back up your Tor server's private key (stored in "keys/secret_id_key" |
|
242 | 215 |
in your DataDirectory). This is your server's "identity," and |
243 | 216 |
you need to keep it safe so nobody can read the traffic that goes |
244 | 217 |
through your server. This is the critical file to keep if you need to <a |
... | ... |
@@ -247,14 +220,14 @@ or restore your Tor server</a> if something goes wrong. |
247 | 220 |
</p> |
248 | 221 |
|
249 | 222 |
<p> |
250 |
-9. If you control the name servers for your domain, consider setting |
|
223 |
+12. If you control the name servers for your domain, consider setting |
|
251 | 224 |
your hostname to 'anonymous' or 'proxy' or 'tor-proxy', so when other |
252 | 225 |
people see the address in their web logs, they will more quickly |
253 | 226 |
understand what's going on. |
254 | 227 |
</p> |
255 | 228 |
|
256 | 229 |
<p> |
257 |
-10. If your computer isn't running a webserver, please consider |
|
230 |
+13. If your computer isn't running a webserver, please consider |
|
258 | 231 |
changing your ORPort to 443 and your DirPort to 80. Many Tor |
259 | 232 |
users are stuck behind firewalls that only let them browse the |
260 | 233 |
web, and this change will let them reach your Tor server. Win32 |
... | ... |
@@ -269,7 +242,7 @@ ports are 22, 110, and 143. |
269 | 242 |
</p> |
270 | 243 |
|
271 | 244 |
<p> |
272 |
-11. If your Tor server provides other services on the same IP address |
|
245 |
+14. If your Tor server provides other services on the same IP address |
|
273 | 246 |
— such as a public webserver — make sure that connections to the |
274 | 247 |
webserver are allowed from the local host too. You need to allow these |
275 | 248 |
connections because Tor clients will detect that your Tor server is the <a |
... | ... |
@@ -280,7 +253,7 @@ explicitly reject them in your exit policy. |
280 | 253 |
</p> |
281 | 254 |
|
282 | 255 |
<p> |
283 |
-12. (Unix only). Make a separate user to run the server. If you |
|
256 |
+15. (Unix only). Make a separate user to run the server. If you |
|
284 | 257 |
installed the OS X package or the deb or the rpm, this is already |
285 | 258 |
done. Otherwise, you can do it by hand. (The Tor server doesn't need to |
286 | 259 |
be run as root, so it's good practice to not run it as root. Running |
... | ... |
@@ -291,7 +264,7 @@ into a chroot jail</a>.) |
291 | 264 |
</p> |
292 | 265 |
|
293 | 266 |
<p> |
294 |
-13. (Unix only.) Your operating system probably limits the number |
|
267 |
+16. (Unix only.) Your operating system probably limits the number |
|
295 | 268 |
of open file descriptors per process to 1024 (or even less). If you |
296 | 269 |
plan to be running a fast exit node, this is probably not enough. On |
297 | 270 |
Linux, you should add a line like "toruser hard nofile 8192" to your |
... | ... |
@@ -304,7 +277,7 @@ you launch Tor. |
304 | 277 |
</p> |
305 | 278 |
|
306 | 279 |
<p> |
307 |
-14. If you installed Tor via some package or installer, it probably starts |
|
280 |
+17. If you installed Tor via some package or installer, it probably starts |
|
308 | 281 |
Tor for you automatically on boot. But if you installed from source, |
309 | 282 |
you may find the initscripts in contrib/tor.sh or contrib/torctl useful. |
310 | 283 |
</p> |
... | ... |
@@ -319,6 +292,37 @@ the change. |
319 | 292 |
|
320 | 293 |
<hr /> |
321 | 294 |
|
295 |
+<a id="register"></a> |
|
296 |
+<h2><a class="anchor" href="#register">Step Four: Register your nickname</a></h2> |
|
297 |
+<br /> |
|
298 |
+ |
|
299 |
+<p> |
|
300 |
+Let it run a few days to make sure it's actually working and that you're |
|
301 |
+happy with its level of resource use. Then you should register your server. |
|
302 |
+This reserves your nickname so nobody else can take it, and lets us |
|
303 |
+contact you if you need to upgrade or something goes wrong. |
|
304 |
+</p> |
|
305 |
+ |
|
306 |
+<p> |
|
307 |
+Send mail to <a |
|
308 |
+href="mailto:tor-ops@freehaven.net">tor-ops@freehaven.net</a> with a |
|
309 |
+subject of '[New Server] <your server's nickname>' and |
|
310 |
+include the following information in the message: |
|
311 |
+</p> |
|
312 |
+<ul> |
|
313 |
+<li>Your server's nickname</li> |
|
314 |
+<li>The fingerprint for your server's key (the contents of the |
|
315 |
+"fingerprint" file in your DataDirectory — on Windows, look in |
|
316 |
+\<i>username</i>\Application Data\tor\ or \Application Data\tor\; |
|
317 |
+on OS X, look in /Library/Tor/var/lib/tor/; and on Linux/BSD/Unix, |
|
318 |
+look in /var/lib/tor or ~/.tor) |
|
319 |
+</li> |
|
320 |
+<li>Who you are, so we know whom to contact if a problem arises</li> |
|
321 |
+<li>What kind of connectivity the new server will have</li> |
|
322 |
+</ul> |
|
323 |
+ |
|
324 |
+<hr /> |
|
325 |
+ |
|
322 | 326 |
<p>If you have suggestions for improving this document, please <a |
323 | 327 |
href="<page contact>">send them to us</a>. Thanks!</p> |
324 | 328 |
|
325 | 329 |