traumschule commited on 2018-08-22 00:51:18
Zeige 1 geänderte Dateien mit 78 Einfügungen und 52 Löschungen.
- linked first occurrence of torrc in every answer to #torrc - replaced absolute links to torproject.org with relative ones - added TODO to questions in html comments
... | ... |
@@ -119,6 +119,7 @@ |
119 | 119 |
<ul> |
120 | 120 |
<li><a href="#torrc">I'm supposed to "edit my torrc". What does |
121 | 121 |
that mean?</a></li> |
122 |
+ <li><a href="#datadir">Where's tor's data directory?</a></li> |
|
122 | 123 |
<li><a href="#Logs">How do I set up logging, or see Tor's |
123 | 124 |
logs?</a></li> |
124 | 125 |
<li><a href="#LogLevel">What log level should I use?</a></li> |
... | ... |
@@ -1067,7 +1068,7 @@ |
1067 | 1068 |
idea. Tor Browser aims to provide sufficient privacy that additional add-ons |
1068 | 1069 |
to stop ads and trackers are not necessary. Using add-ons like these may |
1069 | 1070 |
cause some sites to break, which |
1070 |
- <a href="https://www.torproject.org/projects/torbrowser/design/#philosophy"> |
|
1071 |
+ <a href="/projects/torbrowser/design/#philosophy"> |
|
1071 | 1072 |
we don't want to do</a>. Additionally, maintaining a list of "bad" sites |
1072 | 1073 |
that should be black-listed provides another opportunity to uniquely |
1073 | 1074 |
fingerprint users. |
... | ... |
@@ -1417,15 +1418,15 @@ |
1417 | 1418 |
</p> |
1418 | 1419 |
|
1419 | 1420 |
<p> |
1420 |
- First (best option), if you're on Linux, you can install the system |
|
1421 |
- Tor package (e.g. apt-get install tor) and then set it up to be a relay |
|
1422 |
- (<a href="https://www.torproject.org/docs/tor-relay-debian"> |
|
1423 |
- instructions</a>). You can then use TBB independent of that. |
|
1421 |
+ First (best option), if you're on Linux, you can install the |
|
1422 |
+ <a href="<page download/download-unix>">system Tor package</a> |
|
1423 |
+ (e.g. apt-get install tor) and then set it up to be a relay |
|
1424 |
+ (<a href="https://www.torproject.org/docs/tor-relay-debian">instructions</a>). |
|
1425 |
+ You can then use TBB independent of that. |
|
1424 | 1426 |
</p> |
1425 | 1427 |
|
1426 |
- |
|
1427 | 1428 |
<p> |
1428 |
- Second (complex option), you can edit your torrc file (in Data/Tor/torrc) |
|
1429 |
+ Second (complex option), you can edit your <a href="#torrc">torrc file</a> |
|
1429 | 1430 |
directly to add the following lines: |
1430 | 1431 |
</p> |
1431 | 1432 |
|
... | ... |
@@ -1468,7 +1469,8 @@ |
1468 | 1469 |
README file</a> for the build instructions. |
1469 | 1470 |
There is also some informations in the |
1470 | 1471 |
<a href="https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking"> |
1471 |
- Tor Browser Hacking Guide</a>. |
|
1472 |
+ Tor Browser Hacking Guide</a>. Also see our |
|
1473 |
+ <a href="<page docs/verifying-signatures>">fingerprint verification guide</a>. |
|
1472 | 1474 |
</p> |
1473 | 1475 |
|
1474 | 1476 |
<hr> |
... | ... |
@@ -1476,9 +1478,9 @@ |
1476 | 1478 |
<a id="AdvancedTorUsage"></a> |
1477 | 1479 |
<h2><a class="anchor" href="#AdvancedTorUsage">Advanced Tor usage:</a></h2> |
1478 | 1480 |
|
1479 |
- <a id="torrc"></a> |
|
1481 |
+ <a id="torrc"></a><a id="datadir"></a> |
|
1480 | 1482 |
<h3><a class="anchor" href="#torrc">I'm supposed to "edit my torrc". |
1481 |
- What does that mean?</a></h3> |
|
1483 |
+ What does that mean? Where's tor's data directory?</a></h3> |
|
1482 | 1484 |
|
1483 | 1485 |
<p> |
1484 | 1486 |
Tor uses a text file called torrc that contains configuration |
... | ... |
@@ -1487,26 +1489,47 @@ |
1487 | 1489 |
</p> |
1488 | 1490 |
|
1489 | 1491 |
<p> |
1490 |
- If you installed Tor Browser on Windows or Linux, look for |
|
1491 |
- <code>Browser/TorBrowser/Data/Tor/torrc</code> inside your Tor Browser |
|
1492 |
- directory. |
|
1493 |
- If you're on macOS, the torrc is in |
|
1492 |
+ If you installed Tor Browser on Windows or Linux, torrc is in the data |
|
1493 |
+ directory, which is <code>Browser/TorBrowser/Data/Tor</code> inside your |
|
1494 |
+ Tor Browser directory. For the tor service on Windows see |
|
1495 |
+ <a href="#NTService">Windows NT</a>. |
|
1496 |
+ </p> |
|
1497 |
+ |
|
1498 |
+ <p> |
|
1499 |
+ If you're on macOS, the torrc is in the data directory at |
|
1494 | 1500 |
<code>~/Library/Application Support/TorBrowser-Data/Tor</code>. |
1495 | 1501 |
To get to it, press cmd-shift-g while in Finder and copy/paste that |
1496 | 1502 |
directory into the box that appears. |
1497 | 1503 |
</p> |
1498 | 1504 |
|
1499 | 1505 |
<p> |
1500 |
- Otherwise, if you are using Tor without Tor Browser, it looks for the |
|
1501 |
- torrc file in <code>/usr/local/etc/tor/torrc</code> if you compiled tor |
|
1502 |
- from source, and <code>/etc/tor/torrc</code> or <code>/etc/torrc</code> |
|
1503 |
- if you installed a pre-built package. |
|
1506 |
+ Otherwise, if you are using Tor without Tor Browser, it looks for torrc at |
|
1507 |
+ differentt possible locations: |
|
1504 | 1508 |
</p> |
1509 |
+ <ul> |
|
1510 |
+ <li> |
|
1511 |
+ <code>/usr/local/etc/tor/torrc</code> if you compiled tor from source |
|
1512 |
+ </li> |
|
1513 |
+ <li> |
|
1514 |
+ <code>/etc/tor/torrc</code> or <code>/etc/torrc</code> if you installed a |
|
1515 |
+ pre-built package. The data directory usually is |
|
1516 |
+ <code>/var/lib/tor/</code>, if not defined otherwise with |
|
1517 |
+ <code>DataDirectory</code> in torrc. |
|
1518 |
+ </li> |
|
1519 |
+ <li><code>$HOME/.torrc</code>: fallback location if above file is not found. |
|
1520 |
+ </li> |
|
1521 |
+ <li> |
|
1522 |
+ You can define a different location for torrc with <code>-f FILE</code> and |
|
1523 |
+ set another data directory with <code>--DataDirectory DIR</code> as options |
|
1524 |
+ to tor. |
|
1525 |
+ </li> |
|
1526 |
+ </ul> |
|
1505 | 1527 |
|
1506 | 1528 |
<p> |
1507 |
- Once you've created or changed your torrc file, you will need to restart |
|
1508 |
- tor for the changes to take effect. (For advanced users, note that |
|
1509 |
- you actually only need to send Tor a HUP signal, not actually restart it.) |
|
1529 |
+ Once you've created or changed your torrc file, you will need to restart or |
|
1530 |
+ reload tor for the changes to take effect. On Debian use |
|
1531 |
+ <code>system tor reload</code>. (For advanced users, note that you |
|
1532 |
+ actually only need to send Tor a HUP signal, not actually restart it.) |
|
1510 | 1533 |
</p> |
1511 | 1534 |
|
1512 | 1535 |
<p> |
... | ... |
@@ -1533,7 +1556,7 @@ |
1533 | 1556 |
<li>On OS X, Debian, Red Hat, etc, the logs are in /var/log/tor/ |
1534 | 1557 |
</li> |
1535 | 1558 |
<li>On Windows, there are no default log files currently. If you enable |
1536 |
- logs in your torrc file, they default to <code>\username\Application |
|
1559 |
+ logs in your <a href="#torrc">torrc</a> file, they default to <code>\username\Application |
|
1537 | 1560 |
Data\tor\log\</code> or <code>\Application Data\tor\log\</code> |
1538 | 1561 |
</li> |
1539 | 1562 |
<li>If you compiled Tor from source, by default your Tor logs to |
... | ... |
@@ -1718,7 +1741,7 @@ |
1718 | 1741 |
If you don't find any good hints, you should consider running Tor in the |
1719 | 1742 |
foreground (from a shell) so you can see how it dies. Warning: if you |
1720 | 1743 |
switch to running Tor in the foreground, you might start using a different |
1721 |
- torrc file, with a different default Data Directory; see the |
|
1744 |
+ <a href="#torrc">torrc</a> file, with a different default Data Directory; see the |
|
1722 | 1745 |
<a href="#UpgradeOrMove">relay-upgrade FAQ entry</a> |
1723 | 1746 |
for details. |
1724 | 1747 |
</li> |
... | ... |
@@ -1755,8 +1778,8 @@ |
1755 | 1778 |
<p> |
1756 | 1779 |
Yes. You can set preferred entry and exit nodes as well as |
1757 | 1780 |
inform Tor which nodes you do not want to use. |
1758 |
- The following options can be added to your config file <a |
|
1759 |
- href="#torrc">"torrc"</a> or specified on the command line: |
|
1781 |
+ The following options can be added to your config file |
|
1782 |
+ <a href="#torrc">torrc</a> or specified on the command line: |
|
1760 | 1783 |
</p> |
1761 | 1784 |
<dl> |
1762 | 1785 |
<dt><tt>EntryNodes $fingerprint,$fingerprint,...</tt></dt> |
... | ... |
@@ -1818,7 +1841,7 @@ versions. |
1818 | 1841 |
If your firewall works by blocking ports, then you can tell Tor to only |
1819 | 1842 |
use the ports when you start your Tor Browser. Or you can add the ports |
1820 | 1843 |
that your firewall permits by adding "FascistFirewall 1" to your |
1821 |
- <a href="<page docs/faq>#torrc">torrc configuration file</a>. |
|
1844 |
+ <a href="#torrc">torrc configuration file</a>. |
|
1822 | 1845 |
By default, when you set this Tor assumes that your firewall allows only |
1823 | 1846 |
port 80 and port 443 (HTTP and HTTPS respectively). You can select a |
1824 | 1847 |
different set of ports with the FirewallPorts torrc option. |
... | ... |
@@ -1841,9 +1864,11 @@ versions. |
1841 | 1864 |
ports?</a></h3> |
1842 | 1865 |
<p> |
1843 | 1866 |
The default open ports are listed below but keep in mind that, any port or |
1844 |
- ports can be opened by the relay operator by configuring it in torrc or |
|
1845 |
- modifying the source code. But the default according to src/or/policies.c |
|
1846 |
- from the source code release tor-0.2.4.16-rc is: |
|
1867 |
+ ports can be opened by the relay operator by configuring it in |
|
1868 |
+ <a href="#torrc">torrc</a> or modifying the source code. |
|
1869 |
+ <!-- TODO should we update this? --> |
|
1870 |
+ The default according to src/or/policies.c from the source code release |
|
1871 |
+ tor-0.2.4.16-rc: |
|
1847 | 1872 |
</p> |
1848 | 1873 |
<pre> |
1849 | 1874 |
reject 0.0.0.0/8 |
... | ... |
@@ -1934,7 +1959,7 @@ versions. |
1934 | 1959 |
with tor-resolve, then pass the IPs to your applications, you'll be fine. |
1935 | 1960 |
(Tor will still give the warning, but now you know what it means.) </li> |
1936 | 1961 |
|
1937 |
- <!-- I'm not sure if this project is still maintained or not |
|
1962 |
+ <!-- TODO I'm not sure if this project is still maintained or not |
|
1938 | 1963 |
<li>You can use TorDNS as a local DNS server to rectify the DNS leakage. |
1939 | 1964 |
See the Torify HOWTO for info on how to run particular applications |
1940 | 1965 |
anonymously.</li> |
... | ... |
@@ -1993,7 +2018,7 @@ versions. |
1993 | 2018 |
By default, your Tor client only listens for applications that |
1994 | 2019 |
connect from localhost. Connections from other computers are |
1995 | 2020 |
refused. If you want to torify applications on different computers |
1996 |
- than the Tor client, you should edit your torrc to define |
|
2021 |
+ than the Tor client, you should edit your <a href="#torrc">torrc</a> to define |
|
1997 | 2022 |
SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you |
1998 | 2023 |
want to get more advanced, you can configure your Tor client on a |
1999 | 2024 |
firewall to bind to your internal IP but not your external IP. |
... | ... |
@@ -2019,7 +2044,7 @@ versions. |
2019 | 2044 |
key all around. |
2020 | 2045 |
</p> |
2021 | 2046 |
<p> |
2022 |
- Configuration is simple, editing your torrc file's SocksListenAddress |
|
2047 |
+ Configuration is simple, editing your <a href="#torrc">torrc</a> file's SocksListenAddress |
|
2023 | 2048 |
according to the following examples: |
2024 | 2049 |
</p> |
2025 | 2050 |
|
... | ... |
@@ -2130,8 +2155,8 @@ versions. |
2130 | 2155 |
using a dynamic IP address?</a></h3> |
2131 | 2156 |
|
2132 | 2157 |
<p> |
2133 |
- Tor can handle relays with dynamic IP addresses just fine. Just leave |
|
2134 |
- the "Address" line in your torrc blank, and Tor will guess. |
|
2158 |
+ Tor can handle relays with dynamic IP addresses just fine. Just leave the |
|
2159 |
+ "Address" line in your <a href="#torrc">torrc</a> blank, and Tor will guess. |
|
2135 | 2160 |
</p> |
2136 | 2161 |
|
2137 | 2162 |
<hr> |
... | ... |
@@ -2143,9 +2168,9 @@ versions. |
2143 | 2168 |
Tor has <a href="<wiki>org/roadmaps/Tor/IPv6Features">partial</a> support |
2144 | 2169 |
for IPv6 and we encourage every relay operator to |
2145 | 2170 |
<a href="<wiki>TorRelayGuide#IPv6">enable IPv6 functionality</a> in their |
2146 |
- torrc configuration files when IPv6 connectivity is available. |
|
2147 |
- For the time being Tor will require IPv4 addresses on relays, you can not |
|
2148 |
- run a Tor relay on a host with IPv6 addresses only. |
|
2171 |
+ <a href="#torrc">torrc</a> configuration files when IPv6 connectivity is |
|
2172 |
+ available. For the time being Tor will require IPv4 addresses on relays, |
|
2173 |
+ you can not run a Tor relay on a host with IPv6 addresses only. |
|
2149 | 2174 |
</p> |
2150 | 2175 |
|
2151 | 2176 |
<hr> |
... | ... |
@@ -2244,7 +2269,7 @@ versions. |
2244 | 2269 |
options are available to Tor relays?</a></h3> |
2245 | 2270 |
|
2246 | 2271 |
<p> |
2247 |
- There are two options you can add to your torrc file: |
|
2272 |
+ There are two options you can add to your <a href="#torrc">torrc</a> file: |
|
2248 | 2273 |
</p> |
2249 | 2274 |
<ul> |
2250 | 2275 |
<li> |
... | ... |
@@ -2298,7 +2323,7 @@ versions. |
2298 | 2323 |
<h3><a class="anchor" href="#LimitTotalBandwidth">How can I limit the |
2299 | 2324 |
total amount of bandwidth used by my Tor relay?</a></h3> |
2300 | 2325 |
<p> |
2301 |
- The accounting options in the torrc file allow you to specify the maximum |
|
2326 |
+ The accounting options in the <a href="#torrc">torrc</a> file allow you to specify the maximum |
|
2302 | 2327 |
amount of bytes your relay uses for a time period. |
2303 | 2328 |
</p> |
2304 | 2329 |
<pre> |
... | ... |
@@ -2394,7 +2419,7 @@ versions. |
2394 | 2419 |
working relay setup) is as follows:</p> |
2395 | 2420 |
|
2396 | 2421 |
<ul> |
2397 |
- <li>In the relay Tor torrc file, simply set the SocksPort to 0.</li> |
|
2422 |
+ <li>In the relay Tor <a href="#torrc">torrc</a> file, simply set the SocksPort to 0.</li> |
|
2398 | 2423 |
<li>Create a new client torrc file from the torrc.sample and ensure |
2399 | 2424 |
it uses a different log file from the relay. One naming convention |
2400 | 2425 |
may be torrc.client and torrc.relay.</li> |
... | ... |
@@ -2574,7 +2599,7 @@ don't want to deal with abuse issues.</a></h3> |
2574 | 2599 |
|
2575 | 2600 |
<p> |
2576 | 2601 |
This means that if you're upgrading your Tor relay and you keep the same |
2577 |
- torrc and the same DataDirectory, then the upgrade should just work and |
|
2602 |
+ <a href="#torrc">torrc and the same DataDirectory</a>, then the upgrade should just work and |
|
2578 | 2603 |
your relay will keep using the same key. If you need to pick a new |
2579 | 2604 |
DataDirectory, be sure to copy your old |
2580 | 2605 |
keys/ed25519_master_id_secret_key and keys/secret_id_key over. |
... | ... |
@@ -2615,7 +2640,7 @@ don't want to deal with abuse issues.</a></h3> |
2615 | 2640 |
and confirms that the medium term signing key is valid for a certain |
2616 | 2641 |
period of time. The default validity is 30 days, but this can be |
2617 | 2642 |
customized by setting "SigningKeyLifetime N days|weeks|months" in |
2618 |
- torrc.</li> |
|
2643 |
+ <a href="#torrc">torrc</a>.</li> |
|
2619 | 2644 |
<li>there is also a master public key named |
2620 | 2645 |
"ed25519_master_id_public_key, which is the actual identity of the relay |
2621 | 2646 |
advertised in the network. This one is not sensitive and can be easily |
... | ... |
@@ -2681,7 +2706,7 @@ don't want to deal with abuse issues.</a></h3> |
2681 | 2706 |
<p> |
2682 | 2707 |
Optionally, you can specify additional options for the Tor service using |
2683 | 2708 |
the -options argument. For example, if you want Tor to use C:\tor\torrc, |
2684 |
- instead of the default torrc, and open a control port on port 9151, you |
|
2709 |
+ instead of the default <a href="#torrc">torrc</a>, and open a control port on port 9151, you |
|
2685 | 2710 |
would run: |
2686 | 2711 |
</p> |
2687 | 2712 |
|
... | ... |
@@ -3119,9 +3144,10 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> |
3119 | 3144 |
tool for configuring, controlling and running tests on a |
3120 | 3145 |
testing Tor network. It requires that you have Tor and Python (2.5 or |
3121 | 3146 |
later) installed on your system. You can use Chutney to create a testing |
3122 |
- network by generating Tor configuration files (torrc) and necssary keys |
|
3123 |
- (for the directory authorities). Then you can let Chutney start your Tor |
|
3124 |
- authorities, relays and clients and wait for the network to bootstrap. |
|
3147 |
+ network by generating Tor configuration files (<a href="#torrc">torrc</a>) |
|
3148 |
+ and necessary keys (for the directory authorities). Then you can let |
|
3149 |
+ Chutney start your Tor authorities, relays and clients and wait for the |
|
3150 |
+ network to bootstrap. |
|
3125 | 3151 |
Finally, you can have Chutney run tests on your network to see which |
3126 | 3152 |
things work and which do not. Chutney is typically used for running a |
3127 | 3153 |
testing network with about 10 instances of Tor. Every instance of Tor |
... | ... |
@@ -3265,7 +3291,7 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> |
3265 | 3291 |
a series of proxies. Your communication is encrypted in multiple layers |
3266 | 3292 |
and routed via multiple hops through the Tor network to the final |
3267 | 3293 |
receiver. More details on this process can be found in the <a |
3268 |
- href="https://www.torproject.org/about/overview">Tor overview</a>. |
|
3294 |
+ href="<page about/overview>">Tor overview</a>. |
|
3269 | 3295 |
Note that all your local ISP can observe now is that you are |
3270 | 3296 |
communicating with Tor nodes. Similarly, servers in the Internet just |
3271 | 3297 |
see that they are being contacted by Tor nodes. |
... | ... |
@@ -3371,7 +3397,7 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> |
3371 | 3397 |
identity leaks, Tor Browser also includes browser extensions like |
3372 | 3398 |
NoScript and Torbutton, as well as patches to the Firefox source |
3373 | 3399 |
code. The full design of Tor Browser can be read <a |
3374 |
- href="https://www.torproject.org/projects/torbrowser/design/">here</a>. |
|
3400 |
+ href="/projects/torbrowser/design/index.html.en">here</a>. |
|
3375 | 3401 |
In designing a safe, secure solution for browsing the web with Tor, |
3376 | 3402 |
we've discovered that configuring <a href="#TBBOtherBrowser">other |
3377 | 3403 |
browsers</a> to use Tor is unsafe. |
... | ... |
@@ -3386,7 +3412,7 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> |
3386 | 3412 |
|
3387 | 3413 |
<p> |
3388 | 3414 |
Tor is a work in progress. There is still <a |
3389 |
- href="https://www.torproject.org/getinvolved/volunteer">plenty of work |
|
3415 |
+ href="<page getinvolved/volunteer>">plenty of work |
|
3390 | 3416 |
left to do</a> for a strong, secure, and complete solution. |
3391 | 3417 |
</p> |
3392 | 3418 |
|
... | ... |
@@ -3649,7 +3675,7 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor">Noisebridge</a> |
3649 | 3675 |
anonymity solution</a>.</b> |
3650 | 3676 |
If you're looking for a trusted entry into the Tor network, or if you want |
3651 | 3677 |
to obscure the fact that you're using Tor, |
3652 |
- <a href="https://www.torproject.org/docs/bridges#RunningABridge">setting up |
|
3678 |
+ <a href="<page docs/bridges>#RunningABridge">setting up |
|
3653 | 3679 |
a private server as a bridge</a> works quite well. |
3654 | 3680 |
</p> |
3655 | 3681 |
|
... | ... |
@@ -3796,7 +3822,7 @@ Perhaps even run separate Tor clients for these applications. |
3796 | 3822 |
First, we need to make Tor stable as a relay on all common operating |
3797 | 3823 |
systems. The main remaining platform is Windows, and we're mostly there. |
3798 | 3824 |
See Section 4.1 of |
3799 |
- <a href="https://www.torproject.org/press/2008-12-19-roadmap-press-release"> |
|
3825 |
+ <a href="<page press/2008-12-19-roadmap-press-release>"> |
|
3800 | 3826 |
our development roadmap</a>. |
3801 | 3827 |
</p> |
3802 | 3828 |
|
... | ... |
@@ -4248,7 +4274,7 @@ Perhaps even run separate Tor clients for these applications. |
4248 | 4274 |
|
4249 | 4275 |
<p> |
4250 | 4276 |
Please read the |
4251 |
- <a href="https://www.torproject.org/eff/tor-legal-faq">legal FAQ written |
|
4277 |
+ <a href="<page eff/tor-legal-faq>">legal FAQ written |
|
4252 | 4278 |
by EFF lawyers</a>. There's a growing |
4253 | 4279 |
<a href="https://blog.torproject.org/blog/start-tor-legal-support-directory"> |
4254 | 4280 |
legal directory</a> of people who may be able to help you. |
4255 | 4281 |