Anonymity

Installing Tor & Privoxy under Debian

Links

• the official doc
• Wikipedia article with links to other anonymity solutions

Installation

# apt-get install tor privoxy

Edit /etc/privoxy/config and uncomment the following line:

 forward-socks4a   /               127.0.0.1:9050 .

Then restart the service

# /etc/init.d/privoxy restart

Usage

HTTP proxy through privoxy & tor

http 127.0.0.1 port 8118

E.g. for wget:

$ export http_proxy=http://127.0.0.1:8118/

The extension torbutton provides an easy way to toggle the usage of Tor

To test privoxy, try to access the following page: http://p.p/

SOCKS 5 proxy through tor

socks5 127.0.0.1 port 9050

Or for applications without proxy configuration available, check torify which uses LD_PRELOAD, e.g.

$ torify irssi

The extension Foxyproxy for Firefox contains already a pre-configured "Tor" setting on which you can add URL matches or use it all the time, it can be tuned to use also Privoxy. See also the extension torbutton presented in the previous section.

To test Tor, try to access the following hidden service: http://duskgytldkxiuqc6.onion/

DNS resolution through tor

$ tor-resolve wiki.yobi.be
85.17.183.154
$ tor-resolve -x 85.17.183.154
www.yobi.be

SSH through tor

See the connect.c helper program to make it possible.
connect is available as a Debian package:

apt-get install connect-proxy

And in ~/.ssh/config, simply use this line for Socks v5 & remote DNS resolution:

ProxyCommand /usr/bin/connect -R remote -5 -S 127.0.0.1:9050 %h %p

Hidden services

• Configuring hidden services for Tor, under Debian it seems you've just to tune /etc/tor/torrc
• core.onion, a simple site containing links to other .onion sites, a simple forum and a comment system.
• onionforum, a popular forum

Advanced usages

• Configuring a Tor relay, under Debian it seems you've just to tune /etc/tor/torrc

• Using special addresses, cf /usr/share/doc/tor/spec/address-spec.txt
  • [hostname].[name-or-digest].exit to choose the exit Tor node
  • [digest].onion to connect to a hidden service
  • [string].noconnect to immediately close the connection without attaching it to any circuit

GUI

There is Vidalia
Under Debian, I downloaded the RPM, went through alien and installed the package.
This is intended to launch tor itself so I tricked a bit its configuration:

Settings->General->Tor executable: true
        ->Advanced->Address 127.0.0.1 9051, Authentication: none, Tor config file: /etc/tor/torrc

Do not stop/start Tor with the GUI! (well you can stop it but you need to launch the service again as root: /etc/init.d/tor start)

BTW you've to allow the client to connect to Tor (I didn't find how to set a passwd as vidalia seemed to be able to handle) by decommenting the following line in /etc/tor/torrc:

ControlPort 9051

New install (2010/04)

Here are a few notes on a fresh install:

Following https://www.torproject.org/docs/debian-vidalia.html

Edit /etc/apt/sources.list

   # Tor
   deb http://deb.torproject.org/torproject.org squeeze main

gpg --keyserver keys.gnupg.net --recv 74A941BA219EC810
gpg --export 74A941BA219EC810 | sudo apt-key add -
sudo apt-get update

According to the FAQ they now profer to use polipo over privoxy

sudo apt-get install vidalia polipo

Do you want to stop the existing Tor process and let Vidalia start Tor?
Yes (and disable it for every boot)

I had still old config of Vidalia, so start from scratch:

rm -rf ~/.vidalia

Configure Polipo to use Tor:

sudo mv /etc/polipo/config /etc/polipo/config.orig
sudo wget -O /etc/polipo/config https://svn.torproject.org/svn/torbrowser/trunk/build-scripts/config/polipo.conf
sudo /etc/init.d/polipo restart

Torbutton is incompatible with other extensions so I'm using another Firefox profile completely empty and add the tor button.