Install a Tor on Raspberry Pi bridge

Today an article proposed and written by KoS to integrate your Raspberry Pi in this network that attempts to anonymize your Internet browsing.

TOR (acronym of The Onion Router, in French : onion routing) is a network allowing anonymity of its users. Each connection passes through a more or less large number of nodes, each one relaying the information to the next until the destination node, preventing link information to the person who requested. to learn more about the functioning of TOR.
TOR is therefore dependent on the number of nodes (or gateways) that are put in place by volunteers from around the world. The number of gateways will be important, more effective will be the network.
Raspberry Pi is therefore ideal for set up a TOR bridge cheap and thus participate in this network.

Create a user for TOR

Let's create a tor user who will have rights to connect and manipulate its files :
sudo adduser tor
It will ask you to enter a password, put what you want, but try not to put a too simple anyway, then various information (Full name, Room number etc…) It is useless to enter them, simply press 'Enter'. Confirm then these details are correct and it is good.
It will then be necessary to give the right sudo This user (I do not know if this is what it has of more secure, If you have a better solution feel free). To do this we edit the file /etc/sudoers :
[Chris] You can also go through the visudo command if you it already installed
sudo nano/etc/sudoers
We add at the end the line
Save and close the file.

Install TOR

It will then install TOR :
sudo apt - get install tor

Configure TOR

We will then modify the TOR configuration file to make a simple gateway. It is possible, If you want to, to also make an exit node, but this would mean that any connection coming out of the network via your node will have your IP address, What can possibly be problematic in case of dubious use. So let's play caution.
Editing the/etc/tor/torrc file
sudo nano/etc/tor/torrc
Everything is explained in the file, but for your convenience, Here are the lines to uncomment (remove the # beginning of line) :
Log record file /var/log/tor/notices.log # Location of the log file generated by TOR
RunAsDaemon 1 # Turn TOR in the background
ORPort 9001 # Port used to make exchanges of connections
DirPort 9030 # Port used for SEO of your node
ExitPolicy reject *:* # the policy of rejection of output. Does not output so it prevents any
Nickname xxx  # The name of your node (put what you want)
RelayBandwidthRate 100 KB  # Limit of 100 KB/s traffic (800Kbps)
RelayBandwidthBurst 200 KB # In case of large application allow 200 KB/s (1600Kbps)
Finally add the following line :
SocksPort 0 # It doesn't open local port since it is just a relay. If you want to use you same TOR with your local computers, do not add this line.

Assign a fixed IP to your Pi Raspberry

To operate, TOR passes through ports 9001 and 9030, It will therefore be necessary to reroute the ports of your box or open your Firewall if necessary.
To facilitate this, We will assign a fixed IP to your Pi Raspberry, This will then allow you to instruct your box your Raspberry IP address that will never change.
Firstly there is the configuration of your network, Come in :
You should have something like this :
        eth0 Link encap:Ethernet HWaddr 00:23:54:40:66:DF 
                  INET addr:  BCAST:  Mask:
Note somewhere your inet addr and your Mask.
Then edit the file /etc/network/interfaces
sudo nano/etc/network/interfaces
Your Raspberry Pi is normally configured to receive its IP automatically DHCP server, so, you should see this :
                      iface eth0 inet dhcp
Replace it by (without comments) :
iface eth0 inet static
                address <- Choose an IP that works with your network, This is only an example !
                netmask <- put the Mask of your network
                gateway  <- Enter your internet access gateway IP, It is often the IP of your router.

[Chris] Home I stayed in DHCP but with a lease on the router to always give the same IP address MAC of Raspberry

Open ports in your Firewall

Therefore, you open, where appropriate, ports 9001 and 9030 in your firewall or that you reroutiez them in your box. There are too many different models to explain to you how here, but a search on any engine should enlighten you.

Reboot the Pi to take into account all of these changes

You have to reboot your Raspberry ft for taking into account our amendments :
sudo reboot now
Attention : If you were logged in SSH use the new IP you gave for reconnect you…

Verify that TOR works

Once your IP settings, leave him a little time to get back on the road and especially to allow TOR to clear a path in the network. To verify that TOR is working well and that he comes to communicate with the outside world, Let's look at his logs :
Nano /var/log/tor/notices.log
If you see the line “Self-testing indicates your ORPort is reachable from the outside. Excellent.” It is good ! The log file is quite detailed and understandable, in case of problems it will tell you what doesn't work.
If you look at this file from time to time in the following days, TOR will tell you its uptime and the amount of data sent.
You can check, After a few hours, If you appear well in the list of nodes maintained by TOR : by entering the name of your node.

[Chris] Attention the author indicates that this article is under the WTFPL license ! 🙂 Merci KoS !

You may also like...