[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] r25866: {website} make the obfsproxy bridge debian instructions more likely to (website/trunk/projects/en)
Author: arma
Date: 2012-11-09 20:28:18 +0000 (Fri, 09 Nov 2012)
New Revision: 25866
Modified:
website/trunk/projects/en/obfsproxy-debian-instructions.wml
Log:
make the obfsproxy bridge debian instructions more likely to work
Modified: website/trunk/projects/en/obfsproxy-debian-instructions.wml
===================================================================
--- website/trunk/projects/en/obfsproxy-debian-instructions.wml 2012-11-06 22:40:33 UTC (rev 25865)
+++ website/trunk/projects/en/obfsproxy-debian-instructions.wml 2012-11-09 20:28:18 UTC (rev 25866)
@@ -2,7 +2,7 @@
# Revision: $Revision$
# Translation-Priority: 4-optional
-#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8"
+#include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"
<div id="content" class="clearfix">
<div id="breadcrumbs">
@@ -14,65 +14,55 @@
<!-- PUT CONTENT AFTER THIS TAG -->
- <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1>
+ <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>
<img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
<p>
- This guide will help you setup an obfuscated bridge on a Debian/Ubuntu system.
+ This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.
</p>
- <h3>Step 0: Add Tor repositories to APT</h3>
+ <h3>Step 0: Move to the development version of Tor</h3>
<br>
<p>
- You need
- to <a href="https://www.torproject.org/docs/debian#development">install
- the experimental official Tor Project APT repositories</a>,
- because a fresh version of Tor (0.2.4.x) is required (Older
- versions of Tor don't report their bridge addresses to BridgeDB).
+ Add the <a href="<page docs/debian>#development">development Tor
+ APT repository</a> and run the specified commands to install tor
+ and deb.torproject.org-keyring. You need Tor 0.2.4.x Tor because
+ it knows how to automatically report your obfsproxy address to <a
+ href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
</p>
- <h3>Step 1: Install Tor and obfsproxy</h3>
+ <h3>Step 1: Install obfsproxy</h3>
<br>
- <p>
- Now install tor and obfsproxy:
- </p>
-
<pre style="margin: 1.5em 0 1.5em 2em">
-\# apt-get update
-\# apt-get install obfsproxy tor
+\# apt-get install obfsproxy
</pre>
<p>
- Note that obfsproxy requires
- libevent2 and your distribution (e.g. Debian stable) might not
- have it in its repos. You can
- <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try
- our experimental backport libevent2 debs</a>,
- or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build
- libevent2 from source</a>.
+ Obfsproxy requires libevent2. If your distribution (e.g. Debian
+ squeeze) doesn't include it, you can get it from the <a
+ href="http://packages.debian.org/search?keywords=libevent-2.0-5">backports</a>
+ repository.
</p>
- <h3>Step 2: Set up Tor</h3>
+ <h3>Step 2: Configure Tor</h3>
<br>
<p>
- You will need an appropriate
- Tor <a href="<page docs/faq>#torrc">configuration file</a>
- (usually at <i>/etc/tor/torrc</i>):
+ Edit your <i>/etc/tor/torrc</i> to add:
</p>
<pre style="margin: 1.5em 0 1.5em 2em">
SocksPort 0
-ORPort auto
+ORPort 443 # or some other port if you already run a webserver/skype
BridgeRelay 1
Exitpolicy reject *:*
-\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like.
+\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like
Nickname CHANGEME_1
-\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example.
+\## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
\#ContactInfo CHANGEME_2
ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
@@ -82,11 +72,12 @@
Don't forget to edit the <i>CHANGEME</i> fields!
</p>
- <h3>Step 3: Launch Tor and verify that it works</h3>
+ <h3>Step 3: Launch Tor and verify that it bootstraps</h3>
<br>
<p>
- Restart Tor for the the new configuration file to be in effect:
+ Restart Tor to use the new configuration file.
+ (Preface with sudo if needed.)
</p>
<pre style="margin: 1.5em 0 1.5em 2em">
@@ -112,10 +103,16 @@
100%.
</p>
+ <h3>Step 4: Set up port forwarding if needed</h3>
+ <br>
+
<p>
- Now you need to find the address on which obfsproxy is
- listening. To do this, check your Tor logs for a line similar to
- this one:
+ If you're behind a NAT/firewall, you'll need to make your bridge
+ reachable from the outside world — both on the ORPort and
+ the obfsproxy port. The ORPort is whatever you defined in step two
+ above. To find your obfsproxy port, check your Tor logs for a line
+ similar to this one:
+ </p>
<pre style="margin: 1.5em 0 1.5em 2em">
Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
@@ -123,19 +120,11 @@
<p>
The last number, in this case <i>26821</i>, is the TCP port number
- that your clients should point their obfsproxy to. So for example,
- if your public IP is 1.2.3.4, your clients should put <i>Bridge
- obfs2 1.2.3.4:26821</i> in their configuration file.
- </pre>
+ that you need to forward through your firewall. (This port is randomly
+ chosen the first time Tor starts, but Tor will cache and reuse the
+ same number in future runs.)
</p>
- <p>
- <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
- <b>Don't forget!</b> If you are behind a NAT, you should <b>port
- forward</b> the port that obfsproxy is listening on. In the
- example above you would have to forward port <i>26821</i>.
- </p>
-
</div>
<!-- END MAINCOL -->
<div id = "sidecol">
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits