Re: Tor (started by Vidalia) ignores StrictEntryNodes + EntryNodes

To: or-talk@xxxxxxxxxxxxx

Subject: Re: Tor (started by Vidalia) ignores StrictEntryNodes + EntryNodes

From: zmj <zangmj@xxxxxxxxx>

Date: Mon, 22 Dec 2008 17:27:30 +0800

Delivered-to: archiver@xxxxxxxx

Delivered-to: or-talk-outgoing@xxxxxxxx

Delivered-to: or-talk@xxxxxxxx

Delivery-date: Mon, 22 Dec 2008 04:27:37 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=mPQiNGeDI/0hC7k7wXknM7WalFsArNUn83JihvFZZVg=; b=BZ/+1MmjYZaUXH9W7nSLbc1mV8YejaHKc8PuWalG0ZZm2r8Nfdu1D1ETq/p4OYPrd8 0SD8/hPwgYiAfGDqZdfu4uu6Ntg+u4Nk7CX+oI0hwiMHD2diKxBxdy/EtDBY5D6UeZ+Q nLwbmNtKjtYLk8vY3Jg6glOGxdeOpMx8y0zhw=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=MNtbkZPYaqSif5A7VCv28kPS/Lsm96OW4OONP1e+TVRKM7Kd3/tN4bvQEK4fjAJa0v P2XxEGp/0FFs1OJLZegtkhOLkw6vfAm93+6xeS6KbfI8Y6j8mTXBQLR9uWLU29zLEaWC JDIBYXSCbTmCNs41tk0g6UZ/Rie5o5dujTnec=

In-reply-to: <a5b589a70812161002j45e70432ub0b16b75a950274b@xxxxxxxxxxxxxx>

References: <a5b589a70812160932n54ef9fc9ma73a4696c1b4dc8c@xxxxxxxxxxxxxx> <a5b589a70812161002j45e70432ub0b16b75a950274b@xxxxxxxxxxxxxx>

Reply-to: or-talk@xxxxxxxxxxxxx

Sender: owner-or-talk@xxxxxxxxxxxxx

UseEntryGuards 0|1

If this option is set to 1, we pick a few long-term entry servers, and try to stick with them. This is desirable because constantly changing servers increases the odds that an adversary who owns some servers will observe a fraction of your paths. (Defaults to 1.)

NumEntryGuards NUM

If UseEntryGuards is set to 1, we will try to pick a total of NUM routers as long-term entries for our circuits. (Defaults to 3.)

https://www.torproject.org/tor-manual-dev.html.en

On Wed, Dec 17, 2008 at 2:02 AM, Fran Litterio <flitterio@xxxxxxxxx> wrote:

On Tue, Dec 16, 2008 at 12:32 PM, I wrote:
I'm running Vidalia 0.1.10 and Tor 0.2.0.32 (r17346) on Windows XP.

I stopped Tor from the Vidalia GUI, and manually edited Vidalia's
"torrc" file, adding these two lines at the bottom:

StrictEntryNodes 1
EntryNodes BostonUCompSci,FSF,moria1,SelfEvident,superbad,fuga,augrime,askatasuna,VSvTZGO7UPj4yh8,conf555nick,desync,phobos

After re-starting Tor from the Vidalia GUI, I see circuits that have
entry nodes that are _not_ from the above list. In fact, nearly all
circuits have entry nodes that are not from the above list.

Update: If I add the following four lines to the bottom of Vidalia's "torrc" file, then Tor honors the StrictExitNodes + ExitNodes options, but it ignores the StrictEntryNodes + EntryNodes options:

StrictEntryNodes 1
EntryNodes BostonUCompSci,FSF,moria1,SelfEvident
StrictExitNodes 1
ExitNodes BostonUCompSci,FSF,moria1,SelfEvident

Although, Tor seems to only use the first of the specified ExitNodes. Shouldn't it round-robin between them?
--
Fran