[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Platform diversity in Tor network [was: OpenBSD doc/TUNING]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

It's a little bit of both. The OpenBSD port and package of Tor were
out of date last time I checked, so the first difference is that you
want to build from source. If you do so, though, you have to make the
unprivileged user yourself. This is covered in _Absolute OpenBSD 2nd
Ed._ and on the web. It's a technique that OpenBSD popularized, so
it's easy to do.

The general sysadmin experience with OpenBSD involves more manual
config file editing and man page reading, as I've mentioned
previously. Some things (like having tons of open files) have to be
enabled by default, as they're a complication and a potential security
risk. However, most users find it very convenient and elegant in the
long run.

Another example that I forgot to mention earlier: encrypting swap on
Debian or Ubuntu involves apt-getting and such. On OpenBSD, it
involves changing two characters of /etc/sysctl.conf.

I don't want to beat a dead horse, so I'll leave most of the specifics
out. Also, the beginning of _Absolute OpenBSD 2nd Ed._ explains the
differences better than I can.

Libertas

On 11/05/2014 11:20 AM, Niklas Kielblock wrote:
> Is there much of a difference between setting up Tor on OpenBSD vs.
>  Linux or other Unix(like) systems?
> 
> Or is this just about setting up OpenBSD in general, or additional
>  security for relays (disk encryption, memory protection) whose use
> isn't common on most general servers?
> 
>> 
>> I would love to start a larger conversation about running Tor on 
>> OpenBSD. I've been considering making a guide describing the
>> process. However, that violates the OpenBSD philosophy to some
>> extent. They tend to only help those who help themselves - in the
>> long term, only those who want to learn Unix and who RTFMs
>> continue using OpenBSD.[1] Hopefully, though, we can spark enough
>> interest that node operators will take that initiative. I know
>> there's been a lot more interest in OpenBSD on Hacker News et al.
>> since the surveillance revelations.
>> 
> _______________________________________________ tor-relays mailing
> list tor-relays@xxxxxxxxxxxxxxxxxxxx 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJUWnTLAAoJELxHvGCsI27Nlo4P/1qYGg9Rk9DvOft4XdvorQPU
aAjB0z3SL8RqO/sk/Bi89JDG0nAXzePFurO6AZDclP1tjfxQny0NgR68dACZGlPR
mTxGdzK1jeCykt7kPnAdg4QanumWTHtldCwjfIlAy4lhvxGWxMNoUrVcPlHnVwSX
0qQV1ZQeKYFanFKk4c+yqS2NRgevV5L9YvtbRU7Eopg25F3FLjnkCxoP0/wQ8yvz
kS/657EvPdMXmbMpbaDYD9SFj5M9a9TH07ZBt/qODSIF6iRR2fxSgNVPHO/Iznmi
B2Pb6VlwQJPEIxOxBsiRGKwcuwlb8m+xSVikLeelBZGRmnJgsJKoddNdT4bjuJJv
vhKz61JWK7tUCSeql+VORBeRpYvqnkzUWm5K5rve1aIvUxqHZxfQVbAlDSdePxyw
dSyqjySVoGF2sOZmy+NarMghot/+tQKvpmQsv2a/nwcpj6xNj2k3X/umstv6QYJc
abYl81cKlozse9SMWPrQviZbIn5ZhadD2Bv8uOCJaxdYcy6E7ktxS+lm5N8aHLUq
WgITN76Ya6jitwgfL72ssuDoa3Lerlyz6r75bBuK77AIaWaIcdOZktJALFlfWRV6
sJJAXLIADt8ZaI9/BogJZcFemZ5/7oyw9DD5FeoQ65x6gHr1KKonMKCvx3Aof+W6
79ziti7n6MWAZ4dYdZan
=HJ9j
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays