个人工具

UbuntuHelp:TOR

来自Ubuntu中文

跳转至: 导航, 搜索
{i} Tor is part of the UserDocumentation series of index pages. Please read the WikiGuide prior to making changes.

This page is a brief howto for running a Tor client and relay under Ubuntu 8.04 (Hardy Heron), 8.10 (Intrepid Ibex), and 9.04 (Jaunty Jackalope). Please also consult the official Tor installation guide until this page has been completely updated as it is crucial to get everything right with a security application such as Tor.

Introduction

Tor or The Onion Router is a toolset used to help anonymize your traffic. From the Tor website: Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. This guide is an adaptation of the official Tor installation method. It has been changed to reflect installation methods unique to Ubuntu, but may easily be used as a guide for other Debian based distros.

Installing Tor

See Tor installation documentation for the latest instructions. You will need to add the following repositories to your /etc/apt/sources.list file:

  • Ubuntu 8.04 (Hardy Heron):
deb http://mirror.noreply.org/pub/tor hardy main
deb-src http://mirror.noreply.org/pub/tor hardy main
  • Ubuntu 8.10 (Intrepid Ibex):
deb http://mirror.noreply.org/pub/tor intrepid main
deb-src http://mirror.noreply.org/pub/tor intrepid main
  • Ubuntu 9.04 (Jaunty Jackalope):
deb http://mirror.noreply.org/pub/tor jaunty main
deb-src http://mirror.noreply.org/pub/tor jaunty main

This can be done by using nano, gedit or another text editor of your choosing. Or use the System --> Admin --> Software|Sources GUI application. Before moving on be sure to get the PGP keys for the new repositories and do an update / upgrade using the following commands or use the authentication tab in the Software Sources GUI:

gpg --keyserver subkeys.pgp.net --recv 94C09C7F
gpg --fingerprint 94C09C7F
gpg --export 94C09C7F | sudo apt-key add -
sudo apt-get update
sudo apt-get upgrade

Then, we will install Tor by issuing the following command or use System --> Administration --> Synaptic Package Manager:

sudo apt-get install tor

Install Privoxy

Simply make sure you have universal repositories and then:

sudo apt-get install privoxy

Configure Privoxy

Edit the file "/etc/privoxy/config" doing for example using nano:

sudo nano /etc/privoxy/config

Add the following line (anywhere in the file is fine):

forward-socks4a / localhost:9050 .

Save (Ctrl+O if in nano) and then exit (Ctrl+X if in nano).

Starting Services and Checking Status

sudo /etc/init.d/tor start
sudo /etc/init.d/privoxy start

/* Check that the service is running on port 9050 */

netstat -a | grep 9050

/* You should see the following output: */

tcp 0 0 localhost:9050 *:* LISTEN

If you are interested in testing by connecting to a website try check.torproject.org Thats it!

A Note On Local Logging

To be truly anonymous, you may want to turn off local logging for all your GET/POST/CONNECT request in privoxy's config file. For this edit the file "/etc/privoxy/config" doing for example using nano:

sudo nano /etc/privoxy/config

Go to line 573 (approx) and comment the line like so:

# debug   1    # show each GET/POST/CONNECT request
debug   4096 # Startup banner and warnings
debug   8192 # Errors - *we highly recommended enabling this*

Save (Ctrl+O if in nano) and then exit (Ctrl+X if in nano). You may also choose to enable SafeLogging in your Tor config. This can be done by opening the config file at /etc/tor/torrc and adding "SafeLogging 1" to the end of the file. See the Tor Manual for more information.

Install Vidalia (Optional)

Vidalia is a controlling Graphical User Interface for Tor. Tor must be installed for Vidalia to work. Once you have installed Tor and Vidalia you can configure client and relay settings through Vidalia. To install, type the following command in a terminal:

sudo apt-get install vidalia

Anonymizing Applications

What's the use of having Tor and Privoxy setup without enabling your new anonymous proxy in your common web applications? At this time Tor only supports HTTP and HTTPS traffic, but still recommends using Tor in your browser's proxy settings for all protocols as a hidden image link can give away your IP address if linked to an image on an FTP site. A complete list of supported applications can be found here.

Firefox

The Torbutton Add-on

  1. Go to Tools > Add-ons
  2. Select Get add-ons in the top menu
  3. Type torbutton in the search bar > Press ENTER
  4. click the "Add to firefox" button
  5. You will need to restart Firefox for the addon to take effect.

Note: Browsing through an anonymizing proxy will always slow down your connection. When using Tor Button, it appears to be necessary to first disable the proxy settings in Firefox's native options menu; otherwise Tor Button will be unable to disable Tor.

Gaim

  1. Go to the Accounts, select your Account
  2. Select Edit Account
  3. Go to the Advanced Tab
  4. Under Proxy Options select proxy type SOCKS v5
  • Enter 127.0.0.1 for the host
  • Enter 9050 for the port
  • Leave user/pass blank

Mozilla Thunderbird

Get the Tor Button addon for Thunderbird, install and setup just like with Firefox. If you're using the same server name for receiving and sending mail but still want to receive mail through Tor, change your SMTP server's name to it's IP and exclude the IP from being proxied. This way, mail will be received from your mail server by it's name (and through Tor), but sent by the same server without Tor.

X-Chat

Settings-> Preferences -> Network -> Network setup -> Proxy server Use the following settings:

Hostname: 127.0.0.1
Port: 9050
Type: Socks5

Azureus (BitTorrent Client)

Again, pretty much all you really need to do here is to proxy tracker communications. There is an option for this under the connections pane in Azureus. Fill in 127.0.0.1 9050 for the SOCKS proxy for tracker data. The most common proxy settings under Proxy Options in Connection Tab of Options Menu:

  • Enable proxying of tracker communications (checked)
  • I have a SOCKS proxy (checked)
  • Host: 127.0.0.1
  • Port: 9050
  • Username and Password <none>
  • Enable proxying of peer communications (checked)
  • Inform tracker of limitation (unchecked)
  • SOCKS version V5
  • Use same proxy settings for tracker and peer communications

More information here.

References and More Information