Please take extra care when following these instructions. They're outdated and may not reflect best practices any longer
This guide is being written for someone who knows their way around Linux/Unix and is comfortable with the responsibility of running their own server. Running this configuration should cost you about $5/month. If you're not comfortable setting up your own server then donating that $5 to other Tor relay operators is still helpful.
Open the following pages up for reference. Ideally you should read through them before beginning.
- My First 5 Minutes On A Server; Or, Essential Security for Linux Servers
- Running a 1 MB/s Tor Relay on Linode
- Tor Exit Full Setup
- Configuring a Tor relay on Debian/Ubuntu
- How to Run a Secure Tor Server
- Tor Exit Guidelines
- The Legal FAQ for Tor Relay Operators
- Tips for Running an Exit Node with Minimal Harassment
I'm not going to present much if any new information in this guide. Mainly I'm putting it together while I follow all of these guides myself.
- make a new 0.5GB pod with Ubuntu 13.04 (the latest they offer, we'll upgrade it shortly)
- Once it's created follow the notification to reset the root password
- Add a DNS A record for your new node. I use
torrelay1, torrelay2 ...
. - IMPORTANT: Contact Solar and tell them you plan to run a tor relay. They're currently OK with this and will appreciate the heads up.
- ssh into your new vps as root
sudo sed -i -e 's/archive.ubuntu.com\|security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list
-- This make is possible to upgrade to 13.10 since 13.04 is at EOL.apt-get update && sudo apt-get dist-upgrade
do-release-upgrade -d
and answery
to the questions. The upgrade can take quite awhile to complete. The last step is to reboot.
You'll now be upgraded to Ubuntu 13.10. Now do the following to upgrade to 14.04.
do-release-upgrade -d
. Answery
to all of the questions EXCEPT the question about disabling root access - we'll do that later.
Now you'll follow the Ubuntu directions for upgrading to 14.10.
- Follow the instructions at My First 5 Minutes On A Server; Or, Essential Security for Linux Servers to get yourself a secure foundation to begin.
sudo dpkg-reconfigure tzdata
and set your local timezone.sudo hostnamectl set-hostname hostname.your_domain.com
to set your hostnamesudo apt-get install unbound
thensudo nano /etc/resolv.conf
and addnameserver 127.0.0.1
to the top.
- I'm going to paraphrase from the Tor instructions
- find your ubuntu version codename by running
lsb_release -c
. For Ubuntu 14.10 it'sutopic
. - add
deb http://deb.torproject.org/torproject.org utopic main
to/etc/apt/sources.list
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get update
sudo apt-get install tor tor-arm
- edit
/etc/tor/torrc
and make the following changes
ORPort 443 # We pick 443 because other ports might be blocked in censored countries
Address hostname.your_domain.com
Nickname somenickname
AccountingStart month 1 00:00
AccountingMax 2000 GBytes
ContactInfo Your Name <contact@your_domain.com>
ExitPolicy reject *:*
DirPort 80
DirPortFrontPage /etc/tor/tor-exit-notice.html
BridgeDistribution email # it could be one of https, moat, email, telegram, settings, reserved
PublishServerDescriptor 1
cp /usr/share/doc/tor/tor-exit-notice.html /etc/tor/tor-exit-notice.html
service tor restart
and ensure there are no errors- backup
/var/lib/tor/keys/secret_id_key
and/var/lib/tor/fingerprint
to a secure location. You'll need this key if you want to set up the same node on a new server.
You should fully understand the implications of running an exit node before doing so. Read Tips for Running an Exit Node with Minimal Harassment before proceeding.
To become an exit node you simply need to change your ExitPolicy
. Take a look at the recommended Reduced Exit Policy and add that to /etc/tor/torrc
in place of ExitPolicy reject *:*
.
Mirroring a website via a tor hidden service.
- Sign up for the tor-announce and tor-relays mailing lists.
- run
sudo -u debian-tor arm
to get a nice console for your relay
- Check out your stats on Globe
- Sign up for Tor Weather so you're notified if the relay goes down.
Please update or delete these gits. This configuration is not up-to-date for a public relay and set up your relay as a private one.