Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Tor Relay on Solar VPS w/ Ubuntu. Includes optional exit relay setup.

Setting up a Tor Relay on a Solar VPS

This guide is being written for someone who knows their way around Linux/Unix and is comfortable with the responsibility of running their own server. Running this configuration should cost you about $5/month. If you're not comfortable setting up your own server then donating that $5 to other Tor relay operators is still helpful.

Open the following pages up for reference. Ideally you should read through them before beginning.

I'm not going to present much if any new information in this guide. Mainly I'm putting it together while I follow all of these guides myself.

Solar VPS

  • make a new 0.5GB pod with Ubuntu 13.04 (the latest they offer, we'll upgrade it shortly)
  • Once it's created follow the notification to reset the root password
  • Add a DNS A record for your new node. I use torrelay1, torrelay2 ....
  • IMPORTANT: Contact Solar and tell them you plan to run a tor relay. They're currently OK with this and will appreciate the heads up.

Upgrading Ubuntu

  • ssh into your new vps as root
  • sudo sed -i -e 's/archive.ubuntu.com\|security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list -- This make is possible to upgrade to 13.10 since 13.04 is at EOL.
  • apt-get update && sudo apt-get dist-upgrade
  • do-release-upgrade -d and answer y to the questions. The upgrade can take quite awhile to complete. The last step is to reboot.

You'll now be upgraded to Ubuntu 13.10. Now do the following to upgrade to 14.04.

  • do-release-upgrade -d. Answer y to all of the questions EXCEPT the question about disabling root access - we'll do that later.

Now you'll follow the Ubuntu directions for upgrading to 14.10.

Securing your server

Other Server Configuration

  • sudo dpkg-reconfigure tzdata and set your local timezone.
  • sudo hostnamectl set-hostname hostname.your_domain.com to set your hostname
  • sudo apt-get install unbound then sudo nano /etc/resolv.conf and add nameserver 127.0.0.1 to the top.

Installing Tor

  • I'm going to paraphrase from the Tor instructions
  • find your ubuntu version codename by running lsb_release -c. For Ubuntu 14.10 it's utopic.
  • add deb http://deb.torproject.org/torproject.org utopic main to /etc/apt/sources.list
  • gpg --keyserver keys.gnupg.net --recv 886DDD89
  • gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
  • sudo apt-get update
  • sudo apt-get install tor tor-arm

Configuring Tor as a non-exit relay

  • edit /etc/tor/torrc and make the following changes
ORPort 443 # We pick 443 because other ports might be blocked in censored countries
Address hostname.your_domain.com
Nickname somenickname
AccountingStart month 1 00:00
AccountingMax 2000 GBytes
ContactInfo Your Name <contact@your_domain.com>
ExitPolicy reject *:*
DirPort 80
DirPortFrontPage /etc/tor/tor-exit-notice.html
  • cp /usr/share/doc/tor/tor-exit-notice.html /etc/tor/tor-exit-notice.html
  • service tor restart and ensure there are no errors
  • backup /var/lib/tor/keys/secret_id_key and /var/lib/tor/fingerprint to a secure location. You'll need this key if you want to set up the same node on a new server.

Configuring your relay as an exit node

You should fully understand the implications of running an exit node before doing so. Read Tips for Running an Exit Node with Minimal Harassment before proceeding.

To become an exit node you simply need to change your ExitPolicy. Take a look at the recommended Reduced Exit Policy and add that to /etc/tor/torrc in place of ExitPolicy reject *:*.

Mirroring a website via a tor hidden service.

Final tasks

  • Sign up for the tor-announce and tor-relays mailing lists.
  • run sudo -u debian-tor arm to get a nice console for your relay

After your relay has been up for more than a day

  • Check out your stats on Globe
  • Sign up for Tor Weather so you're notified if the relay goes down.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.