On Friday, October 11, 2019, 02:26:27 PM PDT, John Newman <j...@synfin.org> wrote: On Fri, Oct 11, 2019 at 09:05:00PM +0000, jim bell wrote: > Somebody asked me a question, but because I am far from being an expert, I > couldn't answer. Suppose a person wanted to implement a TOR node, simply by > buying some box, and plugging it into his modem, and power. And NOT needing > to become an expert on TOR, or even on computers in general. And NOT having > to follow pages and pages of instructions. I did a few minutes of > searching, and even the 'simple' explanations seemed 'clear as mud'. > Don't bother with long explanations challenging the usefulness, or > trustworthiness of TOR. Yes, we've discussed them to death. That's a > different subject. Jim Bell
>On FreeBSD, it's as simple as running the following commands as root ># install tor pkg install tor ># set appropriate variables, there aren't too many to get going and # you can find them all well documented vi /usr/local/etc/tor/torrc ># update your rc.conf so the service will start at boot, then start it sysrc tor_enable=YES service tor start >For an idea of what the torrc file should look like, here is mine with a few bits XXX'd out. My node is specifically configured not to allow exit traffic because it was generating a lot of complaints upstream about my host trying to hack peoples shit, etc :) ># cat /usr/local/etc/tor/torrc | egrep -v "^$|^#" SocksPort 9050 SocksPolicy accept 127.0.0.1 SocksPolicy reject * Log notice file /var/log/tor/notices.log RunAsDaemon 1 DataDirectory /var/db/tor ControlPort 9051 HashedControlPassword XXXXXXXXXXXXXX ORPort 9023 Exitpolicy reject *:* # too many complaints :) Nickname twentysevendollars Address wintermute.synfin.org OutboundBindAddress 198.154.106.54 RelayBandwidthRate 3265 KBytes # playing with this RelayBandwidthBurst 4355 KBytes # ditto ContactInfo 0CA8B961 John Torman <tor @ synfin dot org> DirPort 9030 # what port to advertise for directory connections MyFamily XXXXXXXXXXXXX >If you were doing this on Linux, it would be much the same. Replace the "pkg install" with "apt-get install" or "yum install" or whatever, you might have to add a tor repo or something. The config file probably won't live under /usr/local/etc/tor, but just /etc/tor, and you'll use systemctl rather than just updating the rc.conf with sysrc. >I would not recommend you run an exit node from your home ;) Yes, even years ago I was aware that a person shouldn't try to run an Exit node on a home setup. Although, I wonder if it has been tried? Sounds like a good beginning for a Wired article? After writing that, I found: https://blog.torproject.org/tips-running-exit-node No way!!! But you didn't answer my question. I said a simple box, and that is precisely what I meant. Power, Ethernet. Plug into existing Modem. Okay, I would understand it if the operator had to link it to the network by accessing a web page and informing them of the new IP address, but that's the level of complexity I was thinking about. (Except for a box that already "knows" how to link up and start running.) Could one of the problems with the TOR network be that only "experts" are likely to participate? Also note: I am referring to a situation where a person does not need, and does not want, the benefit of TOR for himself; Just wants to add his "brick in the wall" to the nodes. Has a spare $100 or so for the box, and has unlimited-usage gigabit/second Internet service. (I see that Centurylink provides them for $65/month, probably subject to tax, as well.) Jim Bell