Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
I like to try this chnage as well - where do I find this file/parameter exactly? Thanks Am 11.06.2016 um 20:11 schrieb SuperSluether: > Fixed it! And I feel like I'm going crazy. If I'm reading the logs > correctly, Tor is signaling readiness to systemd /1 hundredth of a > second (0.01)/ past the 120s limit. I changed the limit to 300s in the > tor@default.service file, and all is well. > > Thanks Peter, you really steered me in the right direction. I should > probably start checking logs first when something stops working... > > On 06/11/2016 09:50 AM, SuperSluether wrote: >> Ok maybe I spoke too soon. After running rpi-update and rebooting, >> it's still having trouble starting. I'll poke around and see if I can >> find anything. Worst case scenario, I don't have enough RAM and need >> to turn something off, which means I'm wasting everyone's time with this. >> >> On 06/11/2016 09:35 AM, SuperSluether wrote: >>> I have the Raspberry Pi Model B 2, which has an ARM7 processor. As >>> such, I am able to use the official Debian repository without issue. >>> Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at >>> version 215-17+deb8u4. >>> >>> I poked around in syslog, and found this: >>> >>> systemd[1]: tor@default.service start operation timed out. Terminating. >>> >>> After increasing the systemd timeout (from 90s to 300s) Tor is >>> running properly. Thanks for the help! I'm guessing this happened >>> because I just have too much running on this thing. (Plex Media >>> Server, Deluge BitTorrent Client, Tor) >>> >>> On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: > After rebooting my Raspberry Pi for a few updates, Tor is not working > properly. From the logs, > > [warn] OpenSSL version from headers does not match the version > we're running > with. If you get weird crashes, that might be why. (Compiled with > 100010bf: > OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 > May > 2016). > > Everything else in the log looks normal, but right after bootstrap 85% > (finishing handshake with first hop) it says this: > > [notice] Interrupt: we have stopped accepting new connections, and > will shut > down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) >>> >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Happy to read this! And thx for sharing this solution ;) Le 11/06/2016 à 20:11, SuperSluether a écrit : > Fixed it! And I feel like I'm going crazy. If I'm reading the logs > correctly, Tor is signaling readiness to systemd /1 hundredth of a > second (0.01)/ past the 120s limit. I changed the limit to 300s in the > tor@default.service file, and all is well. > > Thanks Peter, you really steered me in the right direction. I should > probably start checking logs first when something stops working... > > On 06/11/2016 09:50 AM, SuperSluether wrote: >> Ok maybe I spoke too soon. After running rpi-update and rebooting, >> it's still having trouble starting. I'll poke around and see if I can >> find anything. Worst case scenario, I don't have enough RAM and need >> to turn something off, which means I'm wasting everyone's time with >> this. >> >> On 06/11/2016 09:35 AM, SuperSluether wrote: >>> I have the Raspberry Pi Model B 2, which has an ARM7 processor. As >>> such, I am able to use the official Debian repository without issue. >>> Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at >>> version 215-17+deb8u4. >>> >>> I poked around in syslog, and found this: >>> >>> systemd[1]: tor@default.service start operation timed out. Terminating. >>> >>> After increasing the systemd timeout (from 90s to 300s) Tor is >>> running properly. Thanks for the help! I'm guessing this happened >>> because I just have too much running on this thing. (Plex Media >>> Server, Deluge BitTorrent Client, Tor) >>> >>> On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: > After rebooting my Raspberry Pi for a few updates, Tor is not working > properly. From the logs, > > [warn] OpenSSL version from headers does not match the version > we're running > with. If you get weird crashes, that might be why. (Compiled with > 100010bf: > OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t > 3 May > 2016). > > Everything else in the log looks normal, but right after bootstrap > 85% > (finishing handshake with first hop) it says this: > > [notice] Interrupt: we have stopped accepting new connections, and > will shut > down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) >>> >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Fixed it! And I feel like I'm going crazy. If I'm reading the logs correctly, Tor is signaling readiness to systemd /1 hundredth of a second (0.01)/ past the 120s limit. I changed the limit to 300s in the tor@default.service file, and all is well. Thanks Peter, you really steered me in the right direction. I should probably start checking logs first when something stops working... On 06/11/2016 09:50 AM, SuperSluether wrote: Ok maybe I spoke too soon. After running rpi-update and rebooting, it's still having trouble starting. I'll poke around and see if I can find anything. Worst case scenario, I don't have enough RAM and need to turn something off, which means I'm wasting everyone's time with this. On 06/11/2016 09:35 AM, SuperSluether wrote: I have the Raspberry Pi Model B 2, which has an ARM7 processor. As such, I am able to use the official Debian repository without issue. Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at version 215-17+deb8u4. I poked around in syslog, and found this: systemd[1]: tor@default.service start operation timed out. Terminating. After increasing the systemd timeout (from 90s to 300s) Tor is running properly. Thanks for the help! I'm guessing this happened because I just have too much running on this thing. (Plex Media Server, Deluge BitTorrent Client, Tor) On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: After rebooting my Raspberry Pi for a few updates, Tor is not working properly. From the logs, [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Everything else in the log looks normal, but right after bootstrap 85% (finishing handshake with first hop) it says this: [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TORRC Exit not obeying httproxy
It seemed to me that all outgoing was going via the proxy as the proxy was busy with the traffic, and the logs had many messages from the proxy server, such as the occasional refusal to connect to an IP address, but you have explained why I would see something like that. My server without tor is quiet and underused with no limits of traffic per month. It has been fast so would still like to use it for TOR. The server has two IPs. One dedicated to Tor. I also have anonymous VPN elsewhere. I am trying to work out how to route all traffic on the 2nd Tor IP to via my fast anonymous private VPN. I think I will need iproute2 at the very least. Anyone done this? Instructions appreciated. The alternative would be to move to a UK TOR friendly ISP, but those seem to have bandwidth limits and would be another expense. Tor friendly VPNs easier to come by. I doubt I can convince my current ISP to accept TOR officially. Abuse and the running of any proxy server are in their TOC as reasons to terminate. They must have seen my Tor running over the years and seen the tetrabyte go by. They can log in must have spotted it running, but they have never commented on it. I suspect we are both politely avoiding the subject. They just post me the abuse notices and now say "too many" Gerry -Original Message- From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of s7r Sent: 11 June 2016 12:39 To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] TORRC Exit not obeying httproxy Hi, First, thanks for running a relay. Those settings do not ensure the EXIT traffic generated by your server goes via any proxy. OutboundBindAddress IP - this is the IP address Tor will use for outgoing connections. This is the IP address which will be seen by destinations accessed by Tor clients using your server, this is the IP address which will receive abuse complaints. HTTPSProxy service:port HTTPProxyAuthenticator name password These 2 settings refer for Tor usage as a CLIENT, not as a relay. This means that the proxy listed at HTTPSProxy will be used by your Tor to create its own circuits. They do not count for the relay usage. In simple words, if you use that Tor instance as a client (SocksPort 127.0.0.1:9050 or whatever) either locally on that VPS either via a SSH tunnel, and you build a circuit to connect to browse a website, Tor will connect to the Guard (1st relay in the hop) via the proxy at HTTPSProxy. But if I use your VPS as an exit in my circuit, the client functionality at your side has nothing to do with it, and I will just get the IP at OutboundBindAddress. What you are trying can be achieved via more complex upstream iptables rules, which will force all traffic going through a proxy. There is no torrc option for configuring a proxy for EXIT traffic. Also, an exit shouldn't only allow http/https traffic. I would go for the easy option here which is convincing your vps provider that: - your vps is not infected in any way and it only relays anonymous traffic for privacy concerned users, helping a global network of over 7000 volunteers - your vps is properly secured and uses up to date software and it is well protected from unauthorized authentications - you will keep the vps for as long as you can, and only the ip address of your vps will be affected, which is dedicated, their other customers will have no draw back of any kind - you will respond to all serious (non automated) abuse complaints send by authorities within 48 hours after they are forwarded to you. hope this helps, keep running exits! On 6/11/2016 1:49 PM, Dr Gerard Bulger wrote: > My tor exit node has been using a https proxy for a long time with > great success in that I have had no abuse complaints directed to me and my VPS > provider. Until recently. > > Traffic has increased as I made the bandwidth wider, which might be an > explanation. > > I am getting complaints directed to my actual IP. > It looks as if tor is sending data DIRECT and not obeying the lines > completely, all the time. TORRC > OutboundBindAddress IP (second IP of server) HTTPSProxy service:port > HTTPProxyAuthenticator name password When I took out the > OutboundBindAddress I just got complaints directed to the first IP. > > I assumed the lines FORCED proxy use. This might not be the case in higher > traffic? > > Gerry > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Relay Fingerprint Changed After Updates
Hi All, I had a weird event happen where the fingerprint of my relay changed after updates to the OS. The host is running Debian 8.3 and the Tor version was at 0.2.7.6 at the time of update. Apt was used to update packages and the following packages were installed/upgraded. libapt-inst1.5:amd64 (1.0.9.8.3) libssl1.0.0:amd64 (1.0.1t-1+deb8u2) libidn11:amd64 (1.29-1+deb8u1) libtasn1-6:amd64 (4.2-3+deb8u2) libxml2:amd64 (2.9.1+dfsg1-5+deb8u2) libcairo2:amd64 (1.14.0-2.1+deb8u1) libexpat1:amd64 (2.1.0-6+deb8u3) libglib2.0-0:amd64 (2.42.1-1+b1) libgdk-pixbuf2.0-common (2.31.1-2+deb8u5) libgdk-pixbuf2.0-0:amd64 (2.31.1-2+deb8u5) libgtk2.0-common (2.24.25-3+deb8u1) libgtk2.0-0:amd64 (2.24.25-3+deb8u1) libgtk2.0-bin (2.24.25-3+deb8u1) libnettle4:amd64 (2.7.1-5+deb8u1) libhogweed2:amd64 (2.7.1-5+deb8u1) libksba8:amd64 (1.3.2-1+deb8u1) apt-utils (1.0.9.8.3) libxapian22 (1.2.19-1+deb8u1) locales (2.19-18+deb8u4) openssh-client (1:6.7p1-5+deb8u2) openssh-sftp-server (1:6.7p1-5+deb8u2) openssh-server (1:6.7p1-5+deb8u2) openssl (1.0.1t-1+deb8u2) After the updates completed I checked on the status of the relay and noticed that it was not running and started the Tor process again. After starting the process the fingerprint changed. My relay BrownLine was 9504CB22EEB25D344DE63CB7A6F2C46F895C3686 and now after updates is 9C8A123081EFBE022EF795630F447839DDFDDDEC. I have looked through Tor logs and can find nothing of value but heartbeat notices. I have also reviewed system logs and can find nothing out of the ordinary. Any thoughts on this? Any help would be appreciated. I will also open a bug report if needed. Thanks! //Brian 0x5E17D55A.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Ok maybe I spoke too soon. After running rpi-update and rebooting, it's still having trouble starting. I'll poke around and see if I can find anything. Worst case scenario, I don't have enough RAM and need to turn something off, which means I'm wasting everyone's time with this. On 06/11/2016 09:35 AM, SuperSluether wrote: I have the Raspberry Pi Model B 2, which has an ARM7 processor. As such, I am able to use the official Debian repository without issue. Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at version 215-17+deb8u4. I poked around in syslog, and found this: systemd[1]: tor@default.service start operation timed out. Terminating. After increasing the systemd timeout (from 90s to 300s) Tor is running properly. Thanks for the help! I'm guessing this happened because I just have too much running on this thing. (Plex Media Server, Deluge BitTorrent Client, Tor) On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: After rebooting my Raspberry Pi for a few updates, Tor is not working properly. From the logs, [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Everything else in the log looks normal, but right after bootstrap 85% (finishing handshake with first hop) it says this: [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
I have the Raspberry Pi Model B 2, which has an ARM7 processor. As such, I am able to use the official Debian repository without issue. Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at version 215-17+deb8u4. I poked around in syslog, and found this: systemd[1]: tor@default.service start operation timed out. Terminating. After increasing the systemd timeout (from 90s to 300s) Tor is running properly. Thanks for the help! I'm guessing this happened because I just have too much running on this thing. (Plex Media Server, Deluge BitTorrent Client, Tor) On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: After rebooting my Raspberry Pi for a few updates, Tor is not working properly. From the logs, [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Everything else in the log looks normal, but right after bootstrap 85% (finishing handshake with first hop) it says this: [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
So yes, your RPi is using the Tor repo ;) deb http://deb.torproject.org/torproject.org jessie main deb-src http://deb.torproject.org/torproject.org jessie main my sources.list got this only line : deb http://mirrordirector.raspbian.org/raspbian/ jessie main contrib non-free rpi I've to check with my 2nd RPi + Tor repo... Sadly not enough time for now, may be this evening... Le 11/06/2016 à 14:40, pa011 a écrit : > Hi Petrusko, > > yes I read this "Raspbian is not Debian" > > my /etc/apt/sources.list looks like this: > > deb http://archive.raspbian.org/raspbian jessie main contrib non-free > deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free > deb http://ftp.debian.org/debian jessie main > deb http://deb.torproject.org/torproject.org jessie main > deb-src http://deb.torproject.org/torproject.org jessie main > > Thanks > > > Am 11.06.2016 um 14:17 schrieb Petrusko: >> Hey! >> >> I see in your logs the Tor 0.2.7.6 (git-605ae665009853bd) is used. >> >> This Tor version is running fine on my _Debian_ relay, 'cause I've set >> up the _Tor repo_ in the /etc/apt/sources.list >> >> But on _Raspbian_, I'm not sure if using the Tor repo is 100% ok... :s >> https://www.torproject.org/docs/debian.html.en#ubuntu : >> << *Raspbian is not Debian.* These packages will be confusingly broken >> for Raspbian users, since Raspbian called their architecture armhf but >> Debian already has an armhf.>> >> >> May be I'm wrong... >> I've to try Tor repo on a 2nd RPi I've got for spare, to be sure... >> Are you using the Tor repo as I guess ? and Raspbian 8 jessie ? >> >> Raspbian repo are ok, not as updated as the Tor repo, but it's working ;) >> >> >> >> Le 11/06/2016 à 13:32, pa011 a écrit : >>> Same problem here today after several updates... >>> rpi-update doesn’t solve the issue unfortunately >>> log-file looks like this: >>> >>> Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. >>> Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening >>> log file. >>> Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match >>> the version we're running with. If you get weird crashes, that might be >>> why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running >>> with 1000114f: OpenSSL 1.0.1t 3 May 2016). >>> >>> Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running >>> on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. >>> >>> Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting >>> Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server >>> Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network >>> Jun 11 13:22:54.000 [notice] Signaled readiness to systemd >>> Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with >>> first hop >>> Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new >>> connections, and will shut down in 30 seconds. Interrupt again to exit now. >>> Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. >>> >>> >>> >>> >>> Am 11.06.2016 um 11:45 schrieb Petrusko: apt-get install rpi-update >>> >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Hi Petrusko, yes I read this "Raspbian is not Debian" my /etc/apt/sources.list looks like this: deb http://archive.raspbian.org/raspbian jessie main contrib non-free deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free deb http://ftp.debian.org/debian jessie main deb http://deb.torproject.org/torproject.org jessie main deb-src http://deb.torproject.org/torproject.org jessie main Thanks Am 11.06.2016 um 14:17 schrieb Petrusko: > Hey! > > I see in your logs the Tor 0.2.7.6 (git-605ae665009853bd) is used. > > This Tor version is running fine on my _Debian_ relay, 'cause I've set > up the _Tor repo_ in the /etc/apt/sources.list > > But on _Raspbian_, I'm not sure if using the Tor repo is 100% ok... :s > https://www.torproject.org/docs/debian.html.en#ubuntu : > << *Raspbian is not Debian.* These packages will be confusingly broken > for Raspbian users, since Raspbian called their architecture armhf but > Debian already has an armhf.>> > > May be I'm wrong... > I've to try Tor repo on a 2nd RPi I've got for spare, to be sure... > Are you using the Tor repo as I guess ? and Raspbian 8 jessie ? > > Raspbian repo are ok, not as updated as the Tor repo, but it's working ;) > > > > Le 11/06/2016 à 13:32, pa011 a écrit : >> Same problem here today after several updates... >> rpi-update doesn’t solve the issue unfortunately >> log-file looks like this: >> >> Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. >> Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening >> log file. >> Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match >> the version we're running with. If you get weird crashes, that might be >> why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running >> with 1000114f: OpenSSL 1.0.1t 3 May 2016). >> >> Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running >> on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. >> >> Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting >> Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server >> Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network >> Jun 11 13:22:54.000 [notice] Signaled readiness to systemd >> Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with >> first hop >> Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new >> connections, and will shut down in 30 seconds. Interrupt again to exit now. >> Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. >> >> >> >> >> Am 11.06.2016 um 11:45 schrieb Petrusko: >>> apt-get install rpi-update >> >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Hey! I see in your logs the Tor 0.2.7.6 (git-605ae665009853bd) is used. This Tor version is running fine on my _Debian_ relay, 'cause I've set up the _Tor repo_ in the /etc/apt/sources.list But on _Raspbian_, I'm not sure if using the Tor repo is 100% ok... :s https://www.torproject.org/docs/debian.html.en#ubuntu : << *Raspbian is not Debian.* These packages will be confusingly broken for Raspbian users, since Raspbian called their architecture armhf but Debian already has an armhf.>> May be I'm wrong... I've to try Tor repo on a 2nd RPi I've got for spare, to be sure... Are you using the Tor repo as I guess ? and Raspbian 8 jessie ? Raspbian repo are ok, not as updated as the Tor repo, but it's working ;) Le 11/06/2016 à 13:32, pa011 a écrit : > Same problem here today after several updates... > rpi-update doesn’t solve the issue unfortunately > log-file looks like this: > > Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. > Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening > log file. > Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match > the version we're running with. If you get weird crashes, that might be > why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running > with 1000114f: OpenSSL 1.0.1t 3 May 2016). > > Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running > on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. > > Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting > Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server > Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network > Jun 11 13:22:54.000 [notice] Signaled readiness to systemd > Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with > first hop > Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new > connections, and will shut down in 30 seconds. Interrupt again to exit now. > Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. > > > > > Am 11.06.2016 um 11:45 schrieb Petrusko: >> apt-get install rpi-update > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TORRC Exit not obeying httproxy
Hi, First, thanks for running a relay. Those settings do not ensure the EXIT traffic generated by your server goes via any proxy. OutboundBindAddress IP - this is the IP address Tor will use for outgoing connections. This is the IP address which will be seen by destinations accessed by Tor clients using your server, this is the IP address which will receive abuse complaints. HTTPSProxy service:port HTTPProxyAuthenticator name password These 2 settings refer for Tor usage as a CLIENT, not as a relay. This means that the proxy listed at HTTPSProxy will be used by your Tor to create its own circuits. They do not count for the relay usage. In simple words, if you use that Tor instance as a client (SocksPort 127.0.0.1:9050 or whatever) either locally on that VPS either via a SSH tunnel, and you build a circuit to connect to browse a website, Tor will connect to the Guard (1st relay in the hop) via the proxy at HTTPSProxy. But if I use your VPS as an exit in my circuit, the client functionality at your side has nothing to do with it, and I will just get the IP at OutboundBindAddress. What you are trying can be achieved via more complex upstream iptables rules, which will force all traffic going through a proxy. There is no torrc option for configuring a proxy for EXIT traffic. Also, an exit shouldn't only allow http/https traffic. I would go for the easy option here which is convincing your vps provider that: - your vps is not infected in any way and it only relays anonymous traffic for privacy concerned users, helping a global network of over 7000 volunteers - your vps is properly secured and uses up to date software and it is well protected from unauthorized authentications - you will keep the vps for as long as you can, and only the ip address of your vps will be affected, which is dedicated, their other customers will have no draw back of any kind - you will respond to all serious (non automated) abuse complaints send by authorities within 48 hours after they are forwarded to you. hope this helps, keep running exits! On 6/11/2016 1:49 PM, Dr Gerard Bulger wrote: > My tor exit node has been using a https proxy for a long time with great > success in that I have had no abuse complaints directed to me and my VPS > provider. Until recently. > > Traffic has increased as I made the bandwidth wider, which might be an > explanation. > > I am getting complaints directed to my actual IP. > It looks as if tor is sending data DIRECT and not obeying the lines > completely, all the time. TORRC > OutboundBindAddress IP (second IP of server) > HTTPSProxy service:port > HTTPProxyAuthenticator name password > When I took out the OutboundBindAddress I just got complaints directed to > the first IP. > > I assumed the lines FORCED proxy use. This might not be the case in higher > traffic? > > Gerry > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Same problem here today after several updates... rpi-update doesn’t solve the issue unfortunately log-file looks like this: Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening log file. Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network Jun 11 13:22:54.000 [notice] Signaled readiness to systemd Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. Am 11.06.2016 um 11:45 schrieb Petrusko: > apt-get install rpi-update signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] TORRC Exit not obeying httproxy
My tor exit node has been using a https proxy for a long time with great success in that I have had no abuse complaints directed to me and my VPS provider. Until recently. Traffic has increased as I made the bandwidth wider, which might be an explanation. I am getting complaints directed to my actual IP. It looks as if tor is sending data DIRECT and not obeying the lines completely, all the time. TORRC OutboundBindAddress IP (second IP of server) HTTPSProxy service:port HTTPProxyAuthenticator name password When I took out the OutboundBindAddress I just got complaints directed to the first IP. I assumed the lines FORCED proxy use. This might not be the case in higher traffic? Gerry ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
If it can give some informations: My RPi updated, with Raspbian repo used for the system + Tor : tor --version Tor version 0.2.5.12 (git-3731dd5c3071dcba) openssl version OpenSSL 1.0.1t 3 May 2016 (looks like your!) I got no lines like yours in my log file... Humm, I remember some bugs with openssl and RPi firmware... not sure about the versions... It has been solved after a "rpi-update". If not recognized : apt-get install rpi-update then reboot. Le 11/06/2016 à 04:42, SuperSluether a écrit : > After rebooting my Raspberry Pi for a few updates, Tor is not working > properly. From the logs, > > [warn] OpenSSL version from headers does not match the version we're > running with. If you get weird crashes, that might be why. (Compiled > with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: > OpenSSL 1.0.1t 3 May 2016). > > Everything else in the log looks normal, but right after bootstrap 85% > (finishing handshake with first hop) it says this: > > [notice] Interrupt: we have stopped accepting new connections, and > will shut down in 30 seconds. Interrupt again to exit now. > > What do I do now? I have all the latest updates installed on this > system, including the latest (stable) version of Tor. > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Petrusko PubKey EBE23AE5 C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
On Fri, 10 Jun 2016, SuperSluether wrote: > After rebooting my Raspberry Pi for a few updates, Tor is not working > properly. From the logs, > > [warn] OpenSSL version from headers does not match the version we're running > with. If you get weird crashes, that might be why. (Compiled with 100010bf: > OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May > 2016). > > Everything else in the log looks normal, but right after bootstrap 85% > (finishing handshake with first hop) it says this: > > [notice] Interrupt: we have stopped accepting new connections, and will shut > down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays