[tor-relays] Snowflake vs bridge on home connection on a Raspberry Pi 4

Hi all, I have a fiber connection at home and I would like to run a bridge or standalone Snowflake proxy on a dedicated Raspberry Pi 4. I have been reading some threads [1][2] from this list about the topic, but it is not completely clear to me what would be the best choice. The requirements

[tor-relays] FallbackDirectoryMirrors relay IP change

Hi, After 7+ years of running a relay on DigitalOcean, I have decided to move it somewhere else, as there are cheaper options. I kept the same keys and fingerprint and it seems that it has been picked up correctly on Atlas/Tor metrics, as it is showing with the new IP. I believe that this relay

Re: [tor-relays] ExtOrPort settings for obsf4, obfs3 and firewall

Hi, On 01/08/2018 15:24, Cristian Consonni wrote: > One question, I can make the ORPort and obfs4 PT port listen on port 80 > or 443, which I assume are less filtered by company firewalls. In the end I set up the obfs4 PT to listen on port 443 and ORport on port 80. These two ticke

Re: [tor-relays] ExtOrPort settings for obsf4, obfs3 and firewall

Hi, On 31/07/2018 21:49, Alexander Dietrich wrote: > On 2018-07-31 16:27, Cristian Consonni wrote: > >> so I am assuming that to test my bridge it is not sufficient to know >> which pluggable transport is running, the IP address and the port. I >> need the cert string

Re: [tor-relays] ExtOrPort settings for obsf4, obfs3 and firewall

Hi, On 26/07/2018 00:24, teor wrote: > If you have multiple IP addresses, you can run multiple bridges on the > same connection. I don't, in fact I am using a small (fanless) machine from my home connection. I was thinking if I could test the relay by configuring my Tor browser to use my

Re: [tor-relays] ExtOrPort settings for obsf4, obfs3 and firewall

bridge. > On 2018-07-23 16:03, Cristian Consonni wrote: >> Thanks in advance (I am sorry for the flood of stupid question, but I >> prefer to ask a stupid question that having things not work and not >> understanding why...) On 23/07/2018 23:36, Alexander Dietrich wrote

[tor-relays] ExtOrPort settings for obsf4, obfs3 and firewall

Hi, Form the instructions to install obsf4: https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4proxy --- ``` ExtORPort auto ``` [...] ``` [notice] Registered server transport 'obfs4' at '[::]:46396' ``` Remember the random port associated to your bridge needs to be

Re: [tor-relays] Bridges and MyFamily setting

On 22/07/2018 18:57, nusenu wrote: >> I am running a couple of relay nodes and now I would like to set a >> bridge relay. The `torrc` file says the following: >> --- >> ## Uncomment this if you run more than one Tor relay, and add the identity >> ## key fingerprint of each Tor relay you control,

[tor-relays] Bridges and MyFamily setting

Hi, I am running a couple of relay nodes and now I would like to set a bridge relay. The `torrc` file says the following: --- ## Uncomment this if you run more than one Tor relay, and add the identity ## key fingerprint of each Tor relay you control, even if they're on ## different networks. You

[tor-relays] Bandwidth limits for Fallback Directory Mirror

Hi, due to the new DigitalOcean billing terms for bandwidth (see this other thread [1]), I have limited my relay bandwidth to be sure I will stay withing the limits: ``` RelayBandwidthRate 360 KB # Throttle traffic to 100KB/s (800Kbps) RelayBandwidthBurst 720 KB # But allow bursts up to 200KB/s

Re: [tor-relays] Just got my first Abuse email :-)

Hi Paul, On 11/10/2017 13:28, Paul Templeton wrote: >> I believe in such case you are supposed to reply to your provider > I will For my experience, I do the same. >> There was a mini discussion recently on that, with the general consensus >> seeming to be that keeping it open is more trouble

[tor-relays] Encrypting the DataDir

On 15/05/2017 12:21, aeris wrote: > Private key are under encrypted volume and may be protected On 21/05/2017 10:02, Roger Dingledine wrote: > On Sun, May 21, 2017 at 09:12:39AM +0200, Petrusko wrote: >> @aeris, do they ask you to uncrypt the volume ? (good luck to you...) >> What can be the best

Re: [tor-relays] Who is running the two biggest Exits in the network?

On 27/05/2017 00:55, nusenu wrote: >> I'm just wanting to raise the point, that while lack of contact >> information may be concerning, in my opinion the contact information is >> definitely not something you should rely on to assess how untrustworthy >> a given relay is. A person or group with

Re: [tor-relays] Questions about OfflineMasterKey

Hi nusenu, thanks for your reply. On 27/05/2017 00:08, nusenu wrote: >> If I look inside the DataDir of one of my relays - a standard Debian >> install - see this: >> ``` >> ed25519_master_id_public_key >> ed25519_master_id_secret_key >> ed25519_signing_cert >> ed25519_signing_secret_key >>

Re: [tor-relays] New exit node best practices

On 27/05/2017 03:10, nusenu wrote: >> - I'm being very upfront with sales@ regarding my purpose before >> signing up, and making sure they're okay with it. > > That is great. I think this is a best practice, see also: https://blog.torproject.org/running-exit-node >> What questions should I be

[tor-relays] Questions about OfflineMasterKey

Hi, On 18/05/2017 10:45, nusenu wrote:>> Currently, my server hosting kitten1 and kitten2 (tor guard and fallback >> directory) is under seizure since 14/05 11h. butplease revoke >> immediatly kitten1 & kitten2 tor node. >> Those nodes are also fallback directory. > > I don't know any context or

Re: [tor-relays] Legal Status of Relays Worldwide [was: kittens seized]

On 21/05/2017 21:47, grarpamp wrote: >> On 21/05/2017 14:14, Nagaev Boris wrote: >> Can they force an operator to decrypt, if he lives in other country >> which is non-US and non-EU (e.g. Russia or China)? Does it make sense >> to run nodes in countries you don't live in or visit? > > If poor odds

Re: [tor-relays] Upgrading a relay and changing IP address

On 24/05/2017 03:25, teor wrote: >> On 24 May 2017, at 01:05, Cristian Consonni <crist...@balist.es> wrote: >> I am a little bit perplexed because I responded to a call for fallback >> dirs last December (Dec 2016), but then I got no answer or confirmation >> that t

[tor-relays] Upgrading a relay and changing IP address

Hi, On 18/05/2017 01:56, Gunnar Wolf wrote: > Cristian Consonni dijo [Wed, May 17, 2017 at 05:04:29PM +0200]: >> AS you can see from the Debian package page[1] the latest available >> version of Tor packaged for Wheezy is 0.2.4.27-3, which to me looks >> quite behind either

Re: [tor-relays] Bandwidth settings

Hi, On 12/05/2017 19:27, tor wrote: >> 2. or would Verizon notice first the bandwidth or the amount of data going >> through our connection? Which would be the first limit? Bandwidth or data? > > It looks like Verizon has a soft cap for FIOS customers, between 4 to 10 TB > per month: > >

Re: [tor-relays] Tor version on Debian Wheezy (oldstable)

Hi, On 17/05/2017 17:32, Matt Traudt wrote: > https://www.torproject.org/docs/debian.html.en On 17/05/2017 18:02, fco...@wardsback.org wrote: > I'm also running tor on wheezy : Currently running v0.2.9.9. > > To ease your life in remaining up to date, you can as well get tor from > the Tor

[tor-relays] Tor version on Debian Wheezy (oldstable)

Hi, On 16/05/2017 01:52, Roger Dingledine wrote: > For those of you who are not on tor-announce... now would be a good > time to remember to subscribe to tor-announce. :) I run a couple of relays with Debian 7 Wheezy, which is the old stable version. AS you can see from the Debian package

Re: [tor-relays] WannaCry fallout FYI

On 15/05/2017 09:38, Roger Dingledine wrote: > On Mon, May 15, 2017 at 09:17:33AM +0200, Cristian Consonni wrote: >>> | https://dist.torproject.org/torbrowser/6.5.1/tor-win32-0.2.9.10.zip >> >> Was the increased number of downloads from the malware visibile from th

Re: [tor-relays] Tor abuse complaints (per MBit/s)

2016-09-29 14:53 GMT+02:00 mick : > On Wed, 28 Sep 2016 22:05:33 -0700 > Sadia Afroz allegedly wrote: > >> We did not publish the report anywhere. >> I put it up on my site just for the ease of sharing it in the mailing >> list. > > Sadia > > With

Re: [tor-relays] Request for Tor abuse complaints

Hi, 2016-09-28 13:31 GMT+02:00 Sadia Afroz : > Can you please share the abuse complaints you received while running an > exit? [...] > We will appreciate if you can share the abuse complaints you received. > It will be valuable for us to better understand the abuse of

Re: [tor-relays] Got a visit from the police this morning..

2016-08-01 8:15 GMT+02:00 stig atle steffensen : > I decided today to turn the node into a non-exit node this morning. > The stress of not knowing if something will happen again is too much for me > to go around thinking about. > > I will rather donate some to torproject or

Re: [tor-relays] Tor-arm

2016-06-16 3:00 GMT+02:00 grarpamp : > On 6/14/16, NotRandom Someone wrote: >> What do you think about using tor-arm ? > > https://gitweb.torproject.org/nyx.git/ > > Arm now known as Nyx. On my node (running with Debian Jesse as OS) I have

Re: [tor-relays] Port knocking for SSH on a Tor node

Hi, 2016-05-03 17:30 GMT+02:00 goll : > Have you looked into Single Packet Authorization? > > http://www.cipherdyne.org/fwknop/ I saw it mentioned in one of the 2014 threads, but I didn't dig into it. I will take a look. Thanks. C ___

Re: [tor-relays] Port knocking for SSH on a Tor node

2016-05-03 16:25 GMT+02:00 Diarmaid McManus : > I would no longer recommend port knocking using a static port sequence. > Instead, I'd recommend knockknock by moxie, > https://github.com/moxie0/knockknock/blob/master/README I have discovered knockknock project just

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

2015-12-20 17:21 GMT+01:00 Remi Gacogne : >> On the other hand, I would say using a local DNS cache can increase both >> your relay's performance and perhaps offers a slight privacy gain to tor >> clients, given that a cached DNS response will be served directly to

Re: [tor-relays] Tor Weather not working?

2015-11-18 0:02 GMT+01:00 Green Dream : > It seems to be working at least some of the time, as I did receive a > notification to the same email address for another node, back in > mid-October. I have received today a notification after my node went down for ~20 hours.

Re: [tor-relays] webiron requesting to block several /24 subnet

2015-11-16 12:46 GMT+01:00 Josef 'veloc1ty' Stautner : > sorry, I marked that message as "Todo" but forgot :-) Thank you. This is very helpful!. > - > Hello Martin, > > I've blocked the whole /24 (originally the target IP

Re: [tor-relays] webiron requesting to block several /24 subnet

2015-11-17 0:36 GMT+01:00 Dhalgren Tor : > Webiron's system sends notifications to both the abusix.org contact > for the IP and to ab...@base-domain.tld for the reverse-DNS name of > the relay IP. So if you can configure abuse@ for the relay domain to > forward to you, you

Re: [tor-relays] webiron requesting to block several /24 subnet

Hi, 2015-10-21 22:23 GMT+02:00 teor : > Would you mind putting the statement on the wiki or posting it to this list? > > It might help other exit operators to respond to these kind of abuse reports. +1. Can somebody point me to this? I have just received a notification from

Re: [tor-relays] webiron requesting to block several /24 subnet

Il 17/Nov/2015 08:27, "Rejo Zenger" <r...@zenger.nl> ha scritto: > > ++ 17/11/15 02:08 +0100 - Cristian Consonni: > >2015-11-17 0:36 GMT+01:00 Dhalgren Tor <dhalgren@gmail.com>: > >> Webiron's system sends notifications to both the abusix.or

Re: [tor-relays] Tools for managing multiple relays

2015-10-15 16:45 GMT+02:00 : > If you have the ability to use 'tc' instead > of BandwidthRate (per posts earlier this month) > you should do that. RelayBandwidth* are not > intended for limiting bandwidth in dedicated > relays. Replace them with BandwidthRate > and

Re: [tor-relays] Tools for managing multiple relays

2015-10-14 23:46 GMT+02:00 Saint Aardvark the Carpeted : > An alternative to Puppet or Chef (and I'm a fan of both) would be > Ansible; it's much simpler to pick up, and uses SSH to connect to > machines to manage them -- no master server needed. I'd say

Re: [tor-relays] Tools for managing multiple relays

2015-10-14 23:35 GMT+02:00 : >>* given costant resource (i.e. euro/month) I can >>afford to run relays is it in general better to >>run one bigger relay or, say, two smaller ones. > > Based on a past thread, guessing you run > > __fs_ BV2 IT 344 71 6.10 L

Re: [tor-relays] IP and SWIP for a Tor exit node

Hi, 2015-09-27 16:42 GMT+02:00 Moritz Bartl : >> SWIP/RWHOIS/ARIN/RIPE is what can be read from the relevant Wikipedia >> pages. How can I ask my provider about this? > > You just ask. Only they can do it, so ask if they are willing to change > WHOIS records for your IP(s).

[tor-relays] Tools for managing multiple relays

Hi, I am currently running three small relays on two different services/ISPs. I have two somewhat unrelated questions: * given costant resource (i.e. euro/month) I can afford to run relays is it in general better to run one bigger relay or, say, two smaller ones. * are there any tools to manage

Re: [tor-relays] Tools for managing multiple relays

2015-10-14 23:00 GMT+02:00 Tim Wilson-Brown - teor <teor2...@gmail.com>: > > On 15 Oct 2015, at 07:55, Cristian Consonni <kikkocrist...@gmail.com> wrote: > I am currently running three small relays on two different services/ISPs. > > I have two somewhat unrelated q

Re: [tor-relays] IP and SWIP for a Tor exit node

Hi, 2015-09-27 1:35 GMT+02:00 : > (1) In the guide it is advised to "Get a separate IP for the node. . . > > You have the right idea. Tor-exit node IPs end up on all > sorts of black-lists and it's best to segregate exit traffic > from all other traffic. [...] >

Re: [tor-relays] IP and SWIP for a Tor exit node

2015-09-27 6:23 GMT+02:00 : >>I have bought some credit on Aruba. . . > > Looked at Aruba offerings, check this out > > https://serverdedicati.aruba.it/server-dedicati/basic-1-3.aspx > > For 15 euros/month you can have a dedicated > dual-core 1.6GHz with 100MBPS

[tor-relays] IP and SWIP for a Tor exit node

Hi, tl;dr: it is not clear to me what I should ask to my provider about SWIP, if this is something I can set up on my own and/or how I should ask for this to my provider. I have been running a couple of relays for some months (since the last EFF Tor challenge) and now I would like to operate an