On Thu, Jun 05, 2014 at 05:58:46PM -0800, I wrote: > S7R, > > That is a start. > But where is the full and exemplary answer for someone like me who really > wants to get it right but doesn't know how to set the DirFrontPage up or the > NTP syncing? > > Roger says to try the tor-relay list but that has almost no chance of > satisfying the need. Responses to my questions have been condescending and > smartarse or illinformed from people speaking beyond their ability which is > worse. > > There ought to be a detailed guide for Tor being set-up on hired servers well > intending people answering the call for more Tor nodes and specifically exits. > The EFF Challenge does the encouraging but points to the Tor site for what, I > find, is inadequate help. > > The presumption must be that the person does not know Linux well nor network > security. > > Robert
tl;dr Thank you for wanting to run a relay. If you think the documentation is lacking specific information, or if it is confusing, please say so. It usually doesn't change unless someone says something. Hi Robert, There are two unfortunate situations for which we need to account. 1) It's actually very difficult for the current developers to know what qualifies as a "full and exemplary answer". The documentation can be written, and maybe this should be, but the reality is that Tor doesn't have the resources to explain in detail how someone should configure their server. At this point tor runs on many different systems, but the only truely supported, plug-n-play OS is Debian GNU/Linux. Roger already mentioned it, but [0] does describe some basic configuration changes and does have some good post-installation suggestions. Admittedly, it's not perfect and is probably lacking some vital information, so if you can provide some suggestions then that will help everyone. The OperationalSecurity wiki page that Roger mentioned and that is linked from [0] is more of an ideal situation. Some of it is absolutely a good idea to follow (please!), but the most important parts are generally basic tasks, such as keep your OS up-to-date. If you are using a VPS, or a similar shared hosting environment, then some of the information will not be applicable, i.e. "Physical Security" and "Reliability". But that page will probably be confusing to those users with little experience, it isn't written in a way that helps someone learn how to secure their system, which is sad. (Luckily it's on a Wiki, so anyone can correct this ;) ) With regard to insufficient documentation about setting DirPortFrontPage and maintaining a synchronized system clock, it may be a good idea to add these to the "Step Four: Once it is working" section on [0]. Overall, a mix of [1] and [2] is a good combination, unfortunately it may not be obvious which parts you want to follow from [1] and which you want to follow on [2] (such as if you are using Debian rather than Ubuntu). This is a great discussion to have on tor-relays. I'm sorry that you had bad experiences in the past. 2) Expanding the Tor network is vitally important, but the network itself and many Tor users have powerful adversaries. There must be a way to balance adding an amazing number of insufficiently secure nodes and growing the network at a slower rate. Maybe having a pre-configured, installable, OS would make this easier, but the network also needs diversity which this would hurt and creating and maintaining something like this is not currently feasible. If someone within the community has the time and ability to write detailed, step-by-step documentation on the Wiki, then it sounds like this will be a great step in the right direction, but until this happens, sites like [3] are good places to start. Also note that if you aren't comfortable administering a server then there are other ways you can help Tor and the Tor network [4] (and the other "Help another way" options). But, most importantly, if you think the documentation is lacking specific information, or if it is confusing, please say so. It usually doesn't change unless someone says something. Really, though, despite everything else, thank you for wanting to run a relay. Thanks, Matt [0] https://www.torproject.org/docs/tor-relay-debian.html.en [1] https://www.torservers.net/wiki/setup/server [2] https://www.torproject.org/docs/debian.html.en#ubuntu [3] https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html [4] https://www.torproject.org/donate/donate-service.html.en -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
