torproject/webwml
1
0
Fork 0
mirror of https://github.com/torproject/webwml.git synced 2024-12-12 04:25:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8973afcf34
webwml/docs/en/tor-relay-debian.wml
Roger Dingledine 48db95c8c1 suggest 250 kilobytes/s as the floor for a relay
2014-10-10 23:52:28 +00:00

207 lines
7.7 KiB
Plaintext
Raw Blame History

## translation metadata
# Revision: $Revision$
# Translation-Priority: 2-medium
#include "head.wmi" TITLE="Tor Project: Relay Configuration Instructions on Debian/Ubuntu" CHARSET="UTF-8"
<div id="content" class="clearfix">
<div id="breadcrumbs">
<a href="<page index>">Home &raquo; </a>
<a href="<page docs/documentation>">Documentation &raquo; </a>
<a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>
</div>
<div id="maincol">
<h1>Configuring a Tor relay on Debian/Ubuntu</h1>
<hr>
<p>
The Tor network relies on volunteers to donate bandwidth. The more
people who run relays, the faster the Tor network will be. If you have
at least 250 kilobytes/s each way, please help out Tor by configuring your
Tor to be a relay too.
</p>
<hr>
<a id="zero"></a>
<a id="install"></a>
<h2><a class="anchor" href="#install">Step One: Download and Install Tor</a></h2>
<br>
<p>If you're on Debian, start with "apt-get install tor".</p>
<p><b>Do not use the packages in Ubuntu's universe.</b> If you're
on Ubuntu or if you want to track newer Tor packages, follow the
<a href="<page docs/debian>#ubuntu">Tor on Ubuntu or Debian</a>
instructions to use our repository.
</p>
<p>For other Unix/Linux users, you can download Tor from one of our
<a href="<page download/download-unix>">repositories</a>.</p>
<hr>
<a id="setup"></a>
<h2><a class="anchor" href="#setup">Step Two: Set it up as a relay</a></h2>
<p>
1. Make sure your clock, date, and timezone are set correctly. Install
the ntp or openntpd (or similar) package to keep it that way.
</p>
<p>
2. Edit the bottom part of <a href="<page
docs/faq>#torrc">/etc/tor/torrc</a>. Define an ORPort. <b>Note
that public relays default to being <a href="<page
docs/faq>#ExitPolicies">exit relays</a></b> &mdash; either change your
ExitPolicy line or read our <a
href="<wiki>/doc/TorExitGuidelines">guidelines
for exit relay operators</a>. Be sure to set your ContactInfo line
so we can contact you if you need to upgrade or something goes wrong.
</p>
<p>
3. If you are using a firewall, open a hole in your firewall
so incoming connections can reach the ports you configured
(ORPort, plus DirPort if you enabled it). If you have a
hardware firewall (Linksys box, cablemodem, etc) you might like <a
href="http://portforward.com/">portforward.com</a>. Also, make sure you
allow all <em>outgoing</em> connections too, so your relay can reach the
other Tor relays.
</p>
<p>
4. Restart your relay: "service tor reload" (as root).
</p>
<hr>
<a id="check"></a>
<h2><a class="anchor" href="#check">Step Three: Make sure it is working</a></h2>
<br>
<p>Once your relay connects to the network, it will
try to determine whether the ports you configured are reachable from
the outside. This step is usually fast, but it may take a few minutes.
Look for a <a href="<page docs/faq>#Logs">log entry</a> in your
/var/log/tor/log like
<tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>
If you don't see this message, it means that your relay is not reachable
from the outside &mdash; you should re-check your firewalls, check that it's
testing the IP and port you think it should be testing, etc.
</p>
<p>When it decides that it's reachable, it will upload a "server
descriptor" to the directory authorities, to let clients know
what address, ports, keys, etc your relay is using. After a few
hours (to give it enough time to propagate), you can query
<a href="https://atlas.torproject.org/">Atlas</a> or
<a href="https://globe.torproject.org/">Globe</a> to see whether your
relay has successfully registered in the network.</p>
<hr>
<a id="after"></a>
<h2><a class="anchor" href="#after">Step Four: Once it is working</a></h2>
<br>
<p>
5. Read
<a href="<wiki>doc/OperationalSecurity">about operational security</a>
to get ideas how you can increase the security of your computer.
</p>
<p>
6. Decide about rate limiting. Cable modem, DSL, and other users
who have asymmetric bandwidth (e.g. more down than up) should
rate limit to their slower bandwidth, to avoid congestion. See the <a
href="<page docs/faq>#BandwidthShaping">rate
limiting FAQ entry</a> for details.
</p>
<p>
7. If your computer isn't running a webserver, and you haven't set
AccountingMax, please consider
changing your ORPort to 443 and/or your DirPort to 80. Many Tor users
are stuck behind firewalls that only let them browse the web, and
this change will let them reach your Tor relay. If you are already
using ports 80 and 443, other useful ports are 22, 110, and 143.
</p>
<p>
8. Consider backing up your Tor relay's private key
("/var/lib/tor/keys/secret_id_key"). You'll need this identity key to
<a href="<page docs/faq>#UpgradeOrMove">move or restore your Tor relay</a>.
</p>
<p>
9. If you run an exit relay (great!), don't miss out on our <a
href="<wiki>doc/TorExitGuidelines">Exit Guidelines</a>, including
setting your reverse DNS hostname to make it obvious that you're
a Tor exit relay, and serving the <a
href="<gitblob>contrib/operator-tools/tor-exit-notice.html">Tor
exit notice</a> page on your DirPort.
</p>
<p>
10. Subscribe to the <a
href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce">tor-announce</a>
mailing list. It is very low volume, and it will keep you informed
of new stable releases.
As a relay operator, you should consider subscribing to the
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">
tor-relays mailing list</a> too.
We have more <a href="<page docs/documentation>#MailingLists">mailing
lists</a> as well.
</p>
<p>
11. Read the <a
href="https://blog.torproject.org/blog/lifecycle-of-a-new-relay">"Lifecycle
of a New Relay"</a> document to learn what sort of activity and usage
patterns you can expect during your relay's first weeks of operation.
</p>
<p>
12. <a href="https://weather.torproject.org/">Tor Weather</a> provides
an email notification service to any users who want to monitor the
status of a Tor node. Upon subscribing, you can specify what types of
alerts you would like to receive. The main purpose of Tor Weather is
to notify node operators via email if their node is down for longer
than a specified period, but other notification types are available.
</p>
<p>
13. If you want to run more than one relay that's great, but please set <a
href="<page docs/faq>#MultipleRelays">the
MyFamily option</a> in all your relays' configuration files.
</p>
<p>
14. You might like to use the <a
href="https://www.atagar.com/arm/">arm</a> relay monitor to watch
your relay's activities from the command line. First, "sudo apt-get
install tor-arm". Second, as the user that will be running arm, run
"sudo adduser $USER debian-tor" to add your user to the debian-tor
group so it can reach Tor's controlsocket. Then log out and log back
in (so your user is actually in the group), and run "arm".
</p>
<p>
15. When you change your Tor configuration, remember to verify that
your relay still works correctly after the change.
</p>
<hr>
<p>If you have suggestions for improving this document, please <a
href="<page about/contact>">send them to us</a>. Thanks!</p>
</div>
<!-- END MAINCOL -->
<div id = "sidecol">
#include "side.wmi"
#include "info.wmi"
</div>
<!-- END SIDECOL -->
</div>
<!-- END CONTENT -->
#include <foot.wmi>
Reference in New Issue View Git Blame Copy Permalink