UbuntuHelp:Tor
来自Ubuntu中文
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
{i} Tor is part of the UserDocumentation series of index pages. Please read the WikiGuide prior to making changes. |
This page is a brief howto for running a Tor client and relay under Ubuntu 8.04 (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope), and 9.10 (Karmic). Please also consult the official Tor installation guide until this page has been completely updated as it is crucial to get everything right with a security application such as Tor.
目录
Introduction
Tor or The Onion Router is a toolset used to help anonymize your traffic. From the Tor website: Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. This guide is an adaptation of the official Tor installation method. It has been changed to reflect installation methods unique to Ubuntu, but may easily be used as a guide for other Debian based distros.
Installing Tor
See Tor installation documentation for the latest instructions. You will need to add the following repositories to your /etc/apt/sources.list
file:
- Ubuntu 8.04 (Hardy Heron):
deb http://deb.torproject.org/torproject.org hardy main deb-src http://deb.torproject.org/torproject.org hardy main
- Ubuntu 8.10 (Intrepid Ibex):
deb http://deb.torproject.org/torproject.org intrepid main deb-src http://deb.torproject.org/torproject.org intrepid main
- Ubuntu 9.04 (Jaunty Jackalope):
deb http://deb.torproject.org/torproject.org jaunty main deb-src http://deb.torproject.org/torproject.org jaunty main
- Ubuntu 9.10 (Karmic):
deb http://deb.torproject.org/torproject.org karmic main deb-src http://deb.torproject.org/torproject.org karmic main
This can be done by using emacs, nano, gedit or another text editor of your choosing. Or use the System --> Admin --> Software|Sources GUI application. Before moving on be sure to get the PGP keys for the new repositories and do an update / upgrade using the following commands or use the authentication tab in the Software Sources GUI:
- torproject.org repository GPG key:
gpg --keyserver keys.gnupg.net --recv 886DDD89 gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add - sudo apt-get update sudo apt-get upgrade
Then, we will install Tor by issuing the following command or use System --> Administration --> Synaptic Package Manager:
- Ubuntu 9.04 (Jaunty) and earlier:
sudo apt-get install tor
- Ubuntu 9.10 (Karmic):
sudo apt-get update sudo apt-get install tor tor-geoipdb
Install Privoxy
Simply make sure you have universal repositories and then:
sudo apt-get install privoxy
Configure Privoxy
Edit the file "/etc/privoxy/config" doing for example using nano:
sudo nano /etc/privoxy/config
Add the following line (anywhere in the file is fine):
forward-socks4a / localhost:9050 .
Save (Ctrl+O if in nano) and then exit (Ctrl+X if in nano).
Starting Services and Checking Status
sudo /etc/init.d/tor start sudo /etc/init.d/privoxy start /* Check that the service is running on port 9050 */ netstat -a | grep 9050 /* You should see the following output: */ tcp 0 0 localhost:9050 *:* LISTEN
If you are interested in testing by connecting to a website try check.torproject.org Thats it!
A Note On Local Logging
To be truly anonymous, you may want to turn off local logging for all your GET/POST/CONNECT request in privoxy's config file. For this edit the file "/etc/privoxy/config" doing for example using nano:
sudo nano /etc/privoxy/config Go to line 573 (approx) and comment the line like so: # debug 1 # show each GET/POST/CONNECT request debug 4096 # Startup banner and warnings debug 8192 # Errors - *we highly recommended enabling this*
Save (Ctrl+O if in nano) and then exit (Ctrl+X if in nano).
You may also choose to enable SafeLogging in your Tor config. This can be done by opening the config file at /etc/tor/torrc
and adding "SafeLogging 1" to the end of the file. See the Tor Manual for more information.
Install Vidalia (Optional)
Vidalia is a controlling Graphical User Interface for Tor. Tor must be installed for Vidalia to work. Once you have installed Tor and Vidalia you can configure client and relay settings through Vidalia. To install, type the following command in a terminal:
sudo apt-get install vidalia
Anonymizing Applications
What's the use of having Tor and Privoxy setup without enabling your new anonymous proxy in your common web applications? At this time Tor only supports HTTP and HTTPS traffic, but still recommends using Tor in your browser's proxy settings for all protocols as a hidden image link can give away your IP address if linked to an image on an FTP site. A complete list of supported applications can be found here.
Firefox
The Torbutton Add-on
- Go to Tools > Add-ons
- Select Get add-ons in the top menu
- Type torbutton in the search bar > Press ENTER
- click the "Add to firefox" button
- You will need to restart Firefox for the addon to take effect.
Note: Browsing through an anonymizing proxy will always slow down your connection. When using Tor Button, it appears to be necessary to first disable the proxy settings in Firefox's native options menu; otherwise Tor Button will be unable to disable Tor.
Gaim
- Go to the Accounts, select your Account
- Select Edit Account
- Go to the Advanced Tab
- Under Proxy Options select proxy type SOCKS v5
- Enter 127.0.0.1 for the host
- Enter 9050 for the port
- Leave user/pass blank
Mozilla Thunderbird
Get the Tor Button addon for Thunderbird, install and setup just like with Firefox. If you're using the same server name for receiving and sending mail but still want to receive mail through Tor, change your SMTP server's name to it's IP and exclude the IP from being proxied. This way, mail will be received from your mail server by it's name (and through Tor), but sent by the same server without Tor.
X-Chat
Settings-> Preferences -> Network -> Network setup -> Proxy server Use the following settings:
Hostname: 127.0.0.1 Port: 9050 Type: Socks5
IRSSI
If you run IRSSI on GNU Screen, open a new window (C-a C). If not, you'll have to open a new tab or windows to connect to the proxy:
socat TCP4-LISTEN:5000,fork SOCKS4A:localhost:irc.oftc.net:6667,socksport=9050
On IRSSI, connect to localhost, on port 5000:
/connect localhost 5000
To ignore information leakage (client and time zone) run on IRSSI:
/ignore * CTCPS
Azureus (BitTorrent Client)
Again, pretty much all you really need to do here is to proxy tracker communications. There is an option for this under the connections pane in Azureus. Fill in 127.0.0.1 9050 for the SOCKS proxy for tracker data. The most common proxy settings under Proxy Options in Connection Tab of Options Menu:
- Enable proxying of tracker communications (checked)
- I have a SOCKS proxy (checked)
- Host: 127.0.0.1
- Port: 9050
- Username and Password <none>
- Enable proxying of peer communications (checked)
- Inform tracker of limitation (unchecked)
- SOCKS version V5
- Use same proxy settings for tracker and peer communications
More information here.
References and More Information
- http://www.torproject.org/
- http://wiki.noreply.org/noreply/TheOnionRouter
- http://gentoo-wiki.com/HOWTO_Anonymity_with_Tor_and_Privoxy
- http://ubuntuforums.org/showthread.php?t=10825