doc/tor-doc-unix.html

   1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
   2 "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
   3
   4 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   5 <head>
   6   <title>Tor Linux/BSD/Unix Install Instructions</title>
   7   <meta name="Author" content="Roger Dingledine" />
   8   <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
   9   <link rel="stylesheet" type="text/css" href="stylesheet.css" />
  10   <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
  11 </head>
  12
  13 <body>
  14
  15 <!-- TITLE BAR & NAVIGATION -->
  16
  17 <table class="banner" border="0" cellpadding="0" cellspacing="0">
  18     <tr>
  19         <td class="banner-left"></td>
  20         <td class="banner-middle">
  21             <a href="/index.html">Home</a>
  22           | <a href="/howitworks.html">How It Works</a>
  23           | <a href="/download.html">Download</a>
  24           | <a href="/documentation.html">Docs</a>
  25           | <a href="/users.html">Users</a>
  26           | <a href="/faq.html">FAQs</a>
  27           | <a href="/volunteer.html">Volunteer</a>
  28           | <a href="/developers.html">Developers</a>
  29           | <a href="/research.html">Research</a>
  30           | <a href="/people.html">People</a>
  31         </td>
  32         <td class="banner-right"></td>
  33     </tr>
  34 </table>
  35
  36 <!-- END TITLE BAR & NAVIGATION -->
  37
  38 <div class="center">
  39
  40 <div class="main-column">
  41
  42 <h1>Running the <a href="http://tor.eff.org/">Tor</a> client on Linux/BSD/Unix</h1>
  43 <br />
  44
  45 <p>
  46 <b>Note that these are the installation instructions for running a Tor
  47 client. If you want to relay traffic for others to help the network grow
  48 (please do), read the <a
  49 href="tor-doc-server.html">Configuring a server</a> guide.</b>
  50 </p>
  51
  52 <hr />
  53 <a id="installing"></a>
  54 <h2><a class="anchor" href="#installing">Step One: Download and Install Tor</a></h2>
  55 <br />
  56
  57 <p>
  58 The latest release of Tor can be found on the <a
  59 href="/download.html">download</a> page. We have packages for Debian,
  60 Red Hat, Gentoo, *BSD, etc there too.
  61 </p>
  62
  63 <p>If you're building from source, first install <a
  64 href="http://www.monkey.org/~provos/libevent/">libevent</a>, and
  65 make sure you have openssl and zlib (including the -devel packages if
  66 applicable). Then Run <tt>tar xzf tor-0.1.0.15.tar.gz;
  67 cd tor-0.1.0.15</tt>. Then <tt>./configure &amp;&amp; make</tt>. Now you
  68 can run tor as <tt>src/or/tor</tt>, or you can run <tt>make install</tt>
  69 (as root if necessary) to install it into /usr/local/, and then you can
  70 start it just by running <tt>tor</tt>.
  71 </p>
  72
  73 <p>Tor comes configured as a client by default. It uses a built-in
  74 default configuration file, and most people won't need to change any of
  75 the settings. Tor is now installed.
  76 </p>
  77
  78 <hr />
  79 <a id="privoxy"></a>
  80 <h2><a class="anchor" href="#privoxy">Step Two: Install Privoxy for Web Browsing</a></h2>
  81 <br />
  82
  83 <p>After installing Tor, you need to configure your applications to use it.
  84 </p>
  85
  86 <p>
  87 The first step is to set up web browsing. Start by installing <a
  88 href="http://www.privoxy.org/">Privoxy</a>: click on 'recent releases'
  89 and pick your favorite package or install from source. Privoxy is a
  90 filtering web proxy that integrates well with Tor.
  91 </p>
  92
  93 <p>You need to configure Privoxy to use Tor.
  94 Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/)
  95 and add the line <br>
  96 <tt>forward-socks4a / localhost:9050 .</tt><br>
  97 to the top of the config file. Don't forget to add the dot at the end.
  98 </p>
  99
 100 <p>Privoxy keeps a log file of everything passed through it.  In
 101 order to stop this you will need to comment out two lines by inserting a
 102 # before the line. The two lines are:<br>
 103 <tt>logfile logfile</tt><br>
 104 and the line <br>
 105 <tt>jarfile jarfile</tt><br>
 106 </p>
 107
 108 <p>You'll need to restart Privoxy for the changes to take effect.</p>
 109
 110 <hr />
 111 <a id="using"></a>
 112 <h2><a class="anchor" href="#using">Step Three: Configure your applications to use Tor</a></h2>
 113 <br />
 114
 115 <p>After installing Tor and Privoxy, you need to configure your
 116 applications to use them. The first step is to set up web browsing.</p>
 117
 118 <p>If you're using Firefox (we recommend it), check out our <a
 119 href="tor-switchproxy.html">Tor SwitchProxy howto</a> to set up
 120 a plugin that makes it easy to switch between using Tor and using a
 121 direct connection.</p>
 122
 123 <p>Otherwise, you need to manually configure your browser to HTTP proxy
 124 at localhost port 8118.
 125 (That's where Privoxy listens.)
 126 In Mozilla, this is in Edit|Preferences|Advanced|Proxies.
 127 In Opera 7.5x it's Tools|Preferences|Network|Proxy servers.
 128 You should click the "use the same proxy server for all protocols"
 129 button; but see <a
 130 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FtpProxy">this
 131 note</a> about Tor and ftp proxies.
 132
 133 <p>Using privoxy is <strong>necessary</strong> because <a
 134 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">browsers
 135 leak your DNS requests when they use a SOCKS proxy directly</a>, which
 136 is bad for your anonymity. Privoxy also removes certain dangerous
 137 headers from your web requests, and blocks obnoxious ad sites like
 138 Doubleclick.</p>
 139
 140 <p>To Torify other applications that support HTTP proxies, just
 141 point them at Privoxy (that is, localhost port 8118). To use SOCKS
 142 directly (for instant messaging, Jabber, IRC, etc), you can point
 143 your application directly at Tor (localhost port 9050), but see <a
 144 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS">this
 145 FAQ entry</a> for why this may be dangerous. For applications
 146 that support neither SOCKS nor HTTP, take a look at <a
 147 href="http://tsocks.sourceforge.net/">tsocks</a> or <a
 148 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#socat">socat</a>.
 149 </p>
 150
 151 <p>For information on how to Torify other applications, check out the
 152 <a href="http://wiki.noreply.org/wiki/TheOnionRouter/TorifyHOWTO">Torify
 153 HOWTO</a>.
 154 </p>
 155
 156 <hr />
 157 <a id="verify"></a>
 158 <h2><a class="anchor" href="#verify">Step Four: Make sure it's working</a></h2>
 159 <br />
 160
 161 <p>
 162 <a href="http://ipid.shat.net">ipid.shat.net</a> and
 163 <a href="http://www.showmyip.com/">showmyip.com</a>
 164 are sites that show what IP address and country you appear to be coming
 165 from.
 166 </p>
 167
 168 <p>If you don't know your current public IP address, this may not be a
 169 very useful test. To learn your IP address, run "<tt>ifconfig</tt>".
 170 If you are behind a NAT or firewall, though, you won't be able
 171 to learn your public IP address. In this case, you should 1) configure
 172 your browser to connect directly (that is, stop using Privoxy), 2) check
 173 your IP address with one of the sites above, 3) point your browser back
 174 to Privoxy, and 4) see whether your IP address has changed.
 175 </p>
 176
 177 <p>If you have a personal firewall that limits your computer's
 178 ability to connect to itself (this includes something like SELinux on
 179 Fedora Core 4), be sure to allow connections from
 180 your local applications to Privoxy (local port 8118) and Tor (local port
 181 9050). If
 182 your firewall blocks outgoing connections, punch a hole so
 183 it can connect to at least TCP ports 80 and 443, and then see <a
 184 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#FirewalledClient">this
 185 FAQ entry</a>.  If your SELinux config is not allowing tor or privoxy to
 186 run correctly, create a file named booleans.local in the directory
 187 /etc/selinux/targeted.  Edit this file in your favorite text editor and
 188 insert "allow_ypbind=1".  Restart your machine for this change to take
 189 effect.
 190 </p>
 191
 192 <p>If it's still not working, look at <a
 193 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork">this
 194 FAQ entry</a> for hints.</p>
 195
 196 <hr />
 197 <a id="server"></a>
 198 <h2><a class="anchor" href="#server">Step Five: Configure it as a server</a></h2>
 199 <br />
 200
 201 <p>The Tor network relies on volunteers to donate bandwidth. The more
 202 people who run servers, the faster the Tor network will be. If you have
 203 at least 20 kilobytes/s each way, please help out Tor by configuring your
 204 Tor to be a server too. We have many features that make Tor servers easy
 205 and convenient, including rate limiting for bandwidth, exit policies so
 206 you can limit your exposure to abuse complaints, and support for dynamic
 207 IP addresses.</p>
 208
 209 <p>Having servers in many different places on the Internet is what
 210 makes Tor users secure. You may also get stronger anonymity yourself,
 211 since remote sites can't know whether connections originated at your
 212 computer or were relayed from others.</p>
 213
 214 <p>Read more at our <a href="tor-doc-server.html">Configuring a server</a>
 215 guide.</p>
 216
 217 <hr />
 218
 219 <p>If you have suggestions for improving this document, please post
 220 them on <a href="http://bugs.noreply.org/tor">our bugtracker</a> in the
 221 website category. Thanks!</p>
 222
 223   </div><!-- #main -->
 224 </div>
 225   <div class="bottom" id="bottom">
 226      <i><a href="mailto:tor-webmaster@freehaven.net"
 227      class="smalllink">Webmaster</a></i> - $Id$
 228   </div>
 229 </body>
 230 </html>
 231