Little -t-tor
Jinsi ya kusanikisha little-t-tor?
Makini: Maagizo haya yanalenga kusakinisha tor
daemoni ya mtandao k.m. little-t-tor.
For instructions on installing Tor Browser, refer to Tor Browser user manual.
ufikiwaji wa msimamizi: Kusanikisha Tor unahitaji njia ya upendeleo.
Below all commands that need to be run as root user like apt and dpkg are prepended with '#
', while commands to be run as user with '$
' resembling the standard prompt in a terminal.
Debian/Ubuntu
Usitumie kifurushi katika Ubuntu universe. Kipindi cha nyuma hazikusasishwa kwa uhakika. Hii ikimaanisha imepungukiwa na uimara na marekebisho ya usalama.
Configure Tor package repository.
Wezesha hazina ya APT ya mradi wa Tor kwa kufuata maelezo.
Sasisha kifurushi
# apt install tor
Fedora
Sanikisha kifurushi cha saraka ya Tor
Wezesha hazina ya kifurushi cha RPM cha mradi wa Tor kwa kufuata maelezo.
Sasisha kifurushi
# dnf install tor
FreeBSD
Sasisha kifurushi
# pkg install tor
OpenBSD
Sasisha kifurushi
# pkg_add tor
macOS
Sanikisha kifurushi cha manager
Kuna visimamizi viwili vya vifurushi katika OS X: Homebrew na Macports. Unaweza kutumia usimamizi wa kifurushi kama chaguo lako.
Kusanikisha Homebrew fuata maelekezo brew.sh.
Kusanikisha Macports fuata maelekezo macports.org.
Sasisha kifurushi
Ikiwa unatumia Homebrew katika programu iliboreshwa, tumia:
# brew install tor
Ikiwa unatumia Macports katika programu iliyoboreshwa, tumia:
$ sudo port install tor
Arch Linux
Ili kusanikisha kifurushi cha tor
kwenye Arch Linux, endesha:
# pacman -Syu tor
DragonFlyBSD
Bootstrap pkg
Picha na matoleo ya kila siku ya DragonFlyBSD (kuanzia na 3.4) huja na pkg
tayari imesakinishwa. Maboresho kutoka kwa matoleo ya awali hata hivyo hayatakuwa nayo. Ikiwa pkg
haipo kwenye mfumo kwa sababu yoyote ile inaweza kufungwa kwa haraka bila kuijenga kutoka kwa chanzo au hata kusakinisha DPorts:
# cd /usr
# make pkg-bootstrap
# rehash
# pkg-static install -y pkg
# rehash
Hatua zilizopendekezwa ili kusanidi pkg
Hapa, itakuwa sawa na ile tuliyo nayo kwenye mfumo wa FreeBSD, na tutatumia HTTPS kuleta vifurushi vyetu, na masasisho - kwa hivyo hapa tunahitaji kifurushi cha ziada ili kutusaidia (ca_root_nss
).
Kusakinisha kifurushi cha ca_root_nss
:
# pkg install ca_root_nss
Kwa usakinishaji mpya faili ya /usr/local/etc/pkg/repos/df-latest.conf.sample
inakiliwa hadi /usr/local/etc/pkg/repos/df-latest
. Faili zinazoishia kwa kiendelezi cha ".sample" zimepuuzwa; pkg(8) husoma faili zinazoishia kwa ".conf" pekee na itasoma kadiri itakavyopata.
DragonflyBSD ina hazina ya vifurushi 2:
- Avalon (mirror-master.dragonflybsd.org);
- Wolfpond (pkg.wolfpond.org).
Tunaweza kwa urahisi kuhariri URLinayotumiwa kuashiria hazina kwenye /usr/local/etc/pkg/repos/df-latest
na ndivyo hivyo! Kumbuka kutumia pkg+https:// kwa Avalon.
Baada ya kutekeleza mabadiliko haya yote, tunasasisha orodha ya vifurushi tena na kujaribu kuangalia ikiwa tayari kuna sasisho jipya la kutumia:
# pkg update -f
# pkg upgrade -y -f
Sasisha kifurushi
Sakinisha kifurushi cha tor
:
# pkg install tor
NetBSD
Setup pkg_add
Matoleo ya kisasa ya mfumo wa uendeshaji wa NetBSD yanaweza kuwekwa ili kutumia pkgin
ambayo ni kipande cha programu inayolenga kuwa kama apt
au yum
kwa ajili ya kudhibiti vifurushi vya binary ya pkgsrc. Hatugeuzi usanidi wake hapa na uchague kutumia pkg_add
wazi badala yake.
# echo "PKG_PATH=http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/$(uname -m)/$(uname -r)/All" > /etc/pkg_install.conf
Sasisha kifurushi
Sakinisha kifurushi cha tor
NetBSD:
# pkg_add tor
VoidLinux
Kusakinisha kifurushi cha tor
kwa Void Linux, tafadhali endesha:
# xbps-install -S tor
Sanikisha Tor kutoka kwenye chanzo
Pakua toleo la sasa na vitegemezi
Toleo jipya lililotolewa na Tor linapatikana katika kurasa ya download.
Ikiwa unaunda kutoka katika vyanzo, Sanikisha kwanza libevent, na hakikisha una openssl na zlib (ikijumuisha kifurushi cha the -devel kikitumika).
Sasisha tor
tar -xzf tor-<version>.tar.gz; cd tor-<version>
Replace <version>
with the latest version of tor
, for example, tor-0.4.8.12
./configure && make
Sasa unaweza kutumia tor kama src/app/tor (0.4.3.x na toleo linalofuata)
, au unaweza kutumia Sanikisha
(kama njia ikiwa ina umuhimu) sanikisha ndani ya /usr/local/
, na baada ya hapo anzisha matumizi ya tor.
Ninawezaje kuthibitisha chanzo cha msimbo wa tor?
Tahadhari: Maelekezo haya ya kuthibitisha chanzo cha msimbo wa Tor. Tafadhali fuata maelekezo sahihi ili kuthibitisha Tor Browser's signature.
Digital signature ni mfumo unaohakikisha kua kifurushi fulani kilitolewa na watengenezaji na haikuharibiwa. Chini tumeeleza kwanini ni muhimu na jinsi ya kuthibitisha vyanzo vya msimbo wa tor uliyoipakua ni mojawapo tuliyoitengeneza na haijaboreshwa na baadhi ya washambuliaji.
Kila failia katika kurasa yetu iliyopakuliwa inaambatana na mafaili mawili ambayo yamewekwan leno "checksum" na "sig" yakiwa na majina sawa kama kifurushi na kiambatanishi .sha256sum" na ".sha256sum.asc" kwa mtiririko huo.
Faili la .asc
litathibitisha kuwa faili .sha256sum
(limekusanya kifurushi cha checksum) haijaingiliwa. Mara tu sahihi inapothibitisha (angalia chini jinsi ya kufanya), kifurushi cha uadilifu kitaweza kuthibitishwa:
$ sha256sum -c *.sha256sum
Faili hili linakuruhusu kuhakikisha faili ulilopakua ndio hilo ulilotarajia kulipata. Hii inaweza kutofautiana kutokana na kivinjari cha tovuti, lakini kwa kawaida unaweza kupakua faili hili kwa kubofya upande wa kulia wa anwani za "sig" na "checksum" na kuchagua "save file as".
Kwa mfano, tor-0.4.6.7.tar.gz
is accompanied by tor-0.4.6.7.tar.gz.sha256sum.asc
.
Kuna mfano jina la faili halifanani kabisa na jina la faili ulilopakua.
Kwa sasa tunaonesha ni kwa jinsi gani unaweza kuthibitisha faili lililopakuliwa kwa digital signature katika mifumo mbalimbali ya uendeshaji. Tafadhali kumbuka kuwa sahihi ni tarehe wakati kifurushi kimetiwa sahihi. Kwa ujumla kila muda faili jipya linapakuliwa kwa sahihi mpya inayotokana na tarehe tofauti. Ilimradi umeshathibitisha sahihi hupaswi kujali kuwa tarehe iliyoripotiwa inaweza kutofautiana.
pakua GnuPG
Awali ya yote unahitaji kuwa na GnuPG iliyosanidiwa kabla haujathibitisha sahihi.
Kwa watumiaji wa Windows:
Ikiwa unatumia windowa, pakua Gpg4win na endesha kisanikishi chake.
Ili kuthibitisha sahihi unahitaji kuandika commands chache katika mstari wa command wa window, cmd.exe
.
Kwa watumiaji wa macOS:
Ikiwa unatumia macOS, unaweza sanikisha GPGTools.
Ili kuthibitisha sahihi unahitaji kuandika command chache katika Terminal (under "Applications").
Kwa watumiaji wa GNU/Linux:
Ikiwa unatumia GNU/Linux, labda tayari unayo GnuPG katika mfumo wako, kwa kuwa usambazaji mwingi wa GNU/Linux huja ikiwa imewekwa tayari.
Ili kuthibitisha sahihi utahitaji kuandika commands chache katika terminal window. Jinsi ya kufanya hivi hutofautiana kulinganana usambazaji wako.
kutafuta Tor kwa funguo ya watengenezaji
Funguo zifuatazo zinaweza kuweka sahihi katika tarball. Usizitarajie kabisa, zinaweza kutofautiana kutegemeana na nani anapatikana ili ziweze kutolewa.
- Alexander Færøy: 514102454D0A87DB0767A1EBBE6A0531C18A9179
- David Goulet: B74417EDDF22AC9F9E90F49142E86A2A11F48D36
- Nick Mathewson: 2133BC600AB133E1D826D173FE43009C4607B1FB
Unaweza kutafura funguo yenye anwani uliyopewa hapo juu au ndani yake:
$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@torproject.org
$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@torproject.org
$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@torproject.org
Hii inapaswa kukuonesha kitu kama (for nickm):
gpg: key FE43009C4607B1FB: public key "Nick Mathewson <nickm@torproject.org>" imported
gpg: Jumla ya number ya zilizoshughulikiwa: 1
gpg: imported: 1
pub rsa4096 2016-09-21 [C] [expires: 2025-10-04]
2133BC600AB133E1D826D173FE43009C4607B1FB
uid [ unknown] Nick Mathewson <nickm@torproject.org>
sub rsa4096 2016-09-23 [S] [expires: 2025-10-04]
sub rsa4096 2016-09-23 [E] [expires: 2025-10-04]
Ukipata ujumbe wenye makosa, kuna kitu kimeenda vibaya na huwezi kuendelea hadi utambue kwanini haifanyi kazi. Unaweza kuweza kuagiza funguo kwa kutumia sehemu ya Njia mbadala (kutumia alama za wazi) badala yake.
Baada ya kuingiza funguo, unapaswa kuzitunza katika faili (kiutambua kwa fingerprint hapa):
$ gpg --output ./tor.keyring --export 0x2133BC600AB133E1D826D173FE43009C4607B1FB
Matokeo ya amri ni muhimu kuhifadhiwa katika faili lililopatikana ./tor.keyring
, mfano katika muongozo wa sasa.
Kama ./or.keyring
haipo baada ya kutumia command hii, kuna kitu kina makosa na huwezi kuendelea hadi uwe umetatua kwanini hichi hakifanyi kazi.
hakiki saini
Kuthibitisha sahihi ya kifurushi ulichopakua, utahitaji kupakua faili lenyewe sambamba na .sha256sum.asc
signature file and the .sha256sum
, na kuthibitisha hii kwa command inayouliza GnuPG ili kuthibitisha faili ulilolipakua.
Mifano hapa chini inadhani kuwa ulipakua mafaili haya mawili kwenye folda lako la "Downloads". Kumbuka kuwa hizi commands tumia mfano wa majina ya faili na yako tofauti: unaweza kupakua toleo tofauti zaidi ya 9.0 na unaweza kuchagua toleo la kiingereza (en-US).
Kwa watumiaji wa Windows:
gpgv --keyring .\tor.keyring Downloads\tor-0.4.6.10.tar.gz.sha256sum.asc Downloads\tor-0.4.6.10.tar.gz.sha256sum
Kwa watumiaji wa macOS:
gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum
Kwa watumiaji wa BSD/Linux:
gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum
Matokeo ya command yanapaswa kutoa kitu kama hichi (Kutegemeana na funguo ipi imesainiwa):
gpgv: Signature made Mon 16 Aug 2021 04:44:27 PM -03
gpgv: using RSA key 7A02B3521DC75C542BA015456AFEE6D49E92B601
gpgv: Good signature from "Nick Mathewson <nickm@torproject.org>"
Ikiwa unapata ujumbe wenye makosa zenye "No such file or directory', labda kuna kitu hakipo sawa katika hatua mojawapo zilizopita, au umesahau kuwa hizi command unazotumia kwa mfano majina ya file na yako yatakuwa na utofauti kidogo.
unaweza pia kuhitaji kujifunza zaidi kuhusu GnuPG.
Hakiki checksum
Sasa kwa kuwa tulithibitisha sahihi ya checksum, tunahitaji kuthibitisha the ubora/uwezo wa kifurushi.
Kwa watumiaji wa Windows:
certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256
Kwa watumiaji wa macOS:
shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum
Kwa watumiaji wa BSD/Linux:
sha256sum -c tor-0.4.6.10.tar.gz.sha256sum
How to use pluggable transports with little-t tor?
Attention: These instructions are meant for using pluggable transports with tor, the network daemon i.e. little-t tor. For instructions on using pluggable transports with Tor Browser, refer to the Tor Browser user manual.
Direct access to the Tor network may sometimes be blocked. Tor can be used with circumvention tools, known as pluggable transports, for getting around these blocks. obfs4, Snowflake and WebTunnel are some pluggable transports available to use with Tor. Tor can be configured to use pluggable transports by modifying Tor's configuration file i.e. torrc.
Steps to configure tor
to use pluggable transports for different operating systems are as follows.
Download and install
tor
or the Tor Expert Bundle for your operating system. If access to the Tor Project website is blocked, use an official Tor Project mirror.If you have
tor
installed, the pluggable transport binary, lyrebird, can be downloaded as part of the Tor Expert Bundle.lyrebird
implements several pluggable transport protocols, including obfs4, Snowflake and WebTunnel.Extract the Tor Expert Bundle to a directory of your choice.
For pluggable transports, obfs4 and WebTunnel, obtain bridges from the bridges website, via Email or via Telegram.
Modify Tor's configuration file, i.e. torrc. Copy and modify the following sample
torrc
according to the operating system. If you have installed little-t tor on Linux, you will have to modify the defaulttorrc
.
Configuring tor
to use obfs4, Snowflake or WebTunnel
UseBridges 1
# Uncomment the line below for Windows and include the path to the pluggable transport executable (Example: C:\Users\user\Downloads\tor\pluggable_transports\lyrebird.exe)
#ClientTransportPlugin meek_lite,obfs4,snowflake,webtunnel exec <path-of-executable>
# Uncomment the line below for macOS and include the path to the pluggable transport executable (Example: /Users/user/Downloads/tor/pluggable_transports/lyrebird)
#ClientTransportPlugin meek_lite,obfs4,snowflake,webtunnel exec <path-of-executable>
# Uncomment the line below for Linux and include the path to the pluggable transport executable (Example: /home/user/Downloads/tor/pluggable_transports/lyrebird)
#ClientTransportPlugin meek_lite,obfs4,snowflake,webtunnel exec <path-of-executable>
Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=<CERTIFICATE> iat-mode=0
Bridge webtunnel <IP ADDRESS>:<PORT> <FINGERPRINT> url=<URL> ver=0.0.1
Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://1098762253.rsc.cdn77.org front=www.phpmyadmin.net,cdn.zk.mk ice=stun:stun.antisip.com:3478,stun:stun.epygi.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.mixvoip.com:3478,stun:stun.nextcloud.com:3478,stun:stun.bethesda.net:3478,stun:stun.nextcloud.com:443 utls-imitate=hellorandomizedalpn
Save the
torrc
file.Run
tor
from the command line:./tor -f torrc
Note: If you have installed little-t tor on Linux and modified the default
torrc
, you will have to restart the daemon.
Troubleshooting
- If Tor fails to connect, check that the
torrc
file is correctly formatted. - If
tor
is installed from the Tor Expert Bundle ensure thetorrc
file is in the same folder as thetor
binary. - Check the Tor logs for errors.
- After exhausting these common troubleshooting steps, if the connection still fails, the bridges you received may be offline or blocked. Obtain new set of bridges from the bridges website, via Email or via Telegram.