Little -t-tor

Makini: Maagizo haya yanalenga kusakinisha tor daemoni ya mtandao k.m. little-t-tor. For instructions on installing Tor Browser, refer to Tor Browser user manual.

ufikiwaji wa msimamizi: Kusanikisha Tor unahitaji njia ya upendeleo. Below all commands that need to be run as root user like apt and dpkg are prepended with '#', while commands to be run as user with '$' resembling the standard prompt in a terminal.

Debian/Ubuntu

Usitumie kifurushi katika Ubuntu universe. Kipindi cha nyuma hazikusasishwa kwa uhakika. Hii ikimaanisha imepungukiwa na uimara na marekebisho ya usalama.

Configure Tor package repository.

Wezesha hazina ya APT ya mradi wa Tor kwa kufuata maelezo.

Sasisha kifurushi

# apt install tor

Fedora

Sanikisha kifurushi cha saraka ya Tor

Wezesha hazina ya kifurushi cha RPM cha mradi wa Tor kwa kufuata maelezo.

Sasisha kifurushi

# dnf install tor

FreeBSD

Sasisha kifurushi

# pkg install tor

OpenBSD

Sasisha kifurushi

# pkg_add tor

macOS

Sanikisha kifurushi cha manager

Kuna visimamizi viwili vya vifurushi katika OS X: Homebrew na Macports. Unaweza kutumia usimamizi wa kifurushi kama chaguo lako.

Kusanikisha Homebrew fuata maelekezo brew.sh.

Kusanikisha Macports fuata maelekezo macports.org.

Sasisha kifurushi

Ikiwa unatumia Homebrew katika programu iliboreshwa, tumia:

# brew install tor

Ikiwa unatumia Macports katika programu iliyoboreshwa, tumia:

$ sudo port install tor

Arch Linux

Ili kusanikisha kifurushi cha tor kwenye Arch Linux, endesha:

# pacman -Syu tor

DragonFlyBSD

Bootstrap pkg

Picha na matoleo ya kila siku ya DragonFlyBSD (kuanzia na 3.4) huja na pkg tayari imesakinishwa. Maboresho kutoka kwa matoleo ya awali hata hivyo hayatakuwa nayo. Ikiwa pkg haipo kwenye mfumo kwa sababu yoyote ile inaweza kufungwa kwa haraka bila kuijenga kutoka kwa chanzo au hata kusakinisha DPorts:

# cd /usr
# make pkg-bootstrap
# rehash
# pkg-static install -y pkg
# rehash

Hatua zilizopendekezwa ili kusanidi pkg

Hapa, itakuwa sawa na ile tuliyo nayo kwenye mfumo wa FreeBSD, na tutatumia HTTPS kuleta vifurushi vyetu, na masasisho - kwa hivyo hapa tunahitaji kifurushi cha ziada ili kutusaidia (ca_root_nss ).

Kusakinisha kifurushi cha ca_root_nss:

# pkg install ca_root_nss

Kwa usakinishaji mpya faili ya /usr/local/etc/pkg/repos/df-latest.conf.sample inakiliwa hadi /usr/local/etc/pkg/repos/df-latest. Faili zinazoishia kwa kiendelezi cha ".sample" zimepuuzwa; pkg(8) husoma faili zinazoishia kwa ".conf" pekee na itasoma kadiri itakavyopata.

DragonflyBSD ina hazina ya vifurushi 2:

• Avalon (mirror-master.dragonflybsd.org);
• Wolfpond (pkg.wolfpond.org).

Tunaweza kwa urahisi kuhariri URLinayotumiwa kuashiria hazina kwenye /usr/local/etc/pkg/repos/df-latest na ndivyo hivyo! Kumbuka kutumia pkg+https:// kwa Avalon.

Baada ya kutekeleza mabadiliko haya yote, tunasasisha orodha ya vifurushi tena na kujaribu kuangalia ikiwa tayari kuna sasisho jipya la kutumia:

# pkg update -f
# pkg upgrade -y -f

Sasisha kifurushi

Sakinisha kifurushi cha tor:

# pkg install tor

NetBSD

Setup pkg_add

Matoleo ya kisasa ya mfumo wa uendeshaji wa NetBSD yanaweza kuwekwa ili kutumia pkgin ambayo ni kipande cha programu inayolenga kuwa kama apt au yum kwa ajili ya kudhibiti vifurushi vya binary ya pkgsrc. Hatugeuzi usanidi wake hapa na uchague kutumia pkg_add wazi badala yake.

# echo "PKG_PATH=http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/$(uname -m)/$(uname -r)/All" > /etc/pkg_install.conf

Sasisha kifurushi

Sakinisha kifurushi cha tor NetBSD:

# pkg_add tor

VoidLinux

Kusakinisha kifurushi cha torkwa Void Linux, tafadhali endesha:

# xbps-install -S tor

Sanikisha Tor kutoka kwenye chanzo

Pakua toleo la sasa na vitegemezi

Toleo jipya lililotolewa na Tor linapatikana katika kurasa ya download.

Ikiwa unaunda kutoka katika vyanzo, Sanikisha kwanza libevent, na hakikisha una openssl na zlib (ikijumuisha kifurushi cha the -devel kikitumika).

Sasisha tor

tar -xzf tor-<version>.tar.gz; cd tor-<version>

Replace <version> with the latest version of tor, for example, tor-0.4.8.12

./configure && make

Sasa unaweza kutumia tor kama src/app/tor (0.4.3.x na toleo linalofuata), au unaweza kutumia Sanikisha (kama njia ikiwa ina umuhimu) sanikisha ndani ya /usr/local/, na baada ya hapo anzisha matumizi ya tor.

Tahadhari: Maelekezo haya ya kuthibitisha chanzo cha msimbo wa Tor. Tafadhali fuata maelekezo sahihi ili kuthibitisha Tor Browser's signature.

Digital signature ni mfumo unaohakikisha kua kifurushi fulani kilitolewa na watengenezaji na haikuharibiwa. Chini tumeeleza kwanini ni muhimu na jinsi ya kuthibitisha vyanzo vya msimbo wa tor uliyoipakua ni mojawapo tuliyoitengeneza na haijaboreshwa na baadhi ya washambuliaji.

Kila failia katika kurasa yetu iliyopakuliwa inaambatana na mafaili mawili ambayo yamewekwan leno "checksum" na "sig" yakiwa na majina sawa kama kifurushi na kiambatanishi .sha256sum" na ".sha256sum.asc" kwa mtiririko huo.

Faili la .asc litathibitisha kuwa faili .sha256sum (limekusanya kifurushi cha checksum) haijaingiliwa. Mara tu sahihi inapothibitisha (angalia chini jinsi ya kufanya), kifurushi cha uadilifu kitaweza kuthibitishwa:

$ sha256sum -c *.sha256sum

Faili hili linakuruhusu kuhakikisha faili ulilopakua ndio hilo ulilotarajia kulipata. Hii inaweza kutofautiana kutokana na kivinjari cha tovuti, lakini kwa kawaida unaweza kupakua faili hili kwa kubofya upande wa kulia wa anwani za "sig" na "checksum" na kuchagua "save file as".

Kwa mfano, tor-0.4.6.7.tar.gz is accompanied by tor-0.4.6.7.tar.gz.sha256sum.asc. Kuna mfano jina la faili halifanani kabisa na jina la faili ulilopakua.

Kwa sasa tunaonesha ni kwa jinsi gani unaweza kuthibitisha faili lililopakuliwa kwa digital signature katika mifumo mbalimbali ya uendeshaji. Tafadhali kumbuka kuwa sahihi ni tarehe wakati kifurushi kimetiwa sahihi. Kwa ujumla kila muda faili jipya linapakuliwa kwa sahihi mpya inayotokana na tarehe tofauti. Ilimradi umeshathibitisha sahihi hupaswi kujali kuwa tarehe iliyoripotiwa inaweza kutofautiana.

pakua GnuPG

Awali ya yote unahitaji kuwa na GnuPG iliyosanidiwa kabla haujathibitisha sahihi.

Kwa watumiaji wa Windows:

Ikiwa unatumia windowa, pakua Gpg4win na endesha kisanikishi chake.

Ili kuthibitisha sahihi unahitaji kuandika commands chache katika mstari wa command wa window, cmd.exe.

Kwa watumiaji wa macOS:

Ikiwa unatumia macOS, unaweza sanikisha GPGTools.

Ili kuthibitisha sahihi unahitaji kuandika command chache katika Terminal (under "Applications").

Kwa watumiaji wa GNU/Linux:

Ikiwa unatumia GNU/Linux, labda tayari unayo GnuPG katika mfumo wako, kwa kuwa usambazaji mwingi wa GNU/Linux huja ikiwa imewekwa tayari.

Ili kuthibitisha sahihi utahitaji kuandika commands chache katika terminal window. Jinsi ya kufanya hivi hutofautiana kulinganana usambazaji wako.

kutafuta Tor kwa funguo ya watengenezaji

Funguo zifuatazo zinaweza kuweka sahihi katika tarball. Usizitarajie kabisa, zinaweza kutofautiana kutegemeana na nani anapatikana ili ziweze kutolewa.

• Alexander Færøy: 514102454D0A87DB0767A1EBBE6A0531C18A9179
• David Goulet: B74417EDDF22AC9F9E90F49142E86A2A11F48D36
• Nick Mathewson: 2133BC600AB133E1D826D173FE43009C4607B1FB

Unaweza kutafura funguo yenye anwani uliyopewa hapo juu au ndani yake:

$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@torproject.org
$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@torproject.org
$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@torproject.org

Hii inapaswa kukuonesha kitu kama (for nickm):

gpg: key FE43009C4607B1FB: public key "Nick Mathewson <nickm@torproject.org>" imported
gpg: Jumla ya number ya zilizoshughulikiwa: 1
gpg:               imported: 1
pub   rsa4096 2016-09-21 [C] [expires: 2025-10-04]
      2133BC600AB133E1D826D173FE43009C4607B1FB
uid           [ unknown] Nick Mathewson <nickm@torproject.org>
sub   rsa4096 2016-09-23 [S] [expires: 2025-10-04]
sub   rsa4096 2016-09-23 [E] [expires: 2025-10-04]

Ukipata ujumbe wenye makosa, kuna kitu kimeenda vibaya na huwezi kuendelea hadi utambue kwanini haifanyi kazi. Unaweza kuweza kuagiza funguo kwa kutumia sehemu ya Njia mbadala (kutumia alama za wazi) badala yake.

Baada ya kuingiza funguo, unapaswa kuzitunza katika faili (kiutambua kwa fingerprint hapa):

$ gpg --output ./tor.keyring --export 0x2133BC600AB133E1D826D173FE43009C4607B1FB

Matokeo ya amri ni muhimu kuhifadhiwa katika faili lililopatikana ./tor.keyring, mfano katika muongozo wa sasa. Kama ./or.keyring haipo baada ya kutumia command hii, kuna kitu kina makosa na huwezi kuendelea hadi uwe umetatua kwanini hichi hakifanyi kazi.

hakiki saini

Kuthibitisha sahihi ya kifurushi ulichopakua, utahitaji kupakua faili lenyewe sambamba na .sha256sum.asc signature file and the .sha256sum, na kuthibitisha hii kwa command inayouliza GnuPG ili kuthibitisha faili ulilolipakua.

Mifano hapa chini inadhani kuwa ulipakua mafaili haya mawili kwenye folda lako la "Downloads". Kumbuka kuwa hizi commands tumia mfano wa majina ya faili na yako tofauti: unaweza kupakua toleo tofauti zaidi ya 9.0 na unaweza kuchagua toleo la kiingereza (en-US).

Kwa watumiaji wa Windows:

gpgv --keyring .\tor.keyring Downloads\tor-0.4.6.10.tar.gz.sha256sum.asc Downloads\tor-0.4.6.10.tar.gz.sha256sum

Kwa watumiaji wa macOS:

gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum

Kwa watumiaji wa BSD/Linux:

gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum

Matokeo ya command yanapaswa kutoa kitu kama hichi (Kutegemeana na funguo ipi imesainiwa):

gpgv: Signature made Mon 16 Aug 2021 04:44:27 PM -03
gpgv:                using RSA key 7A02B3521DC75C542BA015456AFEE6D49E92B601
gpgv: Good signature from "Nick Mathewson <nickm@torproject.org>"

Ikiwa unapata ujumbe wenye makosa zenye "No such file or directory', labda kuna kitu hakipo sawa katika hatua mojawapo zilizopita, au umesahau kuwa hizi command unazotumia kwa mfano majina ya file na yako yatakuwa na utofauti kidogo.

unaweza pia kuhitaji kujifunza zaidi kuhusu GnuPG.

Hakiki checksum

Sasa kwa kuwa tulithibitisha sahihi ya checksum, tunahitaji kuthibitisha the ubora/uwezo wa kifurushi.

Kwa watumiaji wa Windows:

certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256

Kwa watumiaji wa macOS:

shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum

Kwa watumiaji wa BSD/Linux:

sha256sum -c tor-0.4.6.10.tar.gz.sha256sum

Attention: These instructions are meant for using pluggable transports with tor, the network daemon i.e. little-t tor. For instructions on using pluggable transports with Tor Browser, refer to the Tor Browser user manual.

Direct access to the Tor network may sometimes be blocked. Tor can be used with circumvention tools, known as pluggable transports, for getting around these blocks. obfs4, Snowflake and WebTunnel are some pluggable transports available to use with Tor. Tor can be configured to use pluggable transports by modifying Tor's configuration file i.e. torrc.

Steps to configure tor to use pluggable transports for different operating systems are as follows.

• Download and install tor or the Tor Expert Bundle for your operating system. If access to the Tor Project website is blocked, use an official Tor Project mirror.

• If you have tor installed, pluggable transport binaries can be downloaded as part of the Tor Expert Bundle. Pluggable transport binaries available as part of the Tor Expert Bundle:

  • lyrebird : implements several pluggable transport protocols, including obfs4 and WebTunnel.
  • snowflake-client : implements the Snowflake pluggable transport.

• Extract the Tor Expert Bundle to a directory of your choice.

• For pluggable transports, obfs4 and WebTunnel, obtain bridges from the bridges website, via Email or via Telegram.

• Modify Tor's configuration file, i.e. torrc. Copy and modify the following sample torrc according to the operating system. If you have installed little-t tor on Linux, you will have to modify the default torrc.

Configuring tor to use obfs4 or WebTunnel

UseBridges 1
# Uncomment the line below for Windows and include the path to the pluggable transport executable (Example: C:\Users\user\Downloads\tor\pluggable_transports\lyrebird.exe)
#ClientTransportPlugin meek_lite,obfs4,webtunnel exec <path-of-executable>

# Uncomment the line below for macOS and include the path to the pluggable transport executable (Example: /Users/user/Downloads/tor/pluggable_transports/lyrebird)
#ClientTransportPlugin meek_lite,obfs4,webtunnel exec <path-of-executable>

# Uncomment the line below for Linux and include the path to the pluggable transport executable (Example: /home/user/Downloads/tor/pluggable_transports/lyrebird)
#ClientTransportPlugin meek_lite,obfs4,webtunnel exec <path-of-executable>

Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=<CERTIFICATE> iat-mode=0
Bridge webtunnel <IP ADDRESS>:<PORT> <FINGERPRINT> url=<URL> ver=0.0.1

Configuring tor to use Snowflake

UseBridges 1
# Uncomment the line below for Windows and include the path to the pluggable transport executable (Example: C:\username\Browser\TorBrowser\tor\pluggable_transports\snowflake-client.exe)
#ClientTransportPlugin snowflake exec <path-of-executable>

# Uncomment the line below for macOS and include the path to the pluggable transport executable (Example: /Users/user/Downloads/tor/pluggable_transports/snowflake-client)
#ClientTransportPlugin snowflake exec <path-of-executable>

# Uncomment the line below for Linux and include the path to the pluggable transport executable (Example: /home/user/Downloads/tor/pluggable_transports/snowflake-client)
#ClientTransportPlugin snowflake exec <path-of-executable>

Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://1098762253.rsc.cdn77.org front=www.phpmyadmin.net,cdn.zk.mk ice=stun:stun.antisip.com:3478,stun:stun.epygi.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.mixvoip.com:3478,stun:stun.nextcloud.com:3478,stun:stun.bethesda.net:3478,stun:stun.nextcloud.com:443 utls-imitate=hellorandomizedalpn

• Save the torrc file.

• Run tor from the command line: ./tor -f torrc

• Note: If you have installed little-t tor on Linux and modified the default torrc, you will have to restart the daemon.

Troubleshooting

• If Tor fails to connect, check that the torrc file is correctly formatted.
• If tor is installed from the Tor Expert Bundle ensure the torrc file is in the same folder as the tor binary.
• Check the Tor logs for errors.
• After exhausting these common troubleshooting steps, if the connection still fails, the bridges you received may be offline or blocked. Obtain new set of bridges from the bridges website, via Email or via Telegram.