Silk Road forums
Discussion => Security => Topic started by: astor on August 16, 2013, 03:34 am
-
Since people expressed interest in running relays, I've written a guide that can get you set up. There are many ways to run a relay, so for the sake of simplicity, I will focus on virtual private servers running Ubuntu 12.04. Feedback is definitely welcome.
This guide includes instructions for Windows users. I will write Linux instructions in a separate post, and if someone would like to add Mac instructions, I'd greatly appreciate it.
===Finding a Hosting Provider===
In order to run a relay, you will need a dedicated server or a virtual private server. There are two features you should look for:
1. Geographical location
2. Bandwidth
Other specs like RAM and CPU tend not to matter until the bandwidth gets really high, like on an unmetered server. Most of the time, your bandwidth limits will keep the Tor client well below your RAM and CPU limits.
There is no minimum amount that you need to spend on a server. You can lease a VPS for under $10 a month or a dedicated server for hundreds of dollars. I think every little bit helps, especially if the servers are geographically diverse. For this guide, I'm going to assume you don't want to drop hundreds of dollars on your first server, so we'll focus on setting up a small to medium sized VPS. The price range I'm thinking is $10 - $50 a month, which should give you 512 MB to 1 GB of RAM and 200 GB to 1 TB of bandwidth.
I'm not going to make specific recommendations for hosting providers, for obvious reasons, but most relays are in North America and Europe. It would be nice if we had more relays in South America, Asia and Africa. The infrastructure in Africa is the most underdeveloped, so you may want to focus on finding providers in South America and Asia. They will be more expensive than providers in North America and Europe. If you can't find providers in your price range, it's OK to run a relay in North America and Europe. As I said, every little bit helps.
Another thing to consider when searching for a VPS is that there are different virtualization technologies. These include OpenVZ, Xen, VMWare, Virtuozzo, and KVM. For this guide, I'm going to recommend running your relay in an OpenVZ container, because it is one of the most popular virtualization technologies, it is generally cheaper than the others for the same specs, your operating system will be installed for you by the hosting provider, and the OpenVZ connection limits aren't really a problem with low bandwidth relays. If you want your relay to push more than 1 TB of traffic a month, you should switch to something like Xen or KVM, or a dedicated server.
It's a good idea to read reviews of the hosting provider before ordering, but this can be tricky. There are a lot of fake web sites with shill reviews. In general, well-known forums with large communities (like webhostingtalk.com) are a better place to look for reviews than random web sites.
When you find a provider that you like, look for their Acceptable Use Policy (AUP), which will sometimes be part of their Terms of Service (TOS). Most hosting providers have links to these documents on their main page. Read through them to find out if they ban proxies. If there is no mention of Tor, "proxies" or "open proxies" almost always include Tor. Some hosting providers specifically ban Tor. Some only ban exit nodes. The latter case is OK, because we will be setting up non-exit relays. You don't want to waste time setting up a relay that will be shut down a week later because it violates your hosting provider's AUP.
===Ordering a Server===
Once you find a hosting provider, you can create an account and order the VPS. I don't see a problem with leasing a VPS with your real identity. There are 4300 relays at the moment. You will be lost in a big crowd. However, you shouldn't mention that you set up a relay in this thread or anywhere else on the forum! You shouldn't use information (like a username) that links you to your Silk Road identity! If you really want anonymity, at the end of this guide there's a section that offers some suggestions, but keep in mind that takes a lot more work.
During the ordering process, you will be asked to choose an operating system. Select Ubuntu Server 12.04, so we can simplify things. Every VPS provider should have an OpenVZ image for that OS. If the VPS has 512 MB of RAM or less, use the 32 bit version. If it has 1 GB or more, use the 64 bit version.
A common box that you have to fill out is the "domain name". You don't need a domain name to order a VPS. You can fill in anything, like example.org. For the server name, put anything you want, it will become the hostname. If it asks for DNS information, just put ns1 and ns2, it doesn't matter.
Also, lease the VPS on a monthly basis for the first few months, even if there are discounts for longer terms. Your VPS may turn out to have crappy networking or frequent reboots, so you don't want to pay for a year of hosting and be forced to abandon the VPS after a month.
After ordering, you'll get an email with the IP address and login details of your VPS.
===Configuring the Relay===
The first thing we need to do is figure out the RelayBandwidthRate based on the monthly bandwidth limit of the VPS. Keep in mind that most hosting providers count both incoming and outgoing bandwidth, so Tor relay traffic gets counted twice. A VPS that pushes 1 TB of traffic from the perspective of the hosting provider, actually pushes 500 GB of traffic from the perspective of the Tor network (it's the same data, coming and going).
Let's say your VPS is allowed 1 TB of traffic per month. That's 1,000,000 MB. So the rate (per second) that you would use in your Tor configuration is:
1,000,000 / 30 / 24 / 60 / 60 / 2 = 0.192 MB or 192 KB
This is a good place to start. In practice, most relays don't max out their bandwidth. In fact, many relays only use 30-50% of their max bandwidth rate. You can watch the bandwidth of your relay for a few weeks and increase it if you are using much less than your limit. For example, if in the first two weeks it uses 250 GB (and could have used 500 GB, because that's half of your 1 TB per month), then you can double the RelayBandwidthRate. It can take a few weeks of adjusting to find the right balance.
After you get the login information, download PuTTy from the web site:
http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
This program lets you connect over a protocol called SSH, or Secure Shell, which creates an encrypted connection to a command prompt on the server. Run PuTTy and fill out the following information:
Host name (or IP address): <your VPS IP address>
Port: 22
Connection type: SSH
Before we go any further, click on the words "Default Settings" under "Saved Sessions" and click the Save button to the right of it. That way you don't have to enter the IP address each time.
Then click Open. You'll see a prompt to accept the server's host key, click Yes. You only have do this the first time.
login as: root
password: <what you were given>
Note that you can resize the window if it's too small.
The first thing you should do after logging in is change the root password, especially since it was emailed to you in plaintext. Do that with the following command:
passwd
And enter the password twice.
BTW, for all of these commands, you can copy them from this guide and paste them into PuTTy by right-clicking in the command prompt window.
Now type
nano /etc/apt/sources.list
Add this line at the end of the file:
deb http://deb.torproject.org/torproject.org precise main
Enter the following sequence to save the file and exit: ctrl+x, y, enter
Enter the following lines into the command prompt to install Tor and the relay monitor ARM:
apt-get update
apt-get install deb.torproject.org-keyring
apt-get update
apt-get install tor tor-arm
Hit Y[enter] whenever it asks you to confirm an action. The first install command will give you a warning because you haven't imported the PGP key for that software repository yet, which is what you're doing with that command.
Now we'll edit the configuration file to turn our Tor client into a relay. First, backup the original configuration file:
cp /etc/tor/torrc /etc/tor/torrc.backup
If you screw something up, you can restore Tor to its default state with the following commands:
cp /etc/tor/torrc.backup /etc/tor/torrc
service tor restart
Let's edit the configuration file:
nano /etc/tor/torrc
Find the following lines and remove the # at the beginning. Anything that follows a # is treated as a comment instead of an instruction to Tor, so we are adding these instructions.
ControlPort 9051 # This is a comment that Tor ignores, but everything before the hash is an instruction that Tor reads
CookieAuthentication 1
ORPort 9001 # Change this to ORPort 443 !!!!
Nickname ididnteditheconfig # Change ididnteditheconfig to whatever nickname you want, no spaces, nothing drug or SR related
RelayBandwidthRate 100 KB # Change 100 KB to whatever you calculated for your server earlier
RelayBandwidthBurst 200 KB # Make this double the value above. If you server is using too much bandwidth, make this the same as the line above
ContactInfo Random Person <nobody AT example dot com> # Create a throwaway email address and put it here
ExitPolicy reject *:* # This line makes your relay a non-exit
Then type: ctrl+x, y, enter
service tor reload
Congratulations, you're running a relay!
The RelayBandwidthRate and RelayBandwidthBurst are what you will probably want to adjust after a few weeks of watching your relay's bandwidth.
A note about the contact info. You don't need to enter a name. Remove the "Random Person" part entirely. However, you should enter a real email address. The purpose of providing an email address is if your relay is misconfigured, the Tor people can contact you and tell you about it. On the other hand, this email address will appear in your relay's descriptor, which is public, so use an alternate address from any of your main ones.
There is a program called ARM (Anonymous Relay Monitor) that lets you monitor your relay. To run it, type:
arm
You can click the left and right arrow keys to see the different panels of info. To exit arm, type: q, q
Another way to view info about your relay is to search for it on https://atlas.torproject.org
Finally, to exit the SSH session, type:
exit
===Securing Your Server===
The following is not necessary, but it's an extremely good idea.
A better way to log in to your server is to create a regular user account, disable root logins, create an SSH key for your regular user, and disable password logins. That makes it virtually impossible for someone to break into your server (people try to hack into servers through SSH all day long).
To create a regular user account, enter this command:
adduser <username>
Change <username> to any one-word username you want.
Enter the password for that user twice, and make it different from root's password. Leave the rest of the prompts (like Full Name) blank by hitting enter through them, then hit y at the end.
You can test out your new user. Exit the SH session and launch PuTTy again. Now that you have a regular user, you can add it to the PuTTy configuration so you don't have to type it in every time.
In the configuration window that you get when PuTTy launches, go to Connection -> Data
Auto-login username: <the regular user you created>
Go back to the Session section, highlight "Default Settings", and click Save again. Connect to your server. You should only have to enter the password this time, and of course it will be your regular user's password.
When you login as the regular user, you can't do much outside of your home folder. You can't install or remove software. This is a security feature. You have to become root. In order to do that, type:
su
And enter root's password.
To exit being root, type exit, and to completely exit the SSH session, type exit again.
Let's make this even more secure by adding an SSH key.
Download this program and run it:
http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe
Next to "Generate a public/private key pair", click Generate. This will take a few minutes. Click around randomly to create entropy and speed it up.
When it's done, it'll say "Public key for pasting into OpenSSH authorized_keys file". Copy the entire thing in the box. Log into your server as the regular user and type this:
mkdir .ssh
nano .ssh/authorized_keys
Paste that public key in (by right-clicking once, as before). Then hit ctrl+x, y, enter.
Back in PuTTyGen, enter a key pass phrase and confirm it, then click "Save private key" and save it somewhere on your computer. The pass phrase protects your private key just like with PGP. At this point you can exit out of PuTTyGen.
Now launch PuTTy again, and in the configuration window, go to Connection -> SSH -> Auth.
Find the field that says Private key file for authentication, click Browse and select your private key.
Go back to Session, highlight "Default Settings" and Save.
Connect to your server again. This time it will ask you for the pass phrase to your private key, not the password to the regular user.
If you login successfully, great! You can disable root and password logins. Type:
su
nano /etc/ssh/sshd_config
Find these lines:
PermitRootLogin yes # Change it to no
#PasswordAuthentication yes # Remove the # at the beginning and change it to no
Save and exit with ctrl+x, y, enter.
Restart the SSH server:
service ssh restart
Exit completely out and log back in as the regular user. You should login just fine. To test your settings, you can change PuTTy to login as root and it should deny you.
Now think about what an attacker has to do to get into your server. First he has to guess your regular username. Then he has to steal your private key or brute force one that works with your public key. That's like having a 2048 bit password! Then he has to guess root's password. Your server is very secure.
===Server Maintenance===
You should login in to your server every once in a while and update the software. Login as the regular user, change to root (su), and issue these commands:
apt-get update
apt-get dist-upgrade
===Purchasing a Server Anonymously===
As I said before, I don't think it's necessary, but if you want to get a server anonymously, here are some ideas that may or may not work. Suggestions are definitely welcome. :)
The first thing you need to realize is that the vast majority of hosting providers use fraud detection services, because hackers and spammers love leasing servers anonymously or with stolen credit cards. You almost certainly can't sign up with a hosting provider from a Tor exit node. A popular fraud detection sevice called MaxMind claims to block VPNs and open proxies too:
https://www.maxmind.com/en/ipauthentication
If you really want to be anonymous, I don't think you should be using a VPN anyway, because you're trusting their word that they don't log, or that LE won't compel them to log in the future. The best way to find a "clean" IP address is to point Tor browser at a web proxy. There are web sites that list thousands of them, but for obvious reasons I won't list them here. You may have try many web proxies before you find one that isn't blocked.
The other issue is payment method. There are a few dozen hosting providers that accept bitcoins, which you could use by anonymizing them your normal way, but all of the ones that I know about are in North America and Europe, which doesn't help the diversity of the Tor network. Again, if you really want to be anonymous, that's fine because a relay in NA or EU is better than no relay.
Other than bitcoins, there are a few potentially anonymous payment methods with fiat currency.
1. Prepaid debit cards
2. e-currency and precious metals exchanges, like Pecunix
3. an anonymous PayPal account
MaxMind claims to block prepaid debit cards:
https://www.maxmind.com/en/ccv_overview
So I don't know if that will work.
As far as e-currency exchanges go, Liberty Reserve is gone, so I don't know what else exists other than Pecunix, but by routing money through several exchanges, you can potentially anonymize it. You'll have to find a hosting provider that takes these payment methods, or cash out to a different payment method.
Also, you might be able to register a PayPal account by pointing Tor Browser at a web proxy, and use fake info that is geographically close to that proxy, then go to Freenode #bitcoin-otc or localbitcoins.com and sell BTC for PayPal credit that gets deposited to your account, then use that to pay for the server.
All of these methods involve some work and a high chance of failure, but you're welcome to try them.
-
Thank you so much for putting this guide together astor! Many people have felt the urge to contribute in some way lately and I think this is an excellent way to do it. It's really very easy once you do it and you will also learn a few IT skills along the way as well. If anyone decides to follow this guide, please tell us about your experience and any hangups you might have.
-
Hi, you say this is a windows guide, but are those not Linux commands?
Surely the putty code you wrote works with a Ubuntu server?
CHEERS for the relatively concise guide.
-
Yeah, to be more clear: this is for Windows users to access a Linux server.
I will add the commands for Linux users to access a Linux server.
I'll need help in writing the commands for OS X users to access a Linux server.
You can use a Windows server, but they are more expensive and Tor doesn't work as well on them. I've seen relay operators switch from Windows to Linux server because of problems.
-
I will definitely set one up. Before you lease a server or VPS make sure you read the Acceptable Use Policy so that they don't cancel the account.
Thanks for the post Astor. +1
-
Yeah, to be more clear: this is for Windows users to access a Linux server.
I will add the commands for Linux users to access a Linux server.
I'll need help in writing the commands for OS X users to access a Linux server.
You can use a Windows server, but they are more expensive and Tor doesn't work as well on them. I've seen relay operators switch from Windows to Linux server because of problems.
Thanks. Yeah definitely.
Can't help with OSX, I try to avoid using it in any case
-
Cheers for make this astor!
We might include instructions to make obfs3 relay to help citizens in china and other countries and obfs relay better to conceal traffic.
If go through set up, then do all at one time.
-
There is now a relay plugin for FireFox, anyone use it? It seems very simple but I'm not sure if it works. 5000 people have downloaded it so far so there must be some feedback.
Surely a FireFox plugin that works is easier than setting up a VPS? For those not PC savy.
https://addons.mozilla.org/en-US/firefox/addon/tor-flashproxy-badge/?src=userprofile
There is the link.
-
Flashproxy is a nice idea, but it's for running a bridge in your browser. The purpose is to help censored people in places like Iran. You won't push a lot of traffic through your residential connection, and only bridge users will use it in the first place, which is about 5% of Tor users. To add substantial bandwidth to the network, and especially to diversify it, we need to run relays around the world, on continents outside of North America and Europe, and ideally those relays will be pushing more than 100 GB of traffic per month.
-
We might include instructions to make obfs3 relay to help citizens in china and other countries and obfs relay better to conceal traffic.
That's pretty easy. Follow the steps above on setting up a relay.
Then install the obfsproxy package:
apt-get install obfsproxy
And add these lines to /etc/tor/torrc
BridgeRelay 1
ServerTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy --managed
-
You may want to add Paysafecard to the list of possible anonymous payment options. Not sure if you can buy them anonymously in the USA, but you surely can do it in some EU countries. Many small newspaper kiosks sell them for cash.
There should be quite a few providers which offer anonymous hosting when using Paysafecards, e.g. http://www.cinipac.com/ http://www.myhost.to http://mediaon.com (I never used any of them).
-
Great post Astor!! +1!
Gotta give props where its due and you certainly deserve them for this. ;)
-
The Tor Browser Bundle has a 'Setup Relaying' option that seems pretty basic and quick to set up, is it not ideal or something?
-
We might include instructions to make obfs3 relay to help citizens in china and other countries and obfs relay better to conceal traffic.
That's pretty easy. Follow the steps above on setting up a relay.
Yes we know, but maybe include in tutorial during normal setup so it always be setup ;)
-
The Tor Browser Bundle has a 'Setup Relaying' option that seems pretty basic and quick to set up, is it not ideal or something?
That is definitely the easiest way to run a relay. Here are some reasons it's not a good idea, though. It puts your IP address on a list of public relays. That's something you probably want to avoid, just as I suggest using an alternate email address in the contact info. Most residential internet connections are pretty slow, especially the upload speeds. There are people who run relays from home, but most of them seem to be on Verizon FiOS connections (150 mbit). You'll have to keep the browser bundle running all the time. A relay with frequent downtimes is discouraged, because Tor clients downloads the list of relays at different times. Many will try to connect to your relay while it is down, so that adds to the inefficiency in the network. Lastly, if you aren't in South America or Asia, it doesn't add to the diversity of the network.
-
Excellent guide, "our" world would be a much better place with thousands of additional relays over the world.
+1
-
Yes we know, but maybe include in tutorial during normal setup so it always be setup ;)
I'm really hoping there are more public relays. :)
Bridges are used by a small number of Tor users (30,000 out of 500,000 daily users, so about 6%). They don't carry any other traffic for the network. They help the diversity of entry points for that small percentage of users, but the network could use diversity at all positions (entry, middle, exit) and for all users.
-
+1
-
This amazing tutorial has been added to our wiki page! :D Thanks Astor!! :D
http://dkn255hz262ypmii.onion/wiki/index.php?title=Running_a_TOR_relay
-
Nice! Hopefully we can get lots of new relays on the network. :)
-
Subscribing.
-
Thank you for this guide, I feel good that my idea of contributing has been popular with other people as well.
I am going to do my bit for the community and set up a relay :)
-
The amount of additional relays getting installed daily has significantly risen since the Snowden leaks btw. Looks like we get 700 new relays thanks to him, and thanks to the Freedom Hosting bust publicity.
Since early 2011 the amount of relays has doubled.
https://metrics.torproject.org/network.html
-
Subbed.
I'm adding this to my list of projects to do over the next period of time.
Astor. Hero.
-
Great guide.
For a Mac, the only difference is that instead of using Putty, you can use the built-in Terminal application.
So, hit the CMD and then SPACEBAR and that will load the search window. From there you can type TERMINAL and it will be the first option. Alternatively, look under your Applications folder for the program Terminal.
Once the Terminal window opens, type 'SSH root@(VPS IP address)'. So, if the VPS IP address you were given is 12.34.56.78 then you would type:
SSH root@12.34.56.78
From there, it should prompt you for your VPS password. Type the password you were given when you ordered/set up your VPS space and from there everything else is the same (download tor, set it up, per Astor's instructions).
I went through the process and it worked. I did have some minor problems when editing the torrc file, but it didn't take long to get the hang of it.
I suggest everyone spend $10 (or however much you choose) and rent some server space for the Tor project.
-
Yes we know, but maybe include in tutorial during normal setup so it always be setup ;)
I'm really hoping there are more public relays. :)
Bridges are used by a small number of Tor users (30,000 out of 500,000 daily users, so about 6%). They don't carry any other traffic for the network. They help the diversity of entry points for that small percentage of users, but the network could use diversity at all positions (entry, middle, exit) and for all users.
Bridges and Relays can be run on same host. Maybe this not best for country that block relays, but bridge have many more use. Think have more bridge and relay cannot hurt.
Also possible to order another IP and bind, but we kno this not in manner of simple guide as post.
-
thnx for the cool guide astor.. +1
for anyone wondering about the default exit policy, as stated on the tor website it allows everything except smtp, so if you are ok with everything else going through then just comment out the ExitPolicy reject* lines as per astor's instructions
on my machine I had to change my ServerTransportPlugin line as below, no dashes before managed.
ServerTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy managed
If your tor relay is running correctly, you should see a log message like this:
[notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.
-
subbed
-
Can this be done on TAILS?
-
Can this be done on TAILS?
You can probably run a relay on Tails by modifying the torrc the same way as in the guide. However, if you boot and shut down your Tails often, you shouldn't run a relay on it. Tor relays should be stable, with many days of uptime. It's bad for the Tor network when relays go offline a lot, because it takes time to update the directory and get all clients to know about the currently running relays. The network would become more inefficient if clients were trying to connect to a lot of relays that are offline.
-
Can this be done on TAILS?
You can probably run a relay on Tails by modifying the torrc the same way as in the guide. However, if you boot and shut down your Tails often, you shouldn't run a relay on it. Tor relays should be stable, with many days of uptime. It's bad for the Tor network when relays go offline a lot, because it takes time to update the directory and get all clients to know about the currently running relays. The network would become more inefficient if clients were trying to connect to a lot of relays that are offline.
Tails is a non-persistent mobile operating system. Relays should be run on stable setups.
-
Can this be done on TAILS?
You can probably run a relay on Tails by modifying the torrc the same way as in the guide. However, if you boot and shut down your Tails often, you shouldn't run a relay on it. Tor relays should be stable, with many days of uptime. It's bad for the Tor network when relays go offline a lot, because it takes time to update the directory and get all clients to know about the currently running relays. The network would become more inefficient if clients were trying to connect to a lot of relays that are offline.
Tails is a non-persistent mobile operating system. Relays should be run on stable setups.
I have the TBB on my desktop. I shut that down daily because I basically have to. Would it also be bad to try running a relay on that?
-
I have the TBB on my desktop. I shut that down daily because I basically have to. Would it also be bad to try running a relay on that?
Yes, it would be bad.
-
This should be sticky
-
If you want to run a relay at home you could buy a Raspberry PI. It only uses little amounts of power, so you can run it 24/7 without costing much.
You can buy a Onion PI for 90$
https://www.adafruit.com/products/1410
http://learn.adafruit.com/onion-pi/overview
-
helpful to make note of CPU/RAM/BW limits for person interest in run big capacity relay.
numbers for how much cpu used and maybe limits of certain cpu type.