Introduction: Raspberry Pi Tor Relay
Tor (short for The Onion Router) is a system intended to enable online anonymity. The Tor client software directs internet traffic through a worldwide volunteer network of servers to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages and other communication forms", back to the user and is intended to protect users' personal freedom, privacy, and ability to conduct confidential business by keeping their internet activities from being monitored.
So obviously, TOR needs a large amount of servers and as TOR network is not a commercial organisation, it requires voluntary supporters. You can be one of them and turn your Raspberry in a TOR relay.
Step 1: Parts Needed
You need the following parts:
- Raspberry Pi
- power supply
- network cable/connection to the Internet
- SDcard with Raspbian (you can find all necessary installation intructions here: http://www.raspbian.org/RaspbianInstaller)
Step 2: Let's Start
For security reasons you should not work as "root" all the time, you can fix this problem with the following steps:
Open a terminal
apt-get install sudo
adduser tor
passwd tor
this creates the user "tor" and let's you set a password. Please use at least 8 digits (numeric, alphanumeric and special characters)
Now we have to to add the tor user account to the list of sudoers:
nano /etc/sudoers
Add the line
tor ALL=(ALL) ALL
Now we'll install the latest security patchess and updates. Please do this regularly!!!
sudo apt-get update
sudo apt-get upgrade
Step 3: Network Configuration
Now that the base setup is done, we have to configure network interface, open a terminal and use this command:
ifconfig
This shows you your actual configuration:
eth0 Link encap:Ethernet HWaddr 00:23:54:40:66:df
inet addr:192.168.0.20 Bcast:192.168.0.255 Mask:255.255.255.0
write down inet addr and mask
then type:
sudo nano /etc/network/interfaces
You will find a line like this:
iface eth0 inet dhcp
So as we see the Raspberry obtains an IP adress from the local DHCP server. If you want a static IP you hould change this to:
iface eth0 inet static
address 192.168.0.20 <- chose an IP that fits to your network! This is only an example!
netmask 255.255.255.0 <- change to the settings that fit to your network
gateway 192.168.0.1 <- type in the correct IP adress of your gateway.
Step 4: Installation and Configuration of TOR
sudo apt-get install tor
If you're connected to the Internet a download will be started, this takes some time.....
Now we need to edit the TOR configuration file . You can find it here: /etc/tor/torrc. Open this file with your favourite text editor an add/change these settings:
SocksPort 0
Log notice file /var/log/tor/notices.log
RunAsDaemon 1
ORPort 9001
DirPort 9030
ExitPolicy reject *:*
Nickname xxx (you can chose whatever you like)
RelayBandwidthRate 100 KB # Throttle traffic to 100KB/s (800Kbps)
RelayBandwidthBurst 200 KB # But allow bursts up to 200KB/s (1600Kbps)
Step 5: Problems With the Firewall
If your Raspberry sits behind a firewall, you'll have to configure its settings. To allow other nodes in the TOR network to contact your TOR relay, you have to open the ports 9030 and 9001. 9030 is needed for the directory service and 9001 for relay operation. Please refer to your firewll manual, there are to many to explain how to do it for every single firewall.
Step 6: Start the TOR Server
sudo /etc/init.d/tor restart
TOR is now restarted. Now we have a look at the log file (less /var/log/tor/log). If everything is fine, you'll find an entry like
at the end.Oct 18 22:59:21.104 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Congratulations! Now you have a TOR relay!
Step 7: Configuring Your Browser to Use Tor
To use Tor, you need a Tor client, which routes all your Internet traffic through the Tor network. To make you "invisible", the traffic travels through several randomly selected relays (run by volunteers like you and your Raspberry), before exiting the Tor network and arriving at your destination. This prevents your Internet service provider and people monitoring your local network from viewing the websites you access. It also prevents the websites themselves from knowing your physical location or IP address – they’ll see the IP address and location of the exit node instead. Even the relays don’t know who requested the traffic they’re passing along. All traffic within the Tor network is encrypted.
The first picture shows you how it works
An example: Let’s say you access instructables.com through Tor. Your Internet service provider and local network operator can’t see that you’re accessing this site – they just see encrypted Tor traffic. The Tor relays pass your traffic along until it eventually reaches an exit node. The exit node talks to instructables.com for you – from the perspective of this site, the exit node is accessing their website. (Of course, traffic can be monitored at the exit node if you’re accessing an unencrypted website.) The exit node passes the traffic back along the relays, and the relays don’t know where it ends up.
This makes it possible for Tor to offer anonymity and a path through Internet censorship and monitoring – people living under repressive regimes with censored Internet connections can use Tor to access the wider Internet without fear of reprisal. Whistleblowers can use Tor to leak information without their traffic being monitored and logged.
All this nice features have their price. Browsing with Tor makes it really slower. So you might now be able to see youtube videos, that are blocked in your country, but it may take some time until the video loads.
So how can you get this client and install it?
This depends on your operating system and browser. There are many good tutorials out there for almost every possible combination. You can find many other good (video) tutorials out there, but i think the following links should give you enough information for your first steps:
Windows: https://www.torproject.org/docs/tor-doc-windows.html.en
Linux/Unix/BSD: https://www.torproject.org/docs/tor-doc-unix.html.en
Debian/Ubuntu: https://www.torproject.org/docs/debian.html.en
Mac OSX: https://www.torproject.org/docs/tor-doc-osx.html.en
and last but not least:
Android: https://www.torproject.org/docs/android.html.en
Last words:
Remember not to provide any personal information – say, by logging into an account associated with you – while using the Tor browser, or you’ll lose the anonymity.
27 Comments
7 years ago on Introduction
Too bad tor its not working anymore...the tor package for Raspberry pi shows 404. I tried a lot.
Reply 1 year ago
You have to add the repo now..
https://support.torproject.org/apt/tor-deb-repo/
then you can follow these after
https://community.torproject.org/relay/setup/guard...
that is for a guard relay which is a nonexit node.
Reply 2 years ago
Yeah. I get those problems a lot when I'm working with the Raspberry Pi.
Question 2 years ago
What kind of relay will I run if I make this?
I don't want to make an exit relay because I am not ready for any legal trouble.
Answer 1 year ago
You can only run non-exit relays aka guard or middle (if your internet is greater then 2mbs it will be a guard, middle if not).
Exit relays take a very special setup for this reason...
https://community.torproject.org/relay/types-of-relays/
Question 4 years ago
The entire tutorial went well, but at the end, when I checked my logs, I found this:
Jun 17 23:14:02.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Jun 17 23:14:02.000 [notice] Bootstrapped 100%: Done
Jun 17 23:18:59.000 [notice] Interrupt: exiting cleanly.
Is the last log message a problem, or is everything fine?
5 years ago
good project
6 years ago
Hello! I had a series of questions for anyone willing to answer. I want to build a small, portable RPi but I'm relatively new to all of this. Is it possible to actually download Tor on it as I would Windows? Because from what I understand this tutorial is only used to put your traffic through another source and therefore confusing anyone trying to trace you.
Reply 6 years ago
You're correct. This is a relay. Here is the tor instructions if anyone else is interested.
https://www.torproject.org/docs/debian.html.en
6 years ago on Step 7
nice tutorial - but I'm now having trouble accessing my nas
Have I screwed up something?
Please advise
6 years ago on Step 2
Open a terminal
apt-get install sudo
first line commant and it says
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
Reply 6 years ago on Introduction
Type: "sudo su" without the "". then try it again.
7 years ago on Introduction
Done, this instructable is a bit outdated though, for people looking for more info follow this
http://www.devconsole.info/?p=879
Alot more info.
7 years ago on Introduction
So I've got this message:
Tor has successfully opened a circuit. Looks like client functionality is working.
But when I go to globe.torproject.org and see if my nickname shows, but it doesn't. I waited well over an hour to make sure everything was updated.
How can I locally confirm that the relay is working?
Thank you!
7 years ago on Introduction
You have already finished Tor Relay For Raspian on step 6. A man without any knowledge of tor won't make this instructable. Step 7: Configuring your browser to use Tor is not necessary at all. Just like an advertisement.
But good instructable, thank you!
8 years ago on Introduction
I've got a quick question for anyone here who is more conversant with the Tor algorithm. And please point me to resources if there's a project like I describe already in motion somewhere else!
How well will a relay - of any type - function with an intermittent connection?
The scenario I'm imagining is a Tor relay mounted on a vehicle (car or bike) using a wireless connection. If one travels routinely through a crowded wifi environment in stop-and-go conditions, would such a relay be able to negotiate a connection and spend a useful amount of time serving as a relay? Such as while stopped at a light or crawling along in congestion? Or while your bike is parked outside a place with an open network.
I understand some of this might violate TOS for some networks, but be assured, this is just a thought experiment. I have too many other hobbies right now.
Reply 7 years ago on Introduction
I am trying to do something like this for a distributed process grid ...
8 years ago on Step 7
Nice tutorial - I'd never heard of Tor until tonight when a mate posted on FB about it. Now configured and running. Thanks
8 years ago
Alternative tutorial in http://unsuspectingbit.com/tutorial-private-anonymizing-proxy-raspberry-pi-tor-based/
8 years ago on Introduction
Its excellent :)