Box for simple Tor node.

John Newman jnn at synfin.org
Fri Oct 11 22:07:18 PDT 2019 


On October 12, 2019 2:11:59 AM UTC, John Newman <jnn at synfin.org> wrote:
>
>
>On October 11, 2019 9:53:10 PM UTC, jim bell <jdb10987 at yahoo.com>
>wrote:
>>On Friday, October 11, 2019, 02:26:27 PM PDT, John Newman
>><jnn at synfin.org> wrote:
>> 
>> 
>> On Fri, Oct 11, 2019 at 09:05:00PM +0000, jim bell wrote:
>>> Somebody asked me a question, but because I am far from being an
>>expert, I couldn't answer.   Suppose a person wanted to implement a
>TOR
>>node, simply by buying some box, and plugging it into his modem, and
>>power.  And NOT needing to become an expert on TOR, or even on
>>computers in general.  And NOT having to follow pages and pages of
>>instructions.   I did a few minutes of searching, and even the
>'simple'
>>explanations seemed 'clear as mud'. 
>>> Don't bother with long explanations challenging the usefulness, or
>>trustworthiness of TOR.   Yes, we've discussed them to death.  That's
>a
>>different subject.                    Jim Bell
>>
>>>On FreeBSD, it's as simple as running the following commands as root
>>
>>># install tor
>> pkg install tor
>>
>>># set appropriate variables, there aren't too many to get going and
>># you can find them all well documented 
>> vi /usr/local/etc/tor/torrc
>>
>>># update your rc.conf so the service will start at boot, then start
>it
>> sysrc tor_enable=YES
>> service tor start
>>
>>>For an idea of what the torrc file should look like, here is mine
>with
>>a
>>few bits XXX'd out. My node is specifically configured not to allow
>>exit
>>traffic because it was generating a lot of complaints upstream about
>my
>>host trying to hack peoples shit, etc :)  
>>
>>># cat /usr/local/etc/tor/torrc | egrep -v "^$|^#"
>>SocksPort 9050
>>SocksPolicy accept 127.0.0.1
>>SocksPolicy reject *
>>Log notice file /var/log/tor/notices.log
>>RunAsDaemon 1
>>DataDirectory /var/db/tor
>>ControlPort 9051
>>HashedControlPassword XXXXXXXXXXXXXX
>>ORPort 9023
>>Exitpolicy reject *:*  # too many complaints :)
>>Nickname twentysevendollars
>>Address wintermute.synfin.org
>>OutboundBindAddress 198.154.106.54
>>RelayBandwidthRate 3265 KBytes  # playing with this
>>RelayBandwidthBurst 4355 KBytes # ditto
>>ContactInfo 0CA8B961 John Torman <tor @ synfin dot org>
>>DirPort 9030 # what port to advertise for directory connections
>>MyFamily XXXXXXXXXXXXX
>>
>>
>>>If you were doing this on Linux, it would be much the same. Replace
>>the
>>"pkg install" with "apt-get install" or "yum install" or whatever, you
>>might have to add a tor repo or something. The config file probably
>>won't live under /usr/local/etc/tor, but just /etc/tor, and you'll use
>>systemctl rather than just updating the rc.conf with sysrc.
>>
>>>I would not recommend you run an exit node from your home ;)
>>
>>
>>Yes, even years ago I was aware that a person shouldn't try to run an
>>Exit node on a home setup.  Although, I wonder if it has been tried? 
>> Sounds like a good beginning for a Wired article?   After writing
>>that, I found:   https://blog.torproject.org/tips-running-exit-node   
>>   No way!!!
>>
>>But you didn't answer my question.  I said a simple box, and that is
>>precisely what I meant.   Power, Ethernet.  Plug into existing
>>Modem.   Okay, I would understand it if the operator had to link it to
>>the network by accessing a web page and informing them of the new IP
>>address, but that's the level of complexity I was thinking about. 
>>(Except for a box that already "knows" how to link up and start
>>running.)
>>Could one of the problems with the TOR network be that only "experts"
>>are likely to participate?
>>Also note:  I am referring to a situation where a person does not
>need,
>>and does not want, the benefit of TOR for himself;  Just wants to add
>>his "brick in the wall" to the nodes.  Has a spare $100 or so for the
>>box, and has unlimited-usage gigabit/second Internet service.  (I see
>>that Centurylink provides them for $65/month, probably subject to tax,
>>as well.)
>>                   Jim Bell  
>
>What you are describing, if it doesn't already exist, would be trivial
>to code for Windows (assuming standard tor binaries will run, win10 
>has fucking WSL or whatever, anyway im sure it does) or MacOS or
>Linux..  like the tor browser, but even simpler: just a little
>graphical
>applet that generates a torrc and starts up the tor daemon. Even makes 
>sure whatever software firewall you are using has the right holes in it
>;)
>
>I don't know of such an app but kinda surprised it doesn't exist.

A more appropriate answer to your question would actually be
a pi or some SoC board with bare bones Linux or BSD OS and a version
of the little Tor wrapper app I described that had a really simple web
interfere and ran under e.g. nginx and php (or whatever).  Put in a nice
case with an onion stamped on top.

And if that's really the only feature you wanted, I guess that's 
all it would do ;)

No one is selling such hardware mass produced.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20191012/7279e0c8/attachment-0001.sig>

More information about the cypherpunks mailing list