mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 18:22:09 +01:00
Code Issues Projects Releases Wiki Activity

revise server install instructions again. this time for sure!

Browse Source 
svn:r3248
This commit is contained in:
Roger Dingledine 2005-01-03 18:27:15 +00:00
parent ead52e0bdc
commit 6c7496e700
1 changed files with 29 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
doc/tor-doc.html
View File

@ -234,9 +234,12 @@ service url</a>).</p>
<p>We're looking for people with reasonably reliable Internet connections,
that have at least 20 kilobytes/s each way. If you frequently have a
lot of packet loss or really high latency, we can't handle your server
yet. Otherwise, please help out! (If you want to read more about whether
you should be a server, check out <a href="#client-or-server">the
section above</a>.
yet. Otherwise, please help out!
</p>
<p>
To read more about whether you should be a server, check out <a
href="#client-or-server">the section above</a>.
</p>
<p>To set up a Tor server, do the following steps after installing Tor.
@ -248,26 +251,27 @@ native Win32.)
</p>
<ul>
<li>1. Copy torrc.sample to torrc (in the default configuration this
means copy /usr/local/etc/tor/torrc.sample to /usr/local/etc/tor/torrc),
and edit the bottom part. Create the DataDirectory, and make sure it's
owned by the uid/gid that will be running tor. Fix your system clock so
it's not too far off. Make sure name resolution works.
<li>1. Edit the bottom part of your torrc (if you installed from source,
you will need to copy torrc.sample to torrc first. Look for them in
/usr/local/etc/tor/). Create the DataDirectory if necessary, and make
sure it's owned by the uid/gid that will be running tor. Fix your system
clock so it's not too far off. Make sure name resolution works.
<!--Make sure each
process can get to 1024 file descriptors (this should be already done
for everybody but some BSD folks). -->
<li>2. Run tor to generate keys and then exit: <tt>tor
--list-fingerprint</tt>. Send mail to tor-ops@freehaven.net including
a) this key fingerprint, b) who you are, so we know whom to contact if
there's any problem, and c) what kind of connectivity the new server
will have. If possible, PGP sign your mail.
<li>3. If you are using a firewall, open a hole in your firewall so
<li>2. If you are using a firewall, open a hole in your firewall so
incoming connections can reach the ports you configured (i.e. ORPort,
plus DirPort if you enabled it). Make sure outgoing connections can reach
at least ports 80, 443, and 9001-9033 (to get to other onion routers),
plus any other addresses or ports your exit policy allows.
<li>4. Start your server: <tt>tor</tt>. If it logs any warnings,
address them.
<li>3. Start your server: if you installed from source you can just
run <tt>tor</tt>, whereas packages typically launch Tor from their
initscripts. If it logs any warnings, address them. (By default Tor
logs to stdout, but some packages log to /var/log/tor/ instead.)
<li>4. Send mail to tor-ops@freehaven.net including a) this key
fingerprint, b) who you are, so we know whom to contact if there's any
problem, and c) what kind of connectivity the new server will have. If
possible, PGP sign your mail.
</ul>
<p>
@ -275,7 +279,7 @@ Optionally, we recommend the following steps as well:
</p>
<ul>
<li>1. Make a separate user to run the server. If you
<li>5. Make a separate user to run the server. If you
installed the deb or the rpm, this is already done. Otherwise,
you can do it by hand. (The Tor server doesn't need to be run as
root, so it's good practice to not run it as root. Running as a
@ -283,24 +287,24 @@ root, so it's good practice to not run it as root. Running as a
detect user name. If you're the paranoid sort, feel free to <a
href="http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot">put Tor
into a chroot jail</a>.)
<li>2. Decide what exit policy you want. By default your server allows
<li>6. Decide what exit policy you want. By default your server allows
access to many popular services, but we restrict some (such as port 25)
due to abuse potential. You might want an exit policy that is either
due to abuse potential. You might want an exit policy that is
less restrictive or more restrictive; edit your torrc appropriately.
If you choose a particularly open exit policy, you might want to make
sure your upstream or ISP is ok with that choice.
<li>3. You may find the initscripts in contrib/tor.sh or
<li>7. You may find the initscripts in contrib/tor.sh or
contrib/torctl useful if you want to set up Tor to start at boot. Let
the Tor developers know which script you find more useful.
<li>4. Consider setting your hostname to 'anonymous' or
<li>8. Consider setting your hostname to 'anonymous' or
'proxy' or 'tor-proxy' if you can, so when other people see the address
in their web logs or whatever, they will more quickly understand what's
going on.
<li>5. If you're not running anything else on port 80 or port
443, please consider setting up port-forwarding and advertising these
<li>9. If you're not running anything else on port 80 or port 443,
please consider setting up port-forwarding and advertising these
low-numbered ports as your Tor server. This will help allow users behind
particularly restrictive firewalls to access the Tor network. See section
4 of <a href="http://wiki.noreply.org/wiki/TheOnionRouter_2fTorFAQ">the
particularly restrictive firewalls to access the Tor network. See <a
href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#ServerForFirewalledClients">the
FAQ</a> for details of how to set this up.
</ul>