OpenBSD Journal

Tutorial for running tor chrooted on OpenBSD

Contributed by grey on from the more incentives to run tor dept.

I've been doing a lot of experimenting with tor over the past few months, but only just noticed that tyranix has contributed (and even kept up to date) an entry in the tor FAQ about running tor chrooted on OpenBSD, and he even has suggestions for running it with systrace! While this might not excite all of our readers as much as it did me, you can read more here:

http://wiki.noreply.org/wiki/TheOnionRouter_2fOpenbsdChrootedTor

For those unfamiliar with tor, be sure to check out the site's project page at: http://tor.eff.org.

And, for those who have been using tor on OpenBSD, and have been frustrated by the lack of tsocks, and thus not having a working torify.sh script - check out Dug Song's dsocks. The included dsocks.sh and dsock-torify.sh make for welcome substitutes.

(Comments are closed)


  1. By Brian (205.161.0.11) on

    http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#head-4f8880140cfca6c03e5c378cb022da03d11fef2e

    1. By Brian (205.161.0.11) on

      I can read, really.

  2. By Luiz Gustavo (200.225.76.130) on http://hades.uint8t.org

    For those who are looking for a better written systrace policy, look here. I haven't chrooted it yet, but so far it works with various apps nice and I would change a bit of it for my personal taste.

  3. By Todd T. Fries (66.210.104.117) todd@openbsd.org on http://todd.fries.net

    And for those of you who have been looking, Dugsong's dsocks implementation is a nice way to torify (socksify) existing applications that are not statically linked without recompilation and code invasion. I also added it to the ports tree this morning (ports/net/dsocks). See Dugsong's dsocks page for more details.

    1. By Luiz Gustavo (64.246.50.101) on http://hades.uint8t.org

      Just running squid with tor for fun. :)

      1. By Luiz Gustavo (200.225.76.130) on http://hades.uint8t.org

        Seems that dsocks-torify.sh made squid eat a bit more cpu than would be reasonable. I will take a look at privoxy also... Btw gentoo guys have a nice tutorial for a good start.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]