Back to Business
Ok, lets pick up where we left off . We’re now ssh’d into our EC2 Ubuntu server. The next step is installing tor. Do not run apt-get install tor. Instead, follow the directions found here (we’re running Xenial Xerus, just so you don’t have to check). As a sanity check, type tor into the terminal, you should see an error after following those steps. If you see an error like “command tor not found” back up, and retrace your steps, or get in touch with me for help, something went wrong.
Just like we did in the Windows tutorial. We’re going to edit the torrc file to configure the node. I use vim, but feel free to use whatever command line editor you’re familiar with. If you’ve never used one before, again, feel free to get in touch! I’m a missionary for The Church of Vim.
The torrc file is located in the /etc/tor/ directory. So run:
sudo vim /etc/tor/torrc
Don’t forget the sudo, otherwise the file will be read only.
Paste the following lines at the bottom of the file:
ORPort 9001 Nickname <YOUR NODE NICKNAME> RelayBandwidthRate 75 KBytes # Throttle traffic to 75KB/s (600Kbps) RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb) AccountingMax 1 GBytes AccountingStart month 3 15:00 ExitPolicy reject *:* # no exits allowed
Here <YOU NODE NICKNAME> should be a unique name for your node that you’ll remember, because we’ll use it to search for the node using atlas. We’re also directing tor to listen on the port we opened in the previous tutorial, as well as limiting the bandwidth that the tor network can use, and disallowing exit traffic. We have to limit the bandwidth to these specific metrics, otherwise we’ll accrue charges from Amazon for our EC2 instance. This explains why the tor network is slow, as discussed in our previous post. Sadly, we’re one of the slow nodes.
sudo service tor reload
The tor documentation tells you the logs will be output to the /var/log/tor/ directory. I never saw them there, instead I had to use journalctl. Just like the Windows tutorial, we need to ensure the line “Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor.” is being output by the tor node, otherwise the node isn’t working. So we’ll run:
journalctl | grep "Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor."
If nothing is output to the console, your tor service isn’t running. Just a few troubleshooting tips. Run:
sudo service tor stop && sudo tor
If you never see that line output, there is a problem with your tor installation, consider uninstalling tor and reinstalling it. If, however, it runs fine, there is a problem with the init.d script to daemonize the tor process. Consider this reddit link.
Going back to AWS cost from the previous post, we can also monitor our tor node bandwidth usage using the following command:
journalctl | grep "Accounting enabled."
You should see output like:
Heartbeat: Accounting enabled. Sent: 94.42 MB, Received: 121.84 MB, Used: 122.38 MB / 1.00 GB, Rule: max. The current accounting interval ends on 2017-09-03 15:00:00, in 21 days 2:08 hours.
Here the node is telling us that it’s used 122.38 MB of the 1GB we’ve defined as the monthly max in the torrc (the Accounting lines). When we reach 1GB of traffic, the node will stop accepting connections for the rest of the month, thus keeping our EC2 cost inside the free tier metrics.
Self-testing indicates... line showed up after running the journalctl command, your node is up and running! We can now head over to atlas and search for the Nickname you set in the torrc file. Keep in mind, that like the last tutorial, it will take a few hours to show up on the atlas webpage.
If you named your node something unique, when you search for it, you’ll be taken directly to your details page. Here’s quick run down.
OR Addresses, is the public IP address of your node, Contact is your contact information if you set it in the torrc file (we didn’t, but it’s explained in the Windows tutorial). Advertised Bandwidth is how much bandwidth you’re telling the rest of the network you’re willing to allow through you. Exit Policy is set to reject all exit traffic, as we said, those nodes get put under extra scrutiny. Uptime is how long our node has been active on the tor network. You can see AS Name is Amazon.com, Inc, since we’re using Amazon’s hardware. Below this you can see metric graphs for your node. Since ours is so new, nothing shows up.
You’ve just joined a unique brotherhood. You are a protector of internet freedom. You’ve managed to do what only a very small portion of the population has done, and that’s take concrete action toward a free and open internet. Anyone can click like, or retweet, but few actually look into the details and understand what it takes for a free and open internet. I’m proud of you for following along, and if you know me at all, you’ll know this may be the first time I’ve ever said that.