Tor Relay Setup
In this tutorial, you will learn how to set up a tor relay and run it afterwards.
Minimum system requirements
- CPU: Any modern CPU
- RAM: At least 2 GB
- Storage: Anything will be fine, tor needs 200 MB of free space
- Network: A stable connection, which can provide 1 MB up and down
Setup
This section covers how to set up a tor relay
Automatic software updates
It’s important that your system stays up to date. To automate it, you can use a program.
apt-get install unattended-upgrades apt-listchanges -y
nano /etc/apt/apt.conf.d/50unattended-upgrades
Delete everything in this file. Afterwards, paste this content to the file.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
"TorProject:${distro_codename}";
};
Unattended-Upgrade::Package-Blacklist {
};
nano /etc/apt/apt.conf.d/20auto-upgrades
Add the following content to the file.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::AutocleanInterval "5";
APT::Periodic::Unattended-Upgrade "1";
APT::Periodic::Verbose "1";
Repository
This section will explain, how to add the tor project repositories.
apt install apt-transport-https
nano /etc/apt/sources.list.d/tor.list
Add this content to the new created file.
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main
Replace <DISTRIBUTION> with your distribution. Run this command to check the operating system version.
lsb_release -c
Or
cat /etc/debian_version
Now add the GPG key.
apt install gpg -y
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
Install tor and tor keyring.
apt update
apt install tor deb.torproject.org-keyring -y
Configure tor
This section will explain how to configure tor.
nano /etc/tor/torrc
Add this content to the file
Nickname yourRelayName # Change "yourRelayName" to something you like
ContactInfo email: yourEmailAdress # Write your e-mail and be aware it will be published
ORPort 443 # You might use a different port, should you want to
ExitRelay 0
SocksPort 0
AccountingMax 1000GB # Change this to the maximum bandwidth limit / month
AccountingStart month 1 0:00 # When the "AccountingMax" will be reset
RelayBandwidthRate 1 MB # How much bandwidth the tor relay can use / second
RelayBandwidthBurst 2 MB # How much bandwidth the tor relay can use / second as burst (for short amount of time)
ControlPort 9051
CookieAuthentication 1
The last thing to do is to restart tor.
systemctl restart tor@default
Monitoring
To monitor the relay, you can use nyx. To install nyx run.
apt install nyx -y
nyx
Now you will see your relay running. Don’t be surprised. In the first 3 day the relay will do very little, after the 3 days the relay will be slowly used by more and more people. Read more about it here: https://blog.torproject.org/lifecycle-of-a-new-relay/.
To furthermore monitor the relay you can use vnstat, vnstat will show the used bandwidth of the system. To install vnstat run.
apt install vnstat -y
I use arch btw