[or-cvs] revise server install instructions again. this time for sure!
Roger Dingledine
arma at seul.org
Mon Jan 3 18:27:18 UTC 2005
Update of /home2/or/cvsroot/tor/doc
In directory moria.mit.edu:/home2/arma/work/onion/cvs/tor/doc
Modified Files:
tor-doc.html
Log Message:
revise server install instructions again. this time for sure!
Index: tor-doc.html
===================================================================
RCS file: /home2/or/cvsroot/tor/doc/tor-doc.html,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -d -r1.43 -r1.44
--- tor-doc.html 3 Jan 2005 18:01:36 -0000 1.43
+++ tor-doc.html 3 Jan 2005 18:27:15 -0000 1.44
@@ -234,9 +234,12 @@
<p>We're looking for people with reasonably reliable Internet connections,
that have at least 20 kilobytes/s each way. If you frequently have a
lot of packet loss or really high latency, we can't handle your server
-yet. Otherwise, please help out! (If you want to read more about whether
-you should be a server, check out <a href="#client-or-server">the
-section above</a>.
+yet. Otherwise, please help out!
+</p>
+
+<p>
+To read more about whether you should be a server, check out <a
+href="#client-or-server">the section above</a>.
</p>
<p>To set up a Tor server, do the following steps after installing Tor.
@@ -248,26 +251,27 @@
</p>
<ul>
-<li>1. Copy torrc.sample to torrc (in the default configuration this
-means copy /usr/local/etc/tor/torrc.sample to /usr/local/etc/tor/torrc),
-and edit the bottom part. Create the DataDirectory, and make sure it's
-owned by the uid/gid that will be running tor. Fix your system clock so
-it's not too far off. Make sure name resolution works.
+<li>1. Edit the bottom part of your torrc (if you installed from source,
+you will need to copy torrc.sample to torrc first. Look for them in
+/usr/local/etc/tor/). Create the DataDirectory if necessary, and make
+sure it's owned by the uid/gid that will be running tor. Fix your system
+clock so it's not too far off. Make sure name resolution works.
<!--Make sure each
process can get to 1024 file descriptors (this should be already done
for everybody but some BSD folks). -->
-<li>2. Run tor to generate keys and then exit: <tt>tor
---list-fingerprint</tt>. Send mail to tor-ops at freehaven.net including
-a) this key fingerprint, b) who you are, so we know whom to contact if
-there's any problem, and c) what kind of connectivity the new server
-will have. If possible, PGP sign your mail.
-<li>3. If you are using a firewall, open a hole in your firewall so
+<li>2. If you are using a firewall, open a hole in your firewall so
incoming connections can reach the ports you configured (i.e. ORPort,
plus DirPort if you enabled it). Make sure outgoing connections can reach
at least ports 80, 443, and 9001-9033 (to get to other onion routers),
plus any other addresses or ports your exit policy allows.
-<li>4. Start your server: <tt>tor</tt>. If it logs any warnings,
-address them.
+<li>3. Start your server: if you installed from source you can just
+run <tt>tor</tt>, whereas packages typically launch Tor from their
+initscripts. If it logs any warnings, address them. (By default Tor
+logs to stdout, but some packages log to /var/log/tor/ instead.)
+<li>4. Send mail to tor-ops at freehaven.net including a) this key
+fingerprint, b) who you are, so we know whom to contact if there's any
+problem, and c) what kind of connectivity the new server will have. If
+possible, PGP sign your mail.
</ul>
<p>
@@ -275,7 +279,7 @@
</p>
<ul>
-<li>1. Make a separate user to run the server. If you
+<li>5. Make a separate user to run the server. If you
installed the deb or the rpm, this is already done. Otherwise,
you can do it by hand. (The Tor server doesn't need to be run as
root, so it's good practice to not run it as root. Running as a
@@ -283,24 +287,24 @@
detect user name. If you're the paranoid sort, feel free to <a
href="http://wiki.noreply.org/wiki/TheOnionRouter/TorInChroot">put Tor
into a chroot jail</a>.)
-<li>2. Decide what exit policy you want. By default your server allows
+<li>6. Decide what exit policy you want. By default your server allows
access to many popular services, but we restrict some (such as port 25)
-due to abuse potential. You might want an exit policy that is either
+due to abuse potential. You might want an exit policy that is
less restrictive or more restrictive; edit your torrc appropriately.
If you choose a particularly open exit policy, you might want to make
sure your upstream or ISP is ok with that choice.
-<li>3. You may find the initscripts in contrib/tor.sh or
+<li>7. You may find the initscripts in contrib/tor.sh or
contrib/torctl useful if you want to set up Tor to start at boot. Let
the Tor developers know which script you find more useful.
-<li>4. Consider setting your hostname to 'anonymous' or
+<li>8. Consider setting your hostname to 'anonymous' or
'proxy' or 'tor-proxy' if you can, so when other people see the address
in their web logs or whatever, they will more quickly understand what's
going on.
-<li>5. If you're not running anything else on port 80 or port
-443, please consider setting up port-forwarding and advertising these
+<li>9. If you're not running anything else on port 80 or port 443,
+please consider setting up port-forwarding and advertising these
low-numbered ports as your Tor server. This will help allow users behind
-particularly restrictive firewalls to access the Tor network. See section
-4 of <a href="http://wiki.noreply.org/wiki/TheOnionRouter_2fTorFAQ">the
+particularly restrictive firewalls to access the Tor network. See <a
+href="http://wiki.noreply.org/wiki/TheOnionRouter/TorFAQ#ServerForFirewalledClients">the
FAQ</a> for details of how to set this up.
</ul>
More information about the tor-commits
mailing list