[tor-relays] Dear OBFS4 bridge operators, please enable timing and packet-size obfuscations to help clients facing timing analysis attacks.
boldsuck
lists at for-privacy.net
Tue Sep 24 14:09:04 UTC 2024
pasture_clubbed242--- via tor-relays wrote:
> I could only find this article saying there is a 'cert=' option, which
> initially appear useful for Tor.
Cert is default in obfs4 bridelines, you can create yours with:
~# cat /var/lib/tor-instances/01/fingerprint
nikname fingerprint
~# cat /var/lib/tor-instances/01/pt_state/obfs4_bridgeline.txt
# obfs4 torrc client bridge line
#
# This file is an automatically generated bridge line based on
# the current obfs4proxy configuration. EDITING IT WILL HAVE
# NO EFFECT.
#
# Before distributing this Bridge, edit the placeholder fields
# to contain the actual values:
# <IP ADDRESS> - The public IP address of your obfs4 bridge.
# <PORT> - The TCP/IP port of your obfs4 bridge.
# <FINGERPRINT> - The bridge's fingerprint.
Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=glib+gliberish+gliberish iat-mode=0
--
╰_╯ Ciao Marco!
Debian GNU/Linux
It's free software and it gives you freedom!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 3872 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20240924/e1bea51b/attachment.sig>
More information about the tor-relays
mailing list