Opened 4 years ago
Closed 6 months ago
#13665 closed task (worksforme)
Update the obfsbridge setup instructions on the website
Reported by: | asn | Owned by: | cypherpunks |
---|---|---|---|
Priority: | Medium | Milestone: | website redesign |
Component: | Webpages/Website | Version: | |
Severity: | Normal | Keywords: | website-content, FAQ, obfsproxy |
Cc: | yawning | Actual Points: | |
Parent ID: | #25218 | Points: | |
Reviewer: | Sponsor: |
Description
https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en#instructions
As sysrqb noted, the official obfsbridge setup instructions are actually obfsproxy setup instructions which only support obfs3. The instructions should be updated to also include obfs4 which is the future PT. Then, we should also include instructions for FTE.
Furthermore, the page is missing ExtORPort auto
from the sample torrc. Should we add it there? If yes, we need to make sure that all those people will have tor-0.2.5.x installed.
I hope this is not a duplicate ticket.
Child Tickets
Change History (10)
comment:1 Changed 4 years ago by
Cc: | yawning added |
---|---|
Keywords: | pt yawning removed |
comment:2 follow-up: 3 Changed 4 years ago by
comment:3 Changed 4 years ago by
Replying to yawning:
Sure, this is a good idea.
I'm not sure about how the Debian specific parts of this works, is "apt-get install obfs4proxy" sufficient (I know that both Debian's and our repo have the package)?
Hm, I think you will probably want to use Tor's debian repository, since looking at:
https://packages.debian.org/search?keywords=obfs4proxy
it seems that there is no obfs4proxy package for Debian stable.
We also need to revisit this page:
https://www.torproject.org/projects/obfsproxy-instructions.html.en
for non-Debian instructions for obfs4proxy.
And also this page:
https://www.torproject.org/docs/pluggable-transports.html.en
to add a "How to setup an obfsbridge" section that links to our instructions.
Basic obfs4 deployment would be something like:
SocksPort 0 ORPort 443 # or some other port if you already run a webserver/skype BridgeRelay 1 Exitpolicy reject *:* ExtORPort auto ## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like #Nickname CHANGEME_1 ## CHANGEME_2 -> provide some email address so we can contact you if there's a problem #ContactInfo CHANGEME_2 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy(Optionally) For people that want to run both obfs3 and obfs4, the last line should read as:
ServerTransportPlugin obfs3,obfs4 exec /usr/bin/obfs4proxyI assume to avoid user confusion we should just entirely replace obfsproxy with obfs4proxy in our instructions till otherwise needed (NB: obfs4proxy packages only exist for i386/amd64 and ARM).
I think that makes sense. Since obfs4proxy supports obfs3 and obfs4 we should be fine.
Would this also be the place to document how to use
capabilities(7)
andServerTransportListenAddr
to run the obfs4 bridge on reserved ports (eg: 443)?
Hm, maybe. But in a different section.
Or maybe put that in the wiki and link to the wiki?
Up to you.
comment:4 Changed 2 years ago by
Owner: | changed from Sebastian to cypherpunks |
---|---|
Status: | new → assigned |
comment:5 Changed 20 months ago by
Keywords: | #website-content added |
---|---|
Severity: | → Normal |
comment:6 Changed 19 months ago by
Keywords: | website-content added; #website-content removed |
---|
comment:7 Changed 11 months ago by
Milestone: | → website redesign |
---|
comment:8 Changed 6 months ago by
Keywords: | FAQ obfsproxy added |
---|
comment:9 Changed 6 months ago by
Parent ID: | → #25218 |
---|
comment:10 Changed 6 months ago by
Resolution: | → worksforme |
---|---|
Status: | assigned → closed |
Since the https://www.torproject.org/projects/obfsproxy-instructions.html is gone and the other one links to wiki pages - doc/PluggableTransports/obfs4proxy and doc/PluggableTransports#BecomeaPTbridgeoperator - they can be updated there as needed.
Sure, this is a good idea.
I'm not sure about how the Debian specific parts of this works, is "apt-get install obfs4proxy" sufficient (I know that both Debian's and our repo have the package)?
Basic obfs4 deployment would be something like:
(Optionally) For people that want to run both obfs3 and obfs4, the last line should read as:
I assume to avoid user confusion we should just entirely replace obfsproxy with obfs4proxy in our instructions till otherwise needed (NB: obfs4proxy packages only exist for i386/amd64 and ARM).
Would this also be the place to document how to use
capabilities(7)
andServerTransportListenAddr
to run the obfs4 bridge on reserved ports (eg: 443)?Please let me know if there are any more questions.