0. Tor can be CPU, RAM and Network intensive. You'll probably want a system that has at least the following:
- 600 MHz i686 CPU --- multiple processors are better (Use NumCPUs in torrc)
- at least 256 MB of RAM --- 128 MB for ramdisk, 128 MB for paging
- any Linux supported NIC card
- Alt-F1 gives you the main menu
- Alt-F2 gives you a CPU meter
- Alt-F3 gives you the ntpd status
- Alt-F4 gives you another ash shell (DEPRECATED as of 20090627)
- Alt-F5 gives you another ash shell (DEPRECATED as of 20090627)
- Alt-F6 gives you another ash shell (DEPRECATED as of 20090627)
1. Download the latest image from
Burn the image onto a CD and boot.
2. You have six virtual terminals available:
3. In the main menu, set up your networking by typing
You'll see all the NIC cards your system has along with their MAC addresses which should help you identify which is which. Pick the one that corresponds to your external network. Then enter
a) your tor server's IP address
b) your server's netmask
c) your router's IP address
d) your nameserver's IP address
Your network is tested after each step. If all works, you will be told that the network is up and running! If anything fails, you can try again.
At this point you should check if ntpd is properly synchronizing. Since the daemon was started before networking was up, it may not be communicating properly now. Switch to its tty with Alt-F3 and if you are not seeing time synchronization, hit Ctrl-C to restart it.
4. (OPTIONAL) At any time, you can (re)test your network settings and ping any IP address using
At this time you may also check your system clock using
tor-ramdisk attempts to set your system time on startup and keep it synchronized using ntpd. However, if the time is heavily skewed and ntpd is having trouble, you can manually sync it to a DATE server using
You may enter either an IP address or FQDN when prompted for the DATE server.
5. Once networking is up, you will be given the option of configuring tor. Type
to begin. You can either import the torrc file using FTP or SCP or generate one from scratch. To import, you will need the FTP/SSH server's IP address or hostname, the name and path of the torrc you wish to import (relative to the account's home directory), and the username/password --- both anonymous and user login are supported.
Alternatively you can follow the wizard and generate a basic torrc which you can ultimately modify using vi. NOTE: If you re-enter torconf later, you can skip the wizard, continue to work with your present torrc, but still modify it with vi.
Next, you will be presented with the option of either importing a secret_id_key or generating one from scratch. If you want to to keep the identity of your server, you must use the same secret_id_key and keep the same NickName in torrc each time you start up tor. If this is the first time starting up, there is no harm in generating a new secret_id_key.
WARNING: While anonymous FTP is supported, do you really want to keep your SECRET key on a public site?! Public knowledge of torrc is not a problem, but secret_id_key is a private RSA key which should be kept secret. Even FTP to an account is not secure since all the information is sent clear through the network. Unless you are on a private subnet, I recommend using SCP.
6. With torrc and secret_id_key ready, you can start the tor server with
You can stop it with
You can also modify the torrc file while tor is running, and reload the configuration file with
7. (OPTIONAL) To check your system's resources, you can use
to see your RAM and CPU usage and run 'top'
to see what ports tor is listening on, and
to see all the established connections.
Alt-F2 gives a simple ASCII CPU monitor ( . = empty CPU cycles, S = system, U = user, D = io, I/i = IRQ/softIRQ). Finally, if you want to poke around more, Alt-F3 or Alt-F4 will give an ash shell (e.g. if you want to look in tor's working directory /var/tor).
8. Since preserving the torrc and secret_id_key between reboots is important, you can export these at any point after you have generated them, even while tor is running. Type
to selectively export either torrc and/or secret_id_key. Again you will need the FTP/SSH server's IP address, the path and name of where you want to put torrc, and username/password for the account. Your FTP/SSH server will have to allow uploads for this to work.
9. (OPTIONAL) You may want to cleanly shutdown. To do so, type
You don't have to do a torexport before shutdown, since if these files exit, you will be asked if you want to export them before powerdown. However, it is recommended that you export them as soon as they are generated the first time so that they will not be lost in case of power failure or other unfortunate incident. Since these files never change, you'll only have to export them once. You can simply re-import the same files each time you boot tor-ramdisk.
Alternatively, you can just powerdown directly. There are no filesystems to preserve in a ramdisk system. But, don't powerdown too often since it is disruptive to the tor network.