Quickstart

0. Tor can be CPU, RAM and Network intensive. You'll probably want a system that has at least the following:

  • 600 MHz i686 CPU --- multiple processors are better (Use NumCPUs in torrc)
  • at least 256 MB of RAM --- 128 MB for ramdisk, 128 MB for paging
  • any Linux supported NIC card
    • 1. Download the latest i686 image from

      http://opensource.dyc.edu/pub/tor-ramdisk/images/tor.uclibc.x86.iso

      or the lastest x86_64 image from

      http://opensource.dyc.edu/pub/tor-x86_64-ramdisk/images/tor.uclibc.x86_6...

      Burn the image onto a CD or transfer the image to a pen drive using a utility like unetbootin and boot.

      2. You have six virtual terminals available:

      • Alt-F1 gives you the main menu
      • Alt-F2 gives you a CPU meter
      • Alt-F3 gives you the ntpd's output
      • Alt-F4 gives you haveged's output

      3. In the main menu, set up your networking by typing

      netstart

      You'll see all the NIC cards your system has along with their MAC addresses which should help you identify which is which. Pick the one that corresponds to your external network. Then enter

      a) your tor server's IP address
      b) your server's netmask
      c) your router's IP address
      d) your nameserver's IP address

      Your network is tested after each step. If all works, you will be told that the network is up and running! If anything fails, you can try again.

      At this point you should check if ntpd is properly synchronizing. Since the daemon was started before networking was up, it may not be communicating properly now. Switch to its tty with Alt-F3 and if you are not seeing time synchronization, hit Ctrl-C to restart it.

      4. (OPTIONAL) At any time, you can (re)test your network settings and ping any IP address using

      nettest

      At this time you may also check your system clock using

      gettime

      tor-ramdisk attempts to set your system time on startup and keep it synchronized using ntpd. However, if the time is heavily skewed and ntpd is having trouble, you can manually sync it to a DATE server using

      settime

      You may enter either an IP address or FQDN when prompted for the DATE server.

      5. Once networking is up, you will be given the option of configuring tor. Type

      torconfig

      to begin. You can either import the torrc file using FTP or SCP or generate one from scratch. To import, you will need the FTP/SSH server's IP address or hostname, the name and path of the torrc you wish to import (relative to the account's home directory), and the username/password --- both anonymous and user login are supported.

      Alternatively you can follow the wizard and generate a basic torrc which you can ultimately modify using vi. NOTE: If you re-enter torconf later, you can skip the wizard, continue to work with your present torrc, but still modify it with vi.

      Next, you will be presented with the option of either importing a secret_id_key or generating one from scratch. If you want to to keep the identity of your server, you must use the same secret_id_key and keep the same NickName in torrc each time you start up tor. If this is the first time starting up, there is no harm in generating a new secret_id_key.

      WARNING: While anonymous FTP is supported, do you really want to keep your SECRET key on a public site?! Public knowledge of torrc is not a problem, but secret_id_key is a private RSA key which should be kept secret. Even FTP to an account is not secure since all the information is sent clear through the network. Unless you are on a private subnet, I recommend using SCP.

      6. With torrc and secret_id_key ready, you can start the tor server with

      torstart

      You can stop it with

      torstop

      You can also modify the torrc file while tor is running, and reload the configuration file with

      torreload

      7. (OPTIONAL) To check your system's resources, you can use

      resources

      to see your RAM and CPU usage and run 'top'

      listening

      to see what ports tor is listening on,

      established

      to see all the established connections, and

      entropy

      to see how much entropy your system has in reserve.

      Alt-F2 gives a simple ASCII CPU monitor ( . = empty CPU cycles, S = system, U = user, D = io, I/i = IRQ/softIRQ).

      8. Since preserving the torrc and secret_id_key between reboots is important, you can export these at any point after you have generated them, even while tor is running. Type

      torexport

      to selectively export either torrc and/or secret_id_key. Again you will need the FTP/SSH server's IP address, the path and name of where you want to put torrc, and username/password for the account. Your FTP/SSH server will have to allow uploads for this to work.

      9. (OPTIONAL) You may want to cleanly shutdown. To do so, type

      shutdown

      You don't have to do a torexport before shutdown, since if these files exit, you will be asked if you want to export them before powerdown. However, it is recommended that you export them as soon as they are generated the first time so that they will not be lost in case of power failure or other unfortunate incident. Since these files never change, you'll only have to export them once. You can simply re-import the same files each time you boot tor-ramdisk.

      Alternatively, you can just powerdown directly. There are no filesystems to preserve in a ramdisk system. But, don't powerdown too often since it is disruptive to the tor network.