or: [Tor Bug Tracker] #1389 filed by anonymous: #1389: no loading relay discriptors from root servers moria1, tor26, ides... - http://trac.torproject.org/projects/tor/ticket/1389
or: torrc file:
or: ---------------------
or: StrictEntryNodes 1
or: EntryNodes moria1,ides
or: HashedControlPassword XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[...]
or: phobos committed revision 22306 (/projects/presentations): add a new presentation on technical solutions to internet surveillance
or: and censorship.
or: phobos committed revision 22307 (/projects/presentations): update the presentation, rename it to be more accurate to the topic

strict exit nodes doesn't work
any tips ?

it's an open bug

ok
used to work before
isn't it ?

or, what problem do you encounter?

i put strictexitnodes 1
and select exitnode abcd
it doesn't go through abcd

https://trac.torproject.org/projects/tor/ticket/1090

sometimes seem to work, but with other open circuits (though not used), but many times simply doesn't honor it
ok i saw that link
but this thin used to work with older tor versoins ?

it's probably been broken for a while

that link talks about excludeexit nodes
but i guess they are related
problems

there are internal circuits where it is safe to use nodes regardless of what the user wants
because they don't exit tor
and maybe that strict exit is not the path to the hidden service the user asked for
the debate is whether tor should say 1) ignoring your config becaues this is X type of circuit, or 2) you said never use this node, never using this node and denying access to X

or: phobos committed revision 22308 (/website/trunk/en): update the links to hidden services so they point to the overivew and
or: not the docs on how to configure one.

my tor cache is still valid but i can't establish connection right now, some nodes in the cache might be block or offline. Is there any method to accelerate the connection rate by increased the frequency of "try another node"?

Hi,
My tor-0.2.1.26-1~lucid+1 stops working this morning with the bridges got from Gmail,
Does anyone here has a working one? Thanks!

JC_Yang: There is. MaxCircuitDirtiness is the directive you'll want to add to your torrc.
JC_Yang: This directive determines the maximum time a given circuit can be used for. Default is 10 minutes, or 600 seconds. (values in seconds).
Set that value too low and you'll place excess strain on the network, so use with care.

thanks. my tor has re-established connection now. I'll try it next time it can't establish connection. Reset this value to default after connection ON might be a good idea, right?

Depends.. if you want identity cycling that's quicker than the default 10 minutes, you could leave your tweaks as is.
That said, there may be a better directive. One moment.

I don't intend to stress the network, I'll use it carefully

CircuitBuildTimeout you might also look at tweaking.. that determines that maximum length of time Tor waits before it gives up attempting to build a circuit. 1 minute is default.
I'm assuming those values are in seconds, so you'd set that to say 30 to speed things up.
As for maxcircuitdirtiness, don't go below say 180 is my advice (3 minutes).
CircuitBuildTimeout I thin is more apt for your usecase, mind.
*think

thanks, got it

or: pootle committed revision 22309 (/translation/trunk/projects/website): updated files from pootle

hi
just was busy in exams

:)

or: runa committed revision 22310 (/website/trunk): new and updated translations for the website
or: runa committed revision 22311 (/translation/trunk/projects/website): updated files for pootle
or: pootle committed revision 22312 (/translation/trunk/projects/torbutton/nb): Commit from The Tor Translation Portal by user runa. 106 of 106 messages translated (0 fuzzy).

hello
i have a question about permissions when i run a hidden service:
on debian, when i start tor everytime tor changes the permissions of the hiddenservice dir to debian-tor drw-----
which means the webserver cannot read / serve the docs anymore
(e.g. apache as www-data)
i could of course run a webserver as debian-tor, but that would expose my keyfile to the web, too

why should your apache serve the contents of the hiddenservice dir?
It contains your private key, which is supposed to remain private

ah, you mean the hissenservicedir is actually not meant to be the webroot?

The hiddenservice dir has nothing to do with the directories that apache is serving
right
that has nothing to do with it
Tor only wants an ip and a port to forward to
You could forward to applications that don't even have a notion of a webroot
or forward to an entirely different machine

ah ok, then i misread the tutorial, that makes sense

Can you show what was misleading?
Maybe we can improve the docs

it was my mistake: it says "You're going to want to change the HiddenServiceDir line, so it points to an actual directory that is readable/writeable by the user that will be running Tor."
i think i read "readablke for your webserver"

ok

however:
it says before:
"Then mkdir hidserv; cd hidserv, and run ../thttpd -p 5222 -h localhost"
which would make hidserv my webdir, no?
if somebody really did that
why would i need to do "cd hidserv"?
i sounded to me like "hidserv" becomes your rootdir
http://www.torproject.org/docs/tor-hidden-service.html.en

there

or: sebastian committed revision 22313 (/website/trunk/docs/en): Document that webroot and HiddenServiceDir are supposed to be different things better.

The website should be updated as soon as phobos gets around to pushing it.
startx: to answer your questions:
you need to do cd hidserv because that will become your webroot
and thttpd uses the dir you start it from as the webroot by default

yes
but the tutorial implies further down that hidserv/ is used as hiddenServiceDir : "You're going to want to change the HiddenServiceDir line, so it points to an actual directory that is readable/writeable by the user that will be running Tor. The above line should work if you're using the OS X Tor package. On Unix, try "/home/username/hidserv/" "
thats what i found confusing

ah

its clear to me now though

there again

or: sebastian committed revision 22314 (/website/trunk/docs/en): Make unix doc match windows in that the hsdir is called hidden_service

We should use different directory names now as well as giving the user a warning that they shouldn't use the same dir for webroot and hsdir.

cheers

Good luck with your hs

thx

startx: If you're also interested in running a hidden service type facility with an easy-to-remember domain and access from the wider net, feel free to /join us in #nottor for more infoz. :)

cheers, will check that out in a bit, im fighting my local privoxy right now ;)

Right you are!

(Action) just won the fight
in the docs for torbutton it says "Torbutton must disable Javascript, Meta-Refresh tags, and certain CSS behavior" ... is this documented what CSS behaviour is meant here? would be cool to have a guide for website people.

I imagine css behavior that requests off-site resources.
mikeperry would be the one to ask, mind.

startx http://www.torproject.org/torbutton/design/#adversary look under Adversary Capabilities - Attacks

keb: cheers
ok here comes another hopefully not to dumb question: if i throttle the bandwith of the tor relay where also a hidden service is running, is this effecting the hidden service in the same way? e.g. if i set the bandwith to 20k, does that mean the server only serves 20k too?

See the BandwidthRate vs RelayBandwidthRate options
the first one will limit the hs too, the second one won't

ah ok

or: phobos committed revision 22315 (/projects/presentations/images): add a fine graphic from future of privacy forum showing where some user
or: data flows.

everything I try to connect to returns a 504 error, how do I fix this (I know a lot about networking, I am just new to Tor)

Tor is running, but it refuses connections.

Nonpython: proxy config wrong ? try to check if you use Tor: https://check.torproject.org:443/

I enabled Tor, and it can not connect at all.
504 Connect to www.giantitp.com:80 failed: Connection refused
The following error occurred while trying to access http://www.giantitp.com/forums/:
504 Connect to www.giantitp.com:80 failed: Connection refused
Generated Mon, 10 May 2010 10:21:07 PDT by Polipo on localhost:8118.
is my error.
same thing but with differnt addresses everywhere.
(I use firefox and torbutton with polipo)

and this one: https://check.torproject.org:443/
"circuit_find_to_cannibalize" why do we cannibalize and extend a 3-hop to a x-hop circ ?

or: [Tor Bug Tracker] #1136 was updated: #1136: When Tor is offline, it doesn't quite run out of relays, so doesn't realize it's offline - http://trac.torproject.org/projects/tor/ticket/1136#comment:6
or: Changes (by mikeperry):
or: * status: new => assigned
or: * owner: => mikeperry
or: [...]

OFFShare: because sometimes we need a circuit quickly, and extending one we already have will be much quicker than making a new one

Sebastian: THanks for your answer. It makes controlling of node choices very complex, excluding exitnodes and more..

it sure does
The whole circuit build logic needs fixes.