December 23, 2019

GUIDE: Tor - Middle Relay

Install configure and run a Tor Middle Relay..

Before continuing, check the chosen hosting provider Terms of Service before running Tor on their infrastructure.

It's recommended to run this separate to production although it's not heavy in resources (RAM, CPU)

NOTE: Any IPs associated with Tor will be easily 'blacklisted', remember they are publically available here - this can have detrimental effects if you are serving mail through the same IP.

Monitor bandwidth through - nyx
Cap bandwidth to prevent any nasty fees - Tor

Over to the terminal, please.

Login using the chosen terminal

This demo we're using 'Bionic' Ubuntu 18.04 LTS
echo -e "deb bionic main\ndeb-src bionic main" > /etc/apt/sources.list.d/tor.list
wget -qO- | gpg --import 
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add 

Now all has gone to plan, "OK" will appear

Showing "OK"
apt update && apt -y upgrade && apt-get -y install tor nyx python3-distutils

This will update the full system, shouldn't take too long..

Shouldn't be too long now
nano /etc/tor/torrc
SocksPort 0
ControlPort 9051
CookieAuthentication 1
ORPort 9001
AccountingMax 950GB
AccountingStart month 1 00:00
Nickname MyFirstTorRelay
ContactInfo FirstName LastName <Email>
  • SocksPort - Tor operates on SOCKS - this will enable default port
  • ControlPort - Internal control port
  • CookieAuthentication - Enables cookie authentication for nyx
  • ORPort - External port for Tor
  • AccountingMax - The total transfer within the month
  • AccountingStart - Bandwidth reset date
  • Nickname - Identifiable nickname
  • ContactInfo - Firstname Lastname <Email>

    I'd recommend a email from - Please don't enter your real names.
The lazy way. No one knows, right?!

Exit and Save:  CTRL + x + y | ENTER

Change YOURIP to your client IP, not your server IP. Proceed, press Y and Enter.

ufw default deny incoming && ufw allow from YOUR_IP to any port 22 && ufw allow 9001 && ufw enable
Firewall rules - Change YOUR_IP
systemctl enable tor && systemctl start tor.service
chmod 755 /run/tor/control.authcookie

Execute - nyx - not as root.


Possible issues:
"Unable to connect to tor. Maybe it's running without a ControlPort?"

systemctl restart tor.service

Wait a few seconds for Tor to close connections, then run:

chmod 755 /run/tor/control.authcookie

Good work! Give it a few days before Tor puts you in motion.
Search for your server on the Metrics

Related articles
Host your own .onion site using nginx and Tor

Guide | Insight | Life | Linux | Tor