Learn how to transform your old Raspberry Pi into a perfect Tor relay node in this tutorial.
Do you, like me, have a first or second generation Raspberry Pi that you bought, played with for a while, and then left it to “gather dust”? After all, unless you are a robotics enthusiast, it is generally unlikely that you would use a computer with a very slow processor and only 256 MB of memory for a long time. That is not to say you can’t do something cool with it, but I have not seen opportunities to repurpose some old items between work and other tasks.
However, if you want to make good use of it without spending too much time and resources, you can transform your old Raspberry Pi into a perfect Tor relay node.
What is a Tor relay node?
You may have heard of the Tor Project[1] before; if you haven’t, let me briefly introduce it: “Tor” stands for “The Onion Router,” which is a technology used to combat online tracking and other privacy violations.
No matter what you do on the Internet, it leaves some digital “footprints” on the devices your IP packets pass through: all switches, routers, load balancers, and the target network record the IP address of your original session, as well as the IP address of the internet resources you access (usually its hostname, even when using HTTPS[2]). If you are browsing the Internet from home, your IP address can be mapped directly to your home location. If you use a VPN service (which you should use[3]), your IP address maps to your VPN provider, which can be mapped back to your home location. In any case, it is possible that someone somewhere is building a personal online profile based on the networks you visit and how long you stay on websites. They then sell this profile and aggregate it with data collected from other services, making money through advertising networks. At least, this is the optimistic view of how this data can be utilized – I believe you can find more malicious examples of how this data is used.
The Tor Project attempts to provide a solution to this problem, making it impossible (or at least more difficult) to trace back to your terminal IP address. Tor achieves this by allowing your connection to repeatedly jump through an anonymous relay chain consisting of anonymous entry nodes, relay nodes, and exit nodes to prevent tracking:
Relay nodes play a crucial role in this exchange process because they create an encrypted barrier between the source request and the target address. Even if an adversary intending to spy on your data controls the exit node, they still cannot know where the request originated unless they have complete control over the entire Tor relay chain.
As long as there are a large number of relay nodes, your privacy will be protected – this is why I sincerely suggest that if your home broadband has free time, you should configure and run a relay node.
Things to keep in mind when considering becoming a Tor relay
A Tor relay node only sends and receives encrypted traffic – it never accesses any other sites or online resources, so you don’t have to worry about someone using your home IP address to directly browse some concerning sites. That said, if you live in a jurisdiction where providing anonymity-enhancing services is illegal, you should not operate your Tor relay node. You should also check your Internet Service Provider’s terms of service to see if you are allowed to operate a Tor relay.
What you will need
This guide assumes you have already set up your home network connection with a cable or ADSL router, which is used for NAT translation (it is almost necessary). Most models of Raspberry Pi have a USB port available for powering the Raspberry Pi, and if you are just using the router’s WiFi functionality, the router should have free Ethernet ports. However, before we set the Raspberry Pi as a “set-it-and-forget-it” Tor relay, we still need a keyboard and display.
Boot script
I have adapted a popular Tor relay node boot script for use on Raspberry Pi – you can find it in my GitHub repository https://github.com/mricon/tor-relay-bootstrap-rpi. After you boot the Raspberry Pi and log in with the default user pi, do the following:
sudo apt-get install -y git
git clone https://github.com/mricon/tor-relay-bootstrap-rpi
cd tor-relay-bootstrap-rpi
sudo ./bootstrap.sh
This script will do the following:
After the script runs, you will need to configure the torrc file – but first, you need to decide how much bandwidth you intend to contribute to Tor traffic. First, enter “Speed Test[6]” into Google and click the “Run Speed Test” button. You can ignore the “Download speed” result because the speed your Tor relay can handle will not exceed the maximum upload bandwidth.
So, divide the number by 8 and then multiply by 1024 to get how many KB of bandwidth speed per second. For example, if your upload bandwidth is 21.5 Mbps, then the number should be:
21.5 Mbps / 8 * 1024 = 2752 KBytes per second
You can limit your relay bandwidth to half of that number and allow burst bandwidth to three-quarters of that number. Once you have determined it, open the /etc/tor/torrc file with your preferred text editor and adjust the bandwidth settings.
RelayBandwidthRate 1300 KBytes
RelayBandwidthBurst 2400 KBytes
Of course, if you want to be more generous, you can set those numbers higher, but try not to set them to the maximum exit bandwidth – if set too high, it will affect your daily use.
Once you open that file, you should set more things. First is the nickname – just for your own records, and the second is contact information, which only needs an email address. Since your relay is running in unattended mode, you should use an email address that you check regularly – if your relay node is offline for more than 48 hours, you will receive alerts from the “Tor Weather” service.
Nickname myrpirelay
ContactInfo [email protected]
Save the file and reboot the system to start the Tor relay.
Test to confirm there is Tor traffic flowing through
If you want to confirm the functionality of the relay node, you can run the arm tool:
sudo -u debian-tor arm
It takes a little time to display, especially on older models. It usually provides a bar chart showing inbound and outbound traffic (or error messages that will help you troubleshoot).
Once you are confident it is running properly, you can unplug the keyboard and display, and put the Raspberry Pi in the basement where it can quietly sit and forward encrypted bits everywhere. Congratulations, you have helped improve privacy and protect against online malicious tracking!
Learn more about Linux through the free course “Introduction to Linux” [7] from the Linux Foundation and edX.
via: https://www.linux.com/blog/intro-to-linux/2018/6/turn-your-raspberry-pi-tor-relay-node
Author: Konstantin Ryabitsev[9] Topic: lujun9972 Translator: qhwdw Proofreader: wxy
This article is originally compiled by LCTT and honorably presented by Linux China