Running the Tor client on Linux/BSD/Unix


Note that these are the installation instructions for running a Tor client. If you want to relay traffic for others to help the network grow (please do), read the Configuring a relay guide.

Step One: Download and Install Tor


The latest release of Tor can be found on the download page. We have packages for Debian, Red Hat, Gentoo, *BSD, etc there too. If you're using Ubuntu, don't use the default packages: use our deb repository instead.

If you're building from source, first install libevent, and make sure you have openssl and zlib (including the -devel packages if applicable). Then run:
tar xzf tor-0.2.0.35.tar.gz; cd tor-0.2.0.35
./configure && make
Now you can run tor as src/or/tor, or you can run make install (as root if necessary) to install it into /usr/local/, and then you can start it just by running tor.

Tor comes configured as a client by default. It uses a built-in default configuration file, and most people won't need to change any of the settings. Tor is now installed.

Step Two: Install Privoxy for Web Browsing


After installing Tor, you need to configure your applications to use it.

The first step is to set up web browsing. Start by installing Privoxy: click on 'recent releases' and pick your favorite package or install from source. Privoxy is a filtering web proxy that integrates well with Tor.

Once you've installed Privoxy (either from package or from source), you will need to configure Privoxy to use Tor. You may find this sample Privoxy configuration useful. Otherwise, you should configure Privoxy by hand, using the directions that follow.

Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/) and add the line
forward-socks4a / 127.0.0.1:9050 .
to the top of the config file. Don't forget to add the dot at the end.

Privoxy keeps a log file of everything passed through it. In order to stop this you will need to comment out three lines by inserting a # before the line. The three lines are:
logfile logfile
and the line
jarfile jarfile
and (on some systems) the line
debug 1 # show each GET/POST/CONNECT request

Depending on which default config file you have for Privoxy, you may also need to turn off enable-remote-toggle, enable-remote-http-toggle, and enable-edit-actions.

You'll need to restart Privoxy for the changes to take effect.

Step Three: Configure your applications to use Tor


After installing Tor and Privoxy, you need to configure your applications to use them. The first step is to set up web browsing.

You should use Tor with Firefox and Torbutton, for best safety. Simply install the Torbutton plugin, restart your Firefox, and you're all set:

Torbutton plugin for Firefox

If you plan to run Firefox on a different computer than Tor, see the FAQ entry for running Tor on a different computer.

To Torify other applications that support HTTP proxies, just point them at Privoxy (that is, localhost port 8118). To use SOCKS directly (for instant messaging, Jabber, IRC, etc), you can point your application directly at Tor (localhost port 9050), but see this FAQ entry for why this may be dangerous. For applications that support neither SOCKS nor HTTP, take a look at tsocks or socat.

For information on how to Torify other applications, check out the Torify HOWTO.

Step Four: Make sure it's working


Next, you should try using your browser with Tor and make sure that your IP address is being anonymized. Click on the Tor detector and see whether it thinks you're using Tor or not. (If that site is down, see this FAQ entry for more suggestions on how to test your Tor.)

If you have a personal firewall that limits your computer's ability to connect to itself (this includes something like SELinux on Fedora Core 4), be sure to allow connections from your local applications to Privoxy (local port 8118) and Tor (local port 9050). If your firewall blocks outgoing connections, punch a hole so it can connect to at least TCP ports 80 and 443, and then see this FAQ entry. If your SELinux config is not allowing tor or privoxy to run correctly, create a file named booleans.local in the directory /etc/selinux/targeted. Edit this file in your favorite text editor and insert "allow_ypbind=1". Restart your machine for this change to take effect.

If it's still not working, look at this FAQ entry for hints.

Step Five: Configure it as a relay


The Tor network relies on volunteers to donate bandwidth. The more people who run relays, the faster the Tor network will be. If you have at least 20 kilobytes/s each way, please help out Tor by configuring your Tor to be a relay too. We have many features that make Tor relays easy and convenient, including rate limiting for bandwidth, exit policies so you can limit your exposure to abuse complaints, and support for dynamic IP addresses.

Having relays in many different places on the Internet is what makes Tor users secure. You may also get stronger anonymity yourself, since remote sites can't know whether connections originated at your computer or were relayed from others.

Read more at our Configuring a relay guide.

If you have suggestions for improving this document, please send them to us. Thanks!

"Tor" and the "Onion Logo" are registered trademarks of The Tor Project, Inc.
Content on this site is licensed under a Creative Commons Attribution 3.0 United States License, unless otherwise noted.

This page is also available in the following languages: Deutsch, español, français, Italiano, 한국어 (Hangul), polski, Русский (Russkij), 中文(简) (Simplified Chinese).
How to set the default document language.

Webmaster - Last modified: Wed Jun 24 19:04:41 2009 - Last compiled: Tue Jun 30 09:38:48 2009