This is a quick guide to running up a Tor relay on a CentOS 7 server. Firewall config has been omitted, check out these links if you need help with the OS firewall config.
How to setup a firewall using firewalld on CentOS 7
How to migrate from firewalld to iptables on CentOS 7
It’s worth noting that you can score a Tor t-shirt if you run an exit node or relay that satisfies a set criteria:
Tor T-Shirt for contributing!
“Operate a fast Tor relay that’s been running for the past two months: you are eligible if you allow exits to port 80 and you average 250 KBytes/s traffic, or if you’re not an exit but you average 500 KBytes/s traffic.”
Let’s get started.
Create the .repo file below.
vim /etc/yum.repos.d/torproject.repo [tor] name=Tor repo enabled=1 baseurl=https://deb.torproject.org/torproject.org/rpm/el/7/$basearch/ gpgcheck=1 gpgkey=https://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc [tor-source] name=Tor source repo enabled=1 autorefresh=0 baseurl=https://deb.torproject.org/torproject.org/rpm/el/7/SRPMS gpgcheck=1 gpgkey=https://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc
Install Tor through yum.
yum -y install tor
Edit the config file for Tor.
vim /etc/tor/torrc SOCKSPort 0 Log notice file /var/log/tor/notices.log RunAsDaemon 1 DataDirectory /var/lib/tor #Listen port ORPort 443 #IP Address or DNS name of your relay. Address relay.torserver12312312.com #The name of your relay. Nickname rltrs12312312 #If you're worried about spam then you really don't want to format the email address like I have here. ContactInfo oh boy suddenly all this spam is going to - [email protected] DirPort 9058 # no exits allowed. ExitPolicy reject *:*
Verify the config to make sure there are no issues.
tor -f /etc/tor/torrc --verify-config
/etc/init.d/tor start Starting tor...done. /etc/init.d/tor status tor (pid 3666) running
Check the log file to make sure everything is running smoothly.
tail -f /var/log/tor/notices.log Aug 28 04:19:43.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more descriptors: we have 5382/6917, and can only build 50% of likely paths. (We have 77% of guards bw, 79% of midpoint bw, and 81% of exit bw = 50% of path bw.) Aug 28 04:19:43.000 [notice] Bootstrapped 80%: Connecting to the Tor network Aug 28 04:19:44.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Aug 28 04:19:44.000 [notice] Bootstrapped 90%: Establishing a Tor circuit Aug 28 04:19:45.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Aug 28 04:19:45.000 [notice] Bootstrapped 100%: Done Aug 28 04:19:45.000 [notice] Now checking whether ORPort 18.104.22.168:443 and DirPort 22.214.171.124:9058 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Aug 28 04:19:45.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor. Aug 28 04:19:45.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Aug 28 04:19:46.000 [notice] Performing bandwidth self-test...done.
After a couple of hours you should be able to see your relay on one of the various index sites!