Mittwoch, 18. März 2015

Using a Raspberry Pi as a (TOR)-SOCKS-Proxy

Today I played around a bit with my dormant Raspberry Pi. My goal was to try and set it up in a way that allows me to just set the Pi as a SOCKS-Proxy in Firefox and tunnel my traffic over TOR this way.

The benefit is that I never have to install TOR on any of my machines but can just connect through the proxy from all of them. I also wanted to find out how something like this generally works.


The first thing I stumbled upon is this pretty nice post at adafruit.

This does a lot more than what I wanted though: It sets up a whole new wireless network that is routed through TOR. I thought I could just adjust it to my desires and went along with the guide anyway.

This was not a good idea and I did not get it to work. In retrospect I really messed up, as they even have a screenshot that includes the one(!) line that has to be edited in the torrc-file in their guide. I'll get to that later.


SOCKS with the help of SSH


What I did was take a step back and first try to create a SOCKS-Proxy that uses SSH to tunnel my traffic through a server I have access to.

This is not that hard to set up: 
ssh user@server-ip -D local-ip:port -i key
Here "user" and "server-ip" are the user and the ip of the server over which you want to tunnel. "local-ip" is the ip of your Raspberry Pi in the local network (over which it can be reached by the other hosts there) and "port" is the port on which the SOCKS-proxy will run.

 You can see if it is running correctly with
netstat -tlnp
Now you can configure the Raspberry Pi as a SOCKS-Proxy in Firefox (for example):

Click on the "3 bars", then on Preferences -> Advanced and in the "Network"-Tab under "Connection" click "Settings". Choose "Manual proxy configuration" and enter the IP of the Raspberry Pi and the chosen port in the SOCKS-Proxy fields.

Load some site and see if it works. You can also check if the proxy is used by entering "what is my ip" in duckduckgo or visiting one of the many websites that offer this service (as well as a lot of advertising).


TOR as SOCKS-proxy


Now back to the original plan. How to configure the Pi in a way that it doesn't tunnel through some server but through the TOR-network?

Step 1: Install TOR 
sudo apt-get update
sudo apt-get install tor
Step 2: Edit the torrc

It is located at /etc/tor/torrc. Look for the lines that start with SocksPort. You can see them in this picture at the very bottom.
Now change the IP to the local IP of your Raspberry Pi and choose a new port or keep 9100.

Step 3: Start TOR 
sudo service tor start
That's it. The rest is the same as with the SSH SOCKS proxy.

If you want you can make TOR start on system startup with:

sudo update-rc.d tor enable
Eingestellt von um

Keine Kommentare:

Kommentar veröffentlichen

Abonnieren Kommentare zum Post (Atom)