Taha Azzaoui

Setting Up Tor On Arch Linux

2018/10/29

Sometimes I like routing my traffic through the TOR network for fun n stuff. Turns out setting it up as a service with systemd is pretty easy. Here’s how I got it up and running on my Arch machine (I use Arch btw).

Systemd & The Tor Service

  1. Start by installing tor and torsocks. The former is vanilla tor and the latter will let us “torify” an application

    sudo pacman -S tor torsocks

  2. For those in areas where Tor is blocked (*cough* China *cough*), we’ll also install the obfuscation protocol obfs4. It’s available in the AUR.

    yay -S obfs4proxy

  3. Now we need to get some bridges to use. Head over to https://bridges.torproject.org/options to grab an obfs4 bridge. You should end up with something like this:

    obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0
    obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0
    obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0

  4. Append the following into /etc/tor/torrc. Make sure to replace the bridges with the ones obtained above

    UseBridges 1
    # Substitute the following with the bridges you grabbed from step 3
    bridge obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0
    bridge obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0
    bridge obfs4 <IP> <Giberish> cert=<More Giberish> iat-mode=0
    ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed

  5. Start the Tor service using systemctl

    sudo systemctl start tor.service

    To check if it worked, run

    sudo systemctl status tor.service

    If it worked you should see the following message

    Bootstrapped 100%: Done

    towards the end of the status message

  6. Run applications with Tor

    Now that we have Tor working, we can route traffic through the network. To use Tor with an application you can use the torify command. For example, torify bash will bring up a bash shell running Tor. To verify, run

    torify bash
    curl ipinfo.io

    and you should see that the IP address shown is not your actual IP address.