The Tor Project maintains its own Debian package repository. Since Debian provides the LTS version of Tor, this might not always give you the latest stable Tor version. Therefore, it's recommended to install tor from our repository.
Here's how you can enable Tor Package Repository in Debian based distributions:
Note: The symbol # refers to running the code as root. This means you should have access to a user account with system administration privileges, e.g your user should be in the sudo group.
Prerequisite: Verify the CPU architecture
The package repository offers amd64, arm64, and i386 binaries. Verify your operating system is capable of running the binary by inspecting the output of the following command:
# dpkg --print-architecture
It should output either amd64, arm64, or i386. The repository does not support other CPU architectures.
Note: The package repository does not offer 32-bit ARM architecture (armhf) images (yet). You should either install the version Debian offers (make sure to check out Debian backports, too, as that one has often a more up-to-date Tor package), or build Tor from source.
1. Install apt-transport-https
To enable all package managers using the libapt-pkg library to access metadata and packages available in sources accessible over https (Hypertext Transfer Protocol Secure).
# apt install apt-transport-https
2. Create a new file in /etc/apt/sources.list.d/ named tor.list. Add the following entries:
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main
If you want to try experimental packages, add these in addition to the lines from above:
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org tor-experimental-<DISTRIBUTION> main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org tor-experimental-<DISTRIBUTION> main
Or nightly builds:
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org tor-nightly-main-<DISTRIBUTION> main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org tor-nightly-main-<DISTRIBUTION> main
Replace <DISTRIBUTION> with your Operating System codename. Run lsb_release -c or cat /etc/debian_version to check the Operating System version.
Note: Ubuntu Focal dropped support for 32-bit, so instead use:
deb [arch=<ARCHITECTURE> signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org focal main
deb-src [arch=<ARCHITECTURE> signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org focal main
Replace <ARCHITECTURE> with your system architecture (you found it earlier by writing dpkg --print-architecture).
Warning symptom, when running sudo apt update:
Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://deb.torproject.org/torproject.org focal InRelease' doesn't support architecture 'i386'
3. Then add the gpg key used to sign the packages by running the following command at your command prompt:
# wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
4. Install tor and tor debian keyring
We provide a Debian package to help you keep our signing key current. It is recommended you use it. Install it with the following commands:
# apt update
# apt install tor deb.torproject.org-keyring