Ceisteanna Is Coitianta

Generally it is impossible to have perfect anonymity, even with Tor. Though there are some things you can practice to improve your anonymity while using Tor and offline.

Use Tor Browser and software specifically configured for Tor.

Tor does not protect all of your computer's Internet traffic when you run it. Tor only protects applications that are properly configured to send their Internet traffic through Tor.

Web browsing:

File sharing:

Control what information you provide through web forms.

If you visit a website using Tor Browser, they don't know who you are or your true location. Unfortunately many sites ask for more personal information than they need through web forms. If you sign in to that website, they still don't know your location but they know who you are. Further, if you provide: name, email, address, phone number, or any other personal information, you are no longer anonymous to that website. The best defense is to be vigilant and extremely cautious when filling out web forms.

Don't torrent over Tor

Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that's how torrents work. Not only do you deanonymize your torrent traffic and your other simultaneous Tor web traffic this way, you also slow down the entire Tor network for everyone else.

Don't enable or install browser plugins

Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional addons or plugins into Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy.

Use HTTPS versions of websites

Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends upon on that website. To help ensure private encryption to websites, Tor Browser includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a padlock or onion icon in the address bar, include https:// in the URL, and display the proper expected name for the website. Also see EFF's interactive graphic explaining how Tor and HTTPS relate.

Don't open documents downloaded through Tor while online

Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files, unless you use the PDF viewer that's built into Tor Browser) as these documents can contain Internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with files downloaded via Tor, we strongly recommend either using a disconnected computer, or using dangerzone to create safe PDF files that you can open. Under no circumstances is it safe to use BitTorrent and Tor together, however.

Use bridges and/or find company

Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you're using Tor. If this matters to you, you can reduce this risk by configuring Tor to use a bridge rather than connecting directly to the Tor network. Ultimately the best protection is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them. Convince other people to use Tor, too!

Be smart and learn more. Understand what Tor does and does not offer. This list of pitfalls isn't complete, and we need your help identifying and documenting all the issues.

Is féidir, ach ní mholaimid VPN a úsáid le Tor murar úsáideoir ardleibhéil thú agus mura bhfuil saineolas agat ar conas is féidir Tor agus an VPN a chumrú sa chaoi nach gcuirfidís do phríobháideachas i gcontúirt.

You can find more detailed information about Tor + VPN at our wiki.

Tor Browser is currently available on Windows, Linux and macOS.

There is a version of Tor Browser for Android and The Guardian Project also provides the Orbot app to route other apps on your Android device over the Tor network.

There is no official version of Tor for iOS yet, though we recommend Onion Browser.

Molaimid go láidir duit gan breiseáin nua a shuiteáil i mBrabhsálaí Tor, ar eagla go gcuirfidís do phríobháideachas agus do shlándáil i gcontúirt.

Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.

Basically, each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across its users. This means each Tor Browser user looks like every other Tor Browser user, making it difficult to track any individual user.

There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.

Tor Browser already comes installed with two add-ons — HTTPS Everywhere and NoScript — and adding anything else could deanonymize you.

Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it.

Is féidir. Chabhródh Brabhsálaí Tor le daoine do shuíomh Gréasáin a bhaint amach aon áit ina bhfuil cosc air. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

Ní bheidh. Beidh eagraíochtaí áirithe, mar shampla do Sholáthraí Seirbhíse Idirlín (ISP), in ann a fheiceáil go bhfuil tú ag baint úsáide as Tor, ach ní bheidh siad in ann na suímh a dtugann tú cuairt orthu a fheiceáil.

Maidir le Tor

The name "Tor" can refer to several different components.

Tor is a program you can run on your computer that helps keep you safe on the Internet. It protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. This set of volunteer relays is called the Tor network.

The way most people use Tor is with Tor Browser, which is a version of Firefox that fixes many privacy issues. You can read more about Tor on our about page.

The Tor Project is a non-profit (charity) organization that maintains and develops the Tor software.

Tor is the onion routing network. When we were starting the new next-generation design and implementation of onion routing in 2001-2002, we would tell people we were working on onion routing, and they would say "Neat. Which one?" Even if onion routing has become a standard household term, Tor was born out of the actual onion routing project run by the Naval Research Lab.

(It's also got a fine meaning in German and Turkish.)

Note: even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.

No, it doesn't. You need to use a separate program that understands your application and protocol and knows how to clean or "scrub" the data it sends. Tor Browser tries to keep application-level data, like the user-agent string, uniform for all users. Tor Browser can't do anything about the text that you type into forms, though.

A typical proxy provider sets up a server somewhere on the Internet and allows you to use it to relay your traffic. This creates a simple, easy to maintain architecture. The users all enter and leave through the same server. The provider may charge for use of the proxy, or fund their costs through advertisements on the server. In the simplest configuration, you don't have to install anything. You just have to point your browser at their proxy server. Simple proxy providers are fine solutions if you do not want protections for your privacy and anonymity online and you trust the provider to not do bad things. Some simple proxy providers use SSL to secure your connection to them, which protects you against local eavesdroppers, such as those at a cafe with free wifi Internet.

Simple proxy providers also create a single point of failure. The provider knows both who you are and what you browse on the Internet. They can see your traffic as it passes through their server. In some cases, they can even see inside your encrypted traffic as they relay it to your banking site or to ecommerce stores. You have to trust the provider isn't watching your traffic, injecting their own advertisements into your traffic stream, or recording your personal details.

Tor passes your traffic through at least 3 different servers before sending it on to the destination. Because there's a separate layer of encryption for each of the three relays, somebody watching your Internet connection can't modify, or read, what you are sending into the Tor network. Your traffic is encrypted between the Tor client (on your computer) and where it pops out somewhere else in the world.

Doesn't the first server see who I am?

Possibly. A bad first of three servers can see encrypted Tor traffic coming from your computer. It still doesn't know who you are and what you are doing over Tor. It merely sees "This IP address is using Tor". You are still protected from this node figuring out both who you are and where you are going on the Internet.

Can't the third server see my traffic?

Possibly. A bad third of three servers can see the traffic you sent into Tor. It won't know who sent this traffic. If you're using encryption (like HTTPS), it will only know the destination. See this visualization of Tor and HTTPS to understand how Tor and HTTPS interact.

Yes.

The Tor software is free software. This means we give you the rights to redistribute the Tor software, either modified or unmodified, either for a fee or gratis. You don't have to ask us for specific permission.

However, if you want to redistribute the Tor software you must follow our LICENSE. Essentially this means that you need to include our LICENSE file along with whatever part of the Tor software you're distributing.

Most people who ask us this question don't want to distribute just the Tor software, though. They want to distribute the Tor Browser. This includes Firefox Extended Support Release, and the NoScript and HTTPS-Everywhere extensions. You will need to follow the license for those programs as well. Both of those Firefox extensions are distributed under the GNU General Public License, while Firefox ESR is released under the Mozilla Public License. The simplest way to obey their licenses is to include the source code for these programs everywhere you include the bundles themselves.

Also, you should make sure not to confuse your readers about what Tor is, who makes it, and what properties it provides (and doesn't provide). See our trademark FAQ for details.

There are plenty of other programs you can use with Tor, but we haven't researched the application-level anonymity issues on all of them well enough to be able to recommend a safe configuration. Our wiki has a community-maintained list of instructions for Torifying specific applications. Please add to this list and help us keep it accurate!

Most people use Tor Browser, which includes everything you need to browse the web safely using Tor. Using Tor with other browsers is dangerous and not recommended.

There is absolutely no backdoor in Tor.

We know some smart lawyers who say that it's unlikely that anybody will try to make us add one in our jurisdiction (U.S.). If they do ask us, we will fight them, and (the lawyers say) probably win.

We will never put a backdoor in Tor. We think that putting a backdoor in Tor would be tremendously irresponsible to our users, and a bad precedent for security software in general. If we ever put a deliberate backdoor in our security software, it would ruin our professional reputation. Nobody would trust our software ever again - for excellent reasons!

But that said, there are still plenty of subtle attacks people might try. Somebody might impersonate us, or break into our computers, or something like that. Tor is open source, and you should always check the source (or at least the diffs since the last release) for suspicious things. If we (or the distributors that gave you Tor) don't give you access to the source code, that's a sure sign something funny might be going on. You should also check the PGP signatures on the releases, to make sure nobody messed with the distribution sites.

Also, there might be accidental bugs in Tor that could affect your anonymity. We periodically find and fix anonymity-related bugs, so make sure you keep your Tor versions up-to-date.

Brabhsálaí Tor

WARNING: Do NOT follow random advice instructing you to edit your torrc! Doing so can allow an attacker to compromise your security and anonymity through malicious configuration of your torrc.

Tor uses a text file called torrc that contains configuration instructions for how Tor should behave. The default configuration should work fine for most Tor users (hence the warning above.)

To find your Tor Browser torrc, follow the instructions for your operating system below.

On Windows or Linux:

  • The torrc is in the Tor Browser Data directory at Browser/TorBrowser/Data/Tor inside your Tor Browser directory.

On macOS:

  • The torrc is in the Tor Browser Data directory at ~/Library/Application Support/TorBrowser-Data/Tor.
  • Note the Library folder is hidden on newer versions of macOS. To navigate to this folder in Finder, select "Go to Folder..." in the "Go" menu.
  • Then type "~/Library/Application Support/" in the window and click Go.

Close Tor Browser before you edit your torrc, otherwise Tor Browser may erase your modifications. Some options will have no effect as Tor Browser overrides them with command line options when it starts Tor.

Have a look at the sample torrc file for hints on common configurations. For other configuration options you can use, see the Tor manual page. Remember, all lines beginning with # in torrc are treated as comments and have no effect on Tor's configuration.

While the names may imply otherwise, 'Incognito mode' and 'private tabs' do not make you anonymous on the Internet. They erase all the information on your machine relating to the browsing session after they are closed, but have no measures in place to hide your activity or digital fingerprint online. This means that an observer can collect your traffic just as easily as any regular browser.

Tor Browser offers all the amnesic features of private tabs while also hiding the source IP, browsing habits and details about a device that can be used to fingerprint activity across the web, allowing for a truly private browsing session that's fully obfuscated from end-to-end.

For more information regarding the limitations of Incognito mode and private tabs, see Mozilla's article on Common Myths about Private Browsing.

Molaimid go láidir gan Tor a úsáid in aon bhrabhsálaí seachas Brabhsálaí Tor. Má úsáideann tú Tor i mbrabhsálaí eile, beidh tú i mbaol ionsaithe gan na gnéithe príobháideachais i mBrabhsálaí Tor do do chosaint.

Is féidir. Chabhródh Brabhsálaí Tor le daoine do shuíomh Gréasáin a bhaint amach aon áit ina bhfuil cosc air. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

Uaireanta, cuireann suímh cosc ar úsáideoirí toisc nach féidir leo idirdhealú a dhéanamh idir gnáthúsáideoirí Tor agus trácht uathoibrithe. An straitéis is fearr atá againn ó thaobh deireadh a chur leis an gcosc ar úsáideoirí Tor ná dul i dteagmháil go díreach le riarthóirí an tsuímh. Seans go ndéanfadh rud éigin mar seo an beart:

"Dia dhuit! Rinne mé iarracht cuairt a thabhairt ar do shuíomh xyz.com le Brabhsálaí Tor ach de réir cosúlachta cuireann sibh cosc ar úsáideoirí Tor. Molaim go láidir duit athmhachnamh a dhéanamh ar an gcinneadh seo; úsáideann daoine ar fud an domhain Tor lena bpríobháideachas a chosaint agus le troid in aghaidh cinsireachta. Trí chosc a chur ar úsáideoirí Tor, is dócha go bhfuil tú ag cur cosc ar dhaoine atá faoi smacht ina dtír dhúchais agus nach bhfuil in ann leas a bhaint as Idirlíon saor is oscailte, ar iriseoirí, taighdeoirí, daoine nochta scéil, gníomhaithe, agus gnáthdhaoine nach bhfuil sásta leis an lorgaireacht chunórach a dhéanann tríú páirtithe ar an nGréasán. Iarraim ort an fód a sheasamh ar son príobháideachais dhigitigh agus ar son saoirse Idirlín, trí chead a thabhairt d'úsáideoirí Tor xyz.com a úsáid. Go raibh míle maith agat."

I gcás bancanna nó suímh íogaire eile, feictear blocáil bunaithe ar thíreolaíocht (má tá a fhios ag an mbanc a úsáideann tú a chuid seirbhísí ó thír amháin de ghnáth, agus má fheiceann siad go bhfuil tú ag ceangal ó thír ar an taobh eile den domhan, seans go gcuirfeadh an banc do chuntas faoi ghlas nó ar fionraí).

If you are unable to connect to an onion service, please see I cannot reach X.onion!.

Is féidir cinnte. Ach ba chóir duit a bheith ar an eolas nach mbeidh na gnéithe príobháideachais i mBrabhsálaí Tor ar fáil sa mbrabhsálaí eile. Mar sin, caithfidh tú a bheith cúramach nuair a athraíonn tú anonn is anall idir Tor agus brabhsálaí eile nach bhfuil chomh slán, sa chaoi nach ndéanann tú rud éigin sa mbrabhsálaí eile a raibh tú ag iarraidh é a dhéanamh in Tor.

You can set Proxy IP address, port, and authentication information in Tor Browser's Network Settings. If you're using Tor another way, check out the HTTPProxy and HTTPSProxy config options in the manual page, and modify your torrc file accordingly. You will need an HTTP proxy for doing GET requests to fetch the Tor directory, and you will need an HTTPS proxy for doing CONNECT requests to get to Tor relays. (It's fine if they're the same proxy.) Tor also recognizes the torrc options Socks4Proxy and Socks5Proxy.

Also, read up on the HTTPProxyAuthenticator and HTTPSProxyAuthenticator options if your proxy requires auth. We only support basic auth currently, but if you need NTLM authentication, you may find this post in the archives useful.

If your proxies only allow you to connect to certain ports, look at the entry on Firewalled clients for how to restrict what ports your Tor will try to access.

Please see the Installation section in the Tor Browser Manual.

Sometimes, after you've used Gmail over Tor, Google presents a pop-up notification that your account may have been compromised. The notification window lists a series of IP addresses and locations throughout the world recently used to access your account.

In general, this is a false alarm: Google saw a bunch of logins from different places, as a result of running the service via Tor, and decided it was a good idea to confirm the account was being accessed by its rightful owner.

Even though this may be a byproduct of using the service via Tor, that doesn't mean you can entirely ignore the warning. It is probably a false positive, but it might not be since it is possible for someone to hijack your Google cookie.

Cookie hijacking is possible by either physical access to your computer or by watching your network traffic. In theory, only physical access should compromise your system because Gmail and similar services should only send the cookie over an SSL link. In practice, alas, it's way more complex than that.

And if somebody did steal your google cookie, they might end up logging in from unusual places (though of course they also might not). So the summary is that since you're using Tor Browser, this security measure that Google uses isn't so useful for you, because it's full of false positives. You'll have to use other approaches, like seeing if anything looks weird on the account, or looking at the timestamps for recent logins and wondering if you actually logged in at those times.

More recently, Gmail users can turn on 2-Step Verification on their accounts to add an extra layer of security.

This is a known and intermittent problem; it does not mean that Google considers Tor to be spyware.

When you use Tor, you are sending queries through exit relays that are also shared by thousands of other users. Tor users typically see this message when many Tor users are querying Google in a short period of time. Google interprets the high volume of traffic from a single IP address (the exit relay you happened to pick) as somebody trying to "crawl" their website, so it slows down traffic from that IP address for a short time.

You can try 'change the circuit for this site' to access the website from a different IP address.

An alternate explanation is that Google tries to detect certain kinds of spyware or viruses that send distinctive queries to Google Search. It notes the IP addresses from which those queries are received (not realizing that they are Tor exit relays), and tries to warn any connections coming from those IP addresses that recent queries indicate an infection.

To our knowledge, Google is not doing anything intentionally specifically to deter or block Tor use. The error message about an infected machine should clear up again after a short time.

Google uses "geolocation" to determine where in the world you are, so it can give you a personalized experience. This includes using the language it thinks you prefer, and it also includes giving you different results on your queries.

If you really want to see Google in English you can click the link that provides that. But we consider this a feature with Tor, not a bug --- the Internet is not flat, and it in fact does look different depending on where you are. This feature reminds people of this fact.

Note that Google search URLs take name/value pairs as arguments and one of those names is "hl". If you set "hl" to "en" then Google will return search results in English regardless of what Google server you have been sent to. On a query this looks like:

https://encrypted.google.com/search?q=online%20anonymity&hl=en

Another method is to simply use your country code for accessing Google. This can be google.be, google.de, google.us and so on.

Tor Browser is built using Firefox ESR, so errors regarding Firefox may occur. Ba chóir duit deimhniú nach bhfuil aon chóip eile de Bhrabhsálaí Tor ar siúl, agus gur dhíphacáil tú Brabhsálaí Tor áit éigin ina bhfuil na ceadanna cearta agat. If you are running an anti-virus, please see My antivirus/malware protection is blocking me from accessing Tor Browser, it is common for anti-virus / anti-malware software to cause this type of issue.

D'athraíomar an príomhinneall cuardaigh go DuckDuckGo i leagan 6.0.6 de Bhrabhsálaí Tor. For a while now, Disconnect, which was formerly used in Tor Browser, has had no access to Google search results. Since Disconnect is more of a meta search engine, which allows users to choose between different search providers, it fell back to delivering Bing search results, which were basically unacceptable quality-wise.

Cruthaíonn Brabhsálaí Tor ciorcad nua i gcomhair gach fearann nua. The Design and Implementation of Tor Browser document further explains the thinking behind this design.

Leagan de Firefox saindeartha do líonra Tor is ea Brabhsálaí Tor. Chaitheamar mórán dua le Brabhsálaí Tor, cód breise a fheabhsaíonn príobháideachas agus slándáil san áireamh. Cé gur féidir leat Tor a úsáid le brabhsálaithe eile go teicniúil, chuirfeá thú féin i mbaol ionsaithe agus do chuid sonraí pearsanta i mbaol nochta. Molaimid go láidir duit gan é seo a dhéanamh. Learn more about the design of Tor Browser.

Uaireanta bíonn fadhbanna le Brabhsálaí Tor ar shuímh Ghréasáin a bhaineann úsáid as mórán JavaScript. The simplest fix is to click on the Security icon (the small gray shield at the top-right of the screen), then click "Advanced Security Settings..." Roghnaigh an gnáthleibhéal slándála.

Nuair a úsáideann tú Brabhsálaí Tor, ní féidir le héinne na suímh a dtugann tú cuairt orthu a fheiceáil. É sin ráite, beidh do sholáthraí seirbhíse Idirlín nó riarthóirí do líonra in ann feiceáil go bhfuil tú ag baint úsáide as Tor, ach ní bheidh siad in ann na suímh a dtugann tú cuairt orthu a fheiceáil.

We want everyone to be able to enjoy Tor Browser in their own language. Tor Browser is now available in 30 different languages, and we are working to add more. Want to help us translate? Become a Tor translator!

You can also help us in testing the next languages we will release, by installing and testing Tor Browser Alpha releases.

Ní mholaimid níos mó ná cóip amháin de Bhrabhsálaí Tor a rith san am céanna. Seans nach bhfeidhmíonn sé sa chaoi a raibh tú ag súil leis ar mhórán ardán.

Faraor, taispeánann suímh áirithe CAPTCHAnna dá gcuid úsáideoirí, agus ní féidir linn iad a bhaint de na suímh seo. An rud is fearr sa chás seo ná dul i dteagmháil le húinéirí an tsuímh, ag rá go bhfuil na CAPTCHAnna ag cur cosc ar úsáideoirí atá ag iarraidh leas a bhaint as a gcuid seirbhísí.

Rinneamar cumraíocht ar NoScript sa chaoi go gceadaíonn sé JavaScript i mBrabhsálaí Tor de réir réamhshocraithe toisc nach bhfeidhmíonn go leor suíomh Gréasáin gan JavaScript sa lá atá inniu ann. Thréigfeadh go leor úsáideoirí Tor dá mbeadh JavaScript díchumasaithe de réir réamhshocraithe mar gheall ar an líon fadhbanna a tharlódh. I ndeireadh na dála, ba mhaith linn brabhsálaí atá chomh slán agus is féidir a chruthú, agus san am céanna ceann atá inúsáidte ag formhór na ndaoine. Sin an fáth bunúsach a bhfuil JavaScript cumasaithe de réir réamhshocraithe.

For users who want to have JavaScript disabled on all HTTP sites by default, we recommend changing your Tor Browser's "Security Level" option. This can be done by navigating the Security icon (the small gray shield at the top-right of the screen), then clicking "Advanced Security Settings...". The "Standard" level allows JavaScript, but the "Safer" and "Safest" levels both block JavaScript on HTTP sites.

Ní dhéantar. Ciallaíonn sé seo nach n-úsáidfear do ríomhaire chun trácht a stiúradh ar son daoine eile. If you'd like to become a relay, please see our Tor Relay Guide.

There are methods for setting Tor Browser as your default browser, but those methods may not work always or in every operating system. Déanann Brabhsálaí Tor a dhícheall a bheith neamhspleách ar an gcuid eile de do chóras, agus ní féidir leat muinín a chur sna céimeanna a dhéanfadh brabhsálaí réamhshocraithe de. This means sometimes a website would load in the Tor Browser, and sometimes it would load in another browser. This type of behavior can be dangerous and break anonymity.

Tor Browser is currently available on Windows, Linux and macOS.

There is a version of Tor Browser for Android and The Guardian Project also provides the Orbot app to route other apps on your Android device over the Tor network.

There is no official version of Tor for iOS yet, though we recommend Onion Browser.

Nuair a úsáideann tú Brabhsálaí Tor, is minic go ndealraíonn sé go bhfuil do cheangal ag teacht ó áit éigin go hiomlán difriúil ar domhan. Dá bharr seo, tá seans ann go gceapfadh suímh áirithe, mar shampla bainc nó soláthraithe ríomhphoist, gur bhris bradaí isteach i do chuntas agus chuirfidís do chuntas faoi ghlas.

An t-aon slí atá ann leis seo a réiteach ná treoracha an tsuímh a leanúint d'athshlánú do chuntais, nó trí dul i dteagmháil le riarthóirí an tsuímh agus an fhadhb a mhíniú.

D'fhéadfá an cás seo a sheachaint go hiomlán trí úsáid a bhaint as fíordheimhniú 2-fhachtóir, rogha slándála i bhfad níos fearr ná clú bunaithe ar sheoltaí IP. Téigh i dteagmháil le do sholáthraí seirbhíse le fáil amach an bhfuil fíordheimhniú 2-fhachtóir ar fáil.

Ní bheidh. Beidh eagraíochtaí áirithe, mar shampla do Sholáthraí Seirbhíse Idirlín (ISP), in ann a fheiceáil go bhfuil tú ag baint úsáide as Tor, ach ní bheidh siad in ann na suímh a dtugann tú cuairt orthu a fheiceáil.

Tá dhá bhealach i mBrabhsálaí Tor chun an ciorcad a athrú — "Aitheantas Nua" agus "Ciorcad Nua don Suíomh seo". Both options are located in the hamburger menu. You can also access the New Circuit option inside the site information menu in the URL bar, and the New Identity option by clicking the small sparky broom icon at the top-right of the screen

Aitheantas Nua

Tá an rogha seo úsáideach má tá tú ag iarraidh aon cheangal idir do ghníomhaíocht sa todhchaí agus na rudaí a bhí tú ag déanamh níos luaithe a bhriseadh.

Nuair a roghnaítear é seo, dúnann sé do chuid cluaisíní agus fuinneoga, glanann sé aon fhaisnéis phríobháideach, mar shampla fianáin agus an stair bhrabhsála, agus úsáideann sé ciorcaid nua Tor do gach ceangal.

Tabharfaidh Brabhsálaí Tor rabhadh duit go stopfaidh sé gach uile rud atá ar siúl, íoslódálacha san áireamh. Ba chóir duit é seo a chur san áireamh sula gcliceálfaidh tú "Aitheantas Nua".

Tor Browser Menu

Ciorcad Nua Tor don Suíomh seo

Tá an rogha seo úsáideach mura bhfuil an t-athsheachadán amach a úsáideann tú in ann ceangal a bhunú leis an suíomh atá uait, nó mura bhfuil sé ag lódáil i gceart. Nuair a roghnaítear é seo, athlódáiltear an cluaisín nó an fhuinneog reatha thar ciorcad nua Tor.

Úsáidfidh cluaisíní agus fuinneoga oscailte eile ón suíomh céanna an ciorcad nua freisin, chomh luath is a athlódálfar iad.

Ní ghlanann an rogha seo aon fhaisnéis phríobháideach ná do chuid gníomhaíochta, agus níl aon éifeacht aige ar cheangail le suímh eile.

New Circuit for this Site

Please see the HTTPS Everywhere FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the NoScript FAQ. If you believe this is a Tor Browser issue, please report it on our bug tracker.

Please see the DuckDuckGo support portal. If you believe this is a Tor Browser issue, please report it on our bug tracker.

DuckDuckGo is the default search engine in Tor Browser. DuckDuckGo does not track its users nor does it store any data about user searches. Learn more about DuckDuckGo privacy policy.

Uaireanta bíonn Brabhsálaí Tor níos moille ná brabhsálaithe eile. The Tor network has over a million daily users, and just over 6000 relays to route all of their traffic, and the load on each server can sometimes cause latency. And, by design, your traffic is bouncing through volunteers' servers in various parts of the world, and some bottlenecks and network latency will always be present. You can help improve the speed of the network by running your own relay, or encouraging others to do so. For the much more in-depth answer, see Roger's blog post on the topic and Tor's Open Research Topics: 2018 edition about Network Performance. É sin ráite, tá Tor i bhfad níos sciobtha ná a bhíodh sé, agus seans nach dtabharfaidh tú aon mhoill faoi deara.

When you have Tor Browser open, you can navigate to the hamburger menu (on the top-right of the browser, next to the URL bar), then click on "Preferences", and finally on "Tor" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...". You should see an option to copy the log to your clipboard, which you will be able to paste it into a text editor or an email client.

Is minic go mbíonn fadhb le clog an chórais ina cúis le hearráidí i mBrabhsálaí Tor. Ba chóir duit deimhniú go bhfuil clog an chórais agus an crios ama socraithe mar is ceart. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

Sin gnáthiompar Tor. Tugtar "garda" nó "garda iontrála" ar an chéad athsheachadán i do chiorcad. Is éard atá sa ngarda ná athsheachadán sciobtha agus cobhsaí a fhanann mar an chéad cheann i do chiorcad ar feadh 2-3 mhí, mar chosaint ar ionsaí aitheanta a dhéanann iarracht do chuid faisnéise pearsanta a nochtadh. Athraíonn an chuid eile den chiorcad aon uair a dtugann tú cuairt ar shuíomh nua. Oibríonn na hathsheachadáin seo as lámh a chéile chun do phríobháideachas a chosaint. For more information on how guard relays work, see this blog post and paper on entry guards.

B'fhéidir é. Má tá, ba chóir duit triail a bhaint as droichead. Tá roinnt droichead ionsuite i mBrabhsálaí Tor, agus is féidir leat iad siúd a úsáid trí "Cumraigh" a roghnú (agus na treoracha a leanúint) sa bhfuinneog Tor Launcher a osclaíonn an chéad uair a úsáideann tú Brabhsálaí Tor. If you need other bridges, you can get them at our Bridges website. For more information about bridges, see the Tor Browser manual.

Ní thacaíonn, go hoifigiúil. There is something called the TorBSD project, but their Tor Browser is not officially supported.

Má úsáideann tú Brabhsálaí Tor agus brabhsálaí eile san am gcéanna, níl aon éifeacht ar fheidhmíocht Tor nó ar a ghnéithe príobháideachais. Mar sin féin, ba chóir duit a bheith ar an eolas nach mbeidh na gnéithe príobháideachais céanna ar fáil sa mbrabhsálaí eile. Mar sin, caithfidh tú a bheith cúramach gan an brabhsálaí eile a úsáid chun rud éigin a dhéanamh a bhí tú ag iarraidh a dhéanamh i mBrabhsálaí Tor.

Molaimid go láidir duit gan athrú a dhéanamh ar an gcaoi a gcruthaíonn Tor a chuid ciorcad. You get the best security that Tor can provide when you leave the route selection to Tor; overriding the entry/exit nodes can compromise your anonymity. Mura bhfuil tú ach ag iarraidh teacht ar acmhainní nach bhfuil ar fáil ach i dtír amháin, b'fhéidir go mbeadh sé níos fearr VPN a úsáid in áit Tor. Réitíonn VPNanna roinnt fadhbanna a bhaineann le geoshuíomh, ach ní bhfaighidh tú na gnéithe céanna príobháideachais a fhaigheann tú ó Tor.

Ní féidir, faraor. Níl aon leagan de Bhrabhsálaí Tor ar Chrome OS faoi láthair. You could run Tor Browser for Android on Chrome OS. Note that by using Tor Mobile on Chrome OS, you will view the mobile (not desktop) versions of websites. However, because we have not audited the app in Chrome OS, we don't know if all the privacy features of Tor Browser for Android will work well.

Molaimid go láidir duit gan breiseáin nua a shuiteáil i mBrabhsálaí Tor, ar eagla go gcuirfidís do phríobháideachas agus do shlándáil i gcontúirt.

Installing new add-ons may affect Tor Browser in unforeseen ways and potentially make your Tor Browser fingerprint unique. If your copy of Tor Browser has a unique fingerprint, your browsing activities can be deanonymized and tracked even though you are using Tor Browser.

Basically, each browser's settings and features create what is called a "browser fingerprint". Most browsers inadvertently create a unique fingerprint for each user which can be tracked across the internet. Tor Browser is specifically engineered to have a nearly identical (we're not perfect!) fingerprint across its users. This means each Tor Browser user looks like every other Tor Browser user, making it difficult to track any individual user.

There's also a good chance a new add-on will increase the attack surface of Tor Browser. This may allow sensitive data to be leaked or allow an attacker to infect Tor Browser. The add-on itself could even be maliciously designed to spy on you.

Tor Browser already comes installed with two add-ons — HTTPS Everywhere and NoScript — and adding anything else could deanonymize you.

Want to learn more about browser fingerprinting? Here's an article on The Tor Blog all about it.

Trácht de chuid bhrabhsálaí Tor amháin a sheoltar thar líonra Tor. Ní bheidh feidhmchláir eile ar do chóras (brabhsálaithe eile san áireamh) ceangailte le líonra Tor, agus ní bheidh siad cosanta dá bharr sin. Caithfidh tú cumrú speisialta a dhéanamh chun Tor a úsáid leo. If you need to be sure that all traffic will go through the Tor network, take a look at the Tails live operating system which you can start on almost any computer from a USB stick or a DVD.

Flash is disabled in Tor Browser, and we recommend you to not enable it. Creidimid go bhfuil sé contúirteach Flash a úsáid i mbrabhsálaí ar bith — is bogearra an-neamhshlán é a chuireann do phríobháideachas agus do ríomhaire i gcontúirt. Ar an dea-uair, tá suímh Ghréasáin, gléasanna, agus brabhsálaithe eile ag tabhairt droim láimhe do Flash.

Iarradh an spriocfhillteán ort nuair a d'íoslódáil agus a rith tú an comhad. Má rinne tú dearmad den fhillteán a roghnaigh tú, is é is dóichí gurb é an fillteán Downloads nó Desktop.

The default setting in the Windows installer also creates a shortcut for you on your Desktop, though be aware that you may have accidentally deselected the option to create a shortcut.

Mura bhfeiceann tú i gceachtar de na fillteáin sin é, íoslódáil arís agus coinnigh súil amach don cheist a iarrann ort an fillteán íoslódála a roghnú. Roghnaigh fillteán nach ndéanfaidh tú dearmad air, agus chomh luath agus a bheidh an íoslódáil críochnaithe, feicfidh tú Brabhsálaí Tor ann.

Go minic is féidir próisis áirithe a chur ar "liosta bán" sa chaoi nach gcuirfidh an bogearra frithvíris cosc orthu. Ba chóir duit an bogearra frithvíris a oscailt agus "liosta bán" nó a leithéid a lorg sna socruithe. Ansin, cuir na próisis seo a leanas ar an liosta bán:

  • Ar Windows
    • firefox.exe
    • tor.exe
    • obfs4proxy.exe (má úsáideann tú droichid)
  • For macOS
    • TorBrowser
    • tor.real
    • obfs4proxy (má úsáideann tú droichid)

Ansin, atosaigh Brabhsálaí Tor. Is dócha go réiteoidh seo an fhadhb. Tabhair faoi deara go gcuireann bogearraí frithvíris áirithe, mar shampla Kaspersky, cosc ar Tor ag leibhéal an bhalla dóiteáin.

Aon uair a fhoilsímid leagan nua cobhsaí de Bhrabhsálaí Tor, scríobhaimid postáil ar ár mblag a dhéanann cur síos ar na gnéithe nua atá ann, agus ar aon fhadhbanna ar ár n-eolas. If you started having issues with your Tor Browser after an update, check out blog.torproject.org for a post on the most recent stable Tor Browser to see if your issue is listed. If your issue is not listed, please file a bug report about what you're experiencing.

Tor Browser in its default mode is starting with a content window rounded to a multiple of 200px x 100px to prevent fingerprinting the screen dimensions. The strategy here is to put all users in a couple of buckets to make it harder to single them out. That works so far until users start to resize their windows (e.g. by maximizing them or going into fullscreen mode). Tor Browser 9 ships with a fingerprinting defense for those scenarios as well, which is called Letterboxing), a technique developed by Mozilla and presented earlier this year. It works by adding white margins to a browser window so that the window is as close as possible to the desired size while users are still in a couple of screen size buckets that prevent singling them out with the help of screen dimensions.

In simple words, this technique makes groups of users of certain screen sizes and this makes it harder to single out users on basis of screen size, as many users will have same screen size.

Digital signature is a process ensuring that a certain package was generated by its developers and has not been tampered with. Below we explain why it is important and how to verify that the Tor program you download is the one we have created and has not been modified by some attacker.

Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc". These .asc files are OpenPGP signatures. They allow you to verify the file you've downloaded is exactly the one that we intended you to get.

For example, torbrowser-install-win64-9.0_en-US.exe is accompanied by torbrowser-install-win64-9.0_en-US.exe.asc.

We now show how you can verify the downloaded file's digital signature on different operating systems. Please notice that a signature is dated the moment the package has been signed. Therefore every time a new file is uploaded a new signature is generated with a different date. As long as you have verified the signature you should not worry that the reported date may vary.

Installing GnuPG

First of all you need to have GnuPG installed before you can verify signatures.

For Windows users:

If you run Windows, download Gpg4win and run its installer.

In order to verify the signature you will need to type a few commands in windows command-line, cmd.exe.

For macOS users:

If you are using macOS, you can install GPGTools.

In order to verify the signature you will need to type a few commands in the Terminal (under "Applications").

For GNU/Linux users:

If you are using GNU/Linux, then you probably already have GnuPG in your system, as most GNU/Linux distributions come with it preinstalled.

In order to verify the signature you will need to type a few commands in a terminal window. How to do this will vary depending on your distribution.

Fetching the Tor Developers key

The Tor Browser team signs Tor Browser releases. Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

This should show you something like:

gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <torbrowser@torproject.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
pub   rsa4096 2014-12-15 [C] [expires: 2020-08-24]
      EF6E286DDA85EA2A4BA7DE684E2C6E8793298290
uid           [ unknown] Tor Browser Developers (signing key) <torbrowser@torproject.org>
sub   rsa4096 2018-05-26 [S] [expires: 2020-09-12]

After importing the key, you can save it to a file (identifying it by fingerprint here):

gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290

Verifying the signature

To verify the signature of the package you downloaded, you will need to download the corresponding ".asc" signature file as well as the installer file itself, and verify it with a command that asks GnuPG to verify the file that you downloaded.

The examples below assume that you downloaded these two files to your "Downloads" folder.

For Windows users:

gpgv --keyring .\tor.keyring Downloads\torbrowser-install-win64-9.0_en-US.exe.asc Downloads\torbrowser-install-win64-9.0_en-US.exe

For macOS users:

gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-9.0-osx64_en-US.dmg{.asc,}

For GNU/Linux users (change 64 to 32 if you have the 32-bit package):

gpgv --keyring ./tor.keyring ~/Downloads/tor-browser-linux64-9.0_en-US.tar.xz{.asc,}

The result of the command should produce something like this:

gpgv: Signature made 07/08/19 04:03:49 Pacific Daylight Time
gpgv:                using RSA key EB774491D9FF06E2
gpgv: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>"

Workaround (using a public key)

If you encounter errors you cannot fix, feel free to download and use this public key instead. Alternatively, you may use the following command:

curl -s https://openpgpkey.torproject.org/.well-known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg --import -

You may also want to learn more about GnuPG.

Some antivirus software will pop up malware and/or vulnerability warnings when Tor Browser is launched. If you downloaded Tor Browser from our main website or used GetTor, and verified it, these are false positives and you have nothing to worry about. Some antiviruses consider that files that have not been seen by a lot of users as suspicious. To make sure that the Tor program you download is the one we have created and has not been modified by some attacker, you can verify Tor Browser's signature. You may also want to whitelist certain processes to prevent antiviruses from blocking access to Tor Browser.

Tor Messenger

No. After eleven beta releases, we discontinued support of Tor Messenger. Creidimid go bhféadfaí Tor a úsáid in aip chumarsáide den sórt seo, ach níl na hacmhainní againn faoi láthair lena dhéanamh. Do you? Contact us.

Tor Soghluaiste

It will be, soon. In the meantime you can use F-Droid to download Tor Browser for Android by enabling the Guardian Project's Repository.

Learn how to add a repository to F-Droid.

While both Tor Browser for Android and Orbot are great, they serve different purposes. Tor Browser for Android is like the desktop Tor Browser, but on your mobile device. It is a one stop browser that uses the Tor network and tries to be as anonymous as possible. Orbot on the other hand is a proxy that will enable you to send the data from your other applications (E-Mail clients, instant messaging apps, etc.) through the tor network; a version of Orbot is also inside of the Tor Browser for Android, and is what enables it to connect to the Tor network. That version, however, does not enable you to send other apps outside of the Tor Browser for Android through it. Depending on how you want to use the tor network, either one or both of these could be a great option.

Níl aon bhealach oifigiúil ann faoi láthair chun Tor a úsáid ar Windows Phone.

Is féidir. Molaimid aip iOS darb ainm Onion Browser. Tá an cód oscailte, úsáideann sé ródúchán Tor, agus oibríonn an príomhfhorbróir i ndlúthpháirt le Tionscadal Tor. Éilíonn Apple go n-úsáidfidh gach brabhsálaí ar iOS an t-inneall Webkit, agus dá bharr sin níl Onion Browser chomh héifeachtach le Brabhsálaí Tor ó thaobh príobháideachais.

Learn more about Onion Browser. Download Onion Browser from the App Store.

The Guardian Project maintains Orbot (and other privacy applications) on Android. More info can be found on the Guardian Project's website.

Yes, there is a version of Tor Browser available specifically for Android. Installing Tor Browser for Android is all you need to run Tor on your Android device.

The Guardian Project provides the app Orbot which can be used to route other apps on your Android device over the Tor network, however only Tor Browser for Android is needed to browse the web with Tor.

GetTor

If you can't download Tor Browser through our website, you can get a copy of Tor Browser delivered to you via GetTor. Is éard atá in GetTor ná seirbhís a fhreagraíonn teachtaireachtaí le nascanna leis an leagan is déanaí de Bhrabhsálaí Tor, óstáilte in áiteanna éagsúla nach bhfuil faoi chinsireacht, ar nós Dropbox, Tiomántán Google, agus Github. You can also download Tor Browser from https://tor.eff.org or from https://tor.ccc.de. For more geographically specific links visit Tor: Mirrors

Seol teachtaireacht rphoist chuig gettor@torproject.org. Write your operating system (such as Windows, macOS, or Linux) in the body of the message and send. GetTor will respond with an email containing links from which you can download Tor Browser, the cryptographic signature (needed for verifying the download), the fingerprint of the key used to make the signature, and the package’s checksum. Má tá rogha agat idir bogearra "32-giotán" nó "64-giotán", braitheann an freagra ar an sórt ríomhaire atá agat; féach ar an doiciméadú maidir le do ríomhaire chun tuilleadh eolais a fháil.

GetTor via Twitter is currently under maintenance. Please use the email instead.

Le nasc íoslódála do Bhrabhsálaí Tor a fháil, seol teachtaireacht r-phoist chuig gettor@torproject.org a bhfuil ceann de na cóid seo a leanas inti:

  • Linux
  • macOS (OS X)
  • Windows

Ag Ceangal le Tor

Murar féidir leat an tseirbhís onion atá uait a bhaint amach, deimhnigh gur chuir tú an seoladh onion 16-carachtar, nó sa leagan is déanaí, 56-carachtar, isteach i gceart: chuirfeadh fiú botún beag Brabhsálaí Tor ar strae agus ní bheadh sé in ann an tseirbhís a bhaint amach. Mura bhfuil tú in ann ceangal a bhunú leis an tseirbhís onion fós, bain triail eile as ar ball. B'fhéidir go bhfuil fadhb shealadach leis an líonra, nó b'fhéidir gur lig stiúrthóirí an tsuímh dó dul as líne gan rabhadh.

You can also ensure that you're able to access other onion services by connecting to DuckDuckGo's onion service.

If you’re having trouble connecting, an error message may appear and you can select the option to "copy Tor log to clipboard". Ansin, greamaigh an logchomhad Tor isteach i dtéacschomhad nó i gcáipéis eile.

Alternatively, if you don't see this option and you have Tor Browser open, you can navigate to the hamburger menu (on the top-right of the browser, to the right of the URL bar), then click on "Preferences", and finally on "Tor" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...".

Is dócha go bhfeicfidh tú ceann de na hearráidí coitianta seo (cuardaigh na línte seo a leanas sa logchomhad Tor):

Common log error #1: Proxy connection failure
2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé gur theip ort ceangal a bhunú le seachfhreastalaí SOCKS. Má theastaíonn seachfhreastalaí SOCKS uait ar do líonra, deimhnigh gur chuir tú mionsonraí an fhreastalaí isteach go ceart. Mura dteastaíonn seachfhreastalaí SOCKS uait, nó mura bhfuil tú cinnte, déan iarracht ceangal a bhunú le líonra Tor gan seachfhreastalaí SOCKS.

Earráid choitianta #2 sa logchomhad: Ní féidir garda iontrála a bhaint amach
11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

Má fheiceann tú línte den sórt seo sa logchomhad Tor, ciallaíonn sé gur theip ar Tor ceangal a bhunú leis an chéad nód sa gciorcad Tor. Seans go gciallaíonn sé seo go bhfuil do líonra faoi chinsireacht.

Ba chóir duit triail a bhaint as droichead; is dócha go réiteoidh sin an fhadhb.

Earráid choitianta #3 sa logchomhad: Níorbh fhéidir an croitheadh láimhe TLS a chur i gcrích
13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé gur theip ar Tor croitheadh láimhe TLS leis na húdaráis a chur i gcrích. Is dócha go réiteoidh droichead an fhadhb seo.

Earráid choitianta #4 sa logchomhad: Clog ar sceabha
19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé go bhfuil an clog i do ríomhaire mícheart. Ba chóir duit deimhniú go bhfuil an clog socraithe mar is ceart, an crios ama san áireamh. Ansin, atosaigh Tor.

Is minic go mbíonn fadhb le clog an chórais ina cúis le hearráidí i mBrabhsálaí Tor. Ba chóir duit deimhniú go bhfuil clog an chórais agus an crios ama socraithe mar is ceart. If this doesn't fix the problem, see the Troubleshooting page on the Tor Browser manual.

Cinsireacht

Is éard atá i nDroichead ná athsheachadán Tor nach bhfuil liostáilte san eolaire poiblí Tor.

Ciallaíonn sé seo nach féidir le soláthraithe seirbhíse nó le rialtais cosc a chur ar líonra Tor trí cosc a chur ar gach uile dhroichead. Tá droichid úsáideach d'úsáideoirí Tor ina gcónaí i dtíortha faoi réimeas leatromach, nó dóibh siúd ar mhaith leo sraith bhreise slándála toisc go bhfuil imní orthu go n-aithneofar go bhfuil siad ag baint úsáide as seoladh IP ceangailte le hathsheachadán poiblí Tor.

Is gá cumraíocht rud beag difriúil a dhéanamh le droichid. See How do I run a bridge for instructions.

Tá roinnt tíortha, an tSín agus an Iaráin san áireamh, in ann ceangail trí dhroichead Tor a aimsiú agus cosc a chur orthu. Obfsproxy bridges address this by adding another layer of obfuscation. Teastaíonn pacáiste agus cumraíocht bhreise uait chun droichead obfsproxy a shocrú. See our page on pluggable transports for more info.

If you’re having trouble connecting, an error message may appear and you can select the option to "copy Tor log to clipboard". Ansin, greamaigh an logchomhad Tor isteach i dtéacschomhad nó i gcáipéis eile.

Alternatively, if you don't see this option and you have Tor Browser open, you can navigate to the hamburger menu (on the top-right of the browser, to the right of the URL bar), then click on "Preferences", and finally on "Tor" in the side bar. At the bottom of the page, next to the "View the Tor logs" text, click the button "View Logs...".

Is dócha go bhfeicfidh tú ceann de na hearráidí coitianta seo (cuardaigh na línte seo a leanas sa logchomhad Tor):

Common log error #1: Proxy connection failure
2017-10-29 09:23:40.800 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 5%: Connecting to directory server
2017-10-29 09:23:47.900 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
2017-10-29 09:24:08.900 [WARN] Proxy Client: unable to connect to xx..xxx..xxx.xx:xxxxx ("general SOCKS server failure")

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé gur theip ort ceangal a bhunú le seachfhreastalaí SOCKS. Má theastaíonn seachfhreastalaí SOCKS uait ar do líonra, deimhnigh gur chuir tú mionsonraí an fhreastalaí isteach go ceart. Mura dteastaíonn seachfhreastalaí SOCKS uait, nó mura bhfuil tú cinnte, déan iarracht ceangal a bhunú le líonra Tor gan seachfhreastalaí SOCKS.

Earráid choitianta #2 sa logchomhad: Ní féidir garda iontrála a bhaint amach
11/1/2017 21:11:43 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
11/1/2017 21:11:44 PM.300 [NOTICE] Bootstrapped 80%: Connecting to the Tor network
11/1/2017 21:11:44 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.
11/1/2017 21:11:44 PM.500 [NOTICE] Bootstrapped 85%: Finishing handshake with first hop
11/1/2017 21:11:45 PM.300 [WARN] Failed to find node for hop 0 of our path. Discarding this circuit.

Má fheiceann tú línte den sórt seo sa logchomhad Tor, ciallaíonn sé gur theip ar Tor ceangal a bhunú leis an chéad nód sa gciorcad Tor. Seans go gciallaíonn sé seo go bhfuil do líonra faoi chinsireacht.

Ba chóir duit triail a bhaint as droichead; is dócha go réiteoidh sin an fhadhb.

Earráid choitianta #3 sa logchomhad: Níorbh fhéidir an croitheadh láimhe TLS a chur i gcrích
13-11-17 19:52:24.300 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
13-11-17 19:53:49.300 [WARN] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 10; recommendation warn; host [host] at xxx.xxx.xxx.xx:xxx) 
13-11-17 19:53:49.300 [WARN] 10 connections have failed: 
13-11-17 19:53:49.300 [WARN]  9 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE 
13-11-17 19:53:49.300 [WARN]  1 connections died in state connect()ing with SSL state (No SSL object)

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé gur theip ar Tor croitheadh láimhe TLS leis na húdaráis a chur i gcrích. Is dócha go réiteoidh droichead an fhadhb seo.

Earráid choitianta #4 sa logchomhad: Clog ar sceabha
19.11.2017 00:04:47.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
19.11.2017 00:04:48.000 [NOTICE] Bootstrapped 5%: Connecting to directory server 
19.11.2017 00:04:48.200 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
19.11.2017 00:04:48.800 [WARN] Received NETINFO cell with skewed time (OR:xxx.xx.x.xx:xxxx): It seems that our clock is behind by 1 days, 0 hours, 1 minutes, or that theirs is ahead. Tor requires an accurate clock to work: please check your time, timezone, and date settings.

Má fheiceann tú línte den sórt seo i do logchomhad Tor, ciallaíonn sé go bhfuil an clog i do ríomhaire mícheart. Ba chóir duit deimhniú go bhfuil an clog socraithe mar is ceart, an crios ama san áireamh. Ansin, atosaigh Tor.

B'fhéidir é. Má tá, ba chóir duit triail a bhaint as droichead. Tá roinnt droichead ionsuite i mBrabhsálaí Tor, agus is féidir leat iad siúd a úsáid trí "Cumraigh" a roghnú (agus na treoracha a leanúint) sa bhfuinneog Tor Launcher a osclaíonn an chéad uair a úsáideann tú Brabhsálaí Tor. If you need other bridges, you can get them at our Bridges website. For more information about bridges, see the Tor Browser manual.

If you can't download Tor Browser through our website, you can get a copy of Tor Browser delivered to you via GetTor. Is éard atá in GetTor ná seirbhís a fhreagraíonn teachtaireachtaí le nascanna leis an leagan is déanaí de Bhrabhsálaí Tor, óstáilte in áiteanna éagsúla nach bhfuil faoi chinsireacht, ar nós Dropbox, Tiomántán Google, agus Github. You can also download Tor Browser from https://tor.eff.org or from https://tor.ccc.de. For more geographically specific links visit Tor: Mirrors

Uaireanta, cuireann suímh cosc ar úsáideoirí toisc nach féidir leo idirdhealú a dhéanamh idir gnáthúsáideoirí Tor agus trácht uathoibrithe. An straitéis is fearr atá againn ó thaobh deireadh a chur leis an gcosc ar úsáideoirí Tor ná dul i dteagmháil go díreach le riarthóirí an tsuímh. Seans go ndéanfadh rud éigin mar seo an beart:

"Dia dhuit! Rinne mé iarracht cuairt a thabhairt ar do shuíomh xyz.com le Brabhsálaí Tor ach de réir cosúlachta cuireann sibh cosc ar úsáideoirí Tor. Molaim go láidir duit athmhachnamh a dhéanamh ar an gcinneadh seo; úsáideann daoine ar fud an domhain Tor lena bpríobháideachas a chosaint agus le troid in aghaidh cinsireachta. Trí chosc a chur ar úsáideoirí Tor, is dócha go bhfuil tú ag cur cosc ar dhaoine atá faoi smacht ina dtír dhúchais agus nach bhfuil in ann leas a bhaint as Idirlíon saor is oscailte, ar iriseoirí, taighdeoirí, daoine nochta scéil, gníomhaithe, agus gnáthdhaoine nach bhfuil sásta leis an lorgaireacht chunórach a dhéanann tríú páirtithe ar an nGréasán. Iarraim ort an fód a sheasamh ar son príobháideachais dhigitigh agus ar son saoirse Idirlín, trí chead a thabhairt d'úsáideoirí Tor xyz.com a úsáid. Go raibh míle maith agat."

I gcás bancanna nó suímh íogaire eile, feictear blocáil bunaithe ar thíreolaíocht (má tá a fhios ag an mbanc a úsáideann tú a chuid seirbhísí ó thír amháin de ghnáth, agus má fheiceann siad go bhfuil tú ag ceangal ó thír ar an taobh eile den domhan, seans go gcuirfeadh an banc do chuntas faoi ghlas nó ar fionraí).

If you are unable to connect to an onion service, please see I cannot reach X.onion!.

Is féidir. Chabhródh Brabhsálaí Tor le daoine do shuíomh Gréasáin a bhaint amach aon áit ina bhfuil cosc air. Most of the time, simply downloading the Tor Browser and then using it to navigate to the blocked site will allow access. In places where there is heavy censorship we have a number of censorship circumvention options available, including pluggable transports.

For more information, please see the Tor Browser User Manual section on censorship.

HTTPS

The short answer is: Yes, you can browse normal HTTPS Sites using Tor.

HTTPS Connections are used to secure communications over computer networks. You can read more about HTTPS here. Tor Browser has the HTTPS Everywhere plugin which automatically switches thousands of sites from unencrypted "HTTP" to more private "HTTPS".

Cuireann Tor cosc ar chúléisteoirí na suímh a dtugann tú cuairt orthu a fheiceáil. Mar sin féin, nuair a sheolann tú faisnéis neamhchriptithe trasna an Idirlín thar HTTP, is féidir le hoibreoirí an athsheachadáin amach, nó le haon duine atá ag féachaint ar an trácht idir an athsheachadán amach agus an suíomh Gréasáin, an trácht sin a fheiceáil. Nuair a thugann tú cuairt ar shuíomh HTTPS, bíonn an trácht a fhágann an t-athsheachadán amach criptithe sa chaoi nach mbeadh cúléisteoir in ann é a léamh.

This visualization shows what information is visible to eavesdroppers with and without Tor Browser and HTTPS encryption.

Taispeánann an pictiúr seo an t-eolas atá cúléisteoirí in ann a fheiceáil le Brabhsálaí Tor agus criptiú HTTPS, agus gan iad:

  • Tar éis duit an cnaipe “Tor” a chliceáil, taispeánfar na sonraí a bhíonn cúléisteoirí in ann a fheiceáil nuair a úsáideann tú Tor. Iompóidh an cnaipe uaine mar léiriú go bhfuil Tor ar siúl.
  • Tar éis duit an cnaipe “HTTPS” a chliceáil, taispeánfar na sonraí a bhíonn cúléisteoirí in ann a fheiceáil nuair a úsáideann tú HTTPS. Iompóidh an cnaipe uaine mar léiriú go bhfuil HTTPS ar siúl.
  • Nuair a bhíonn an dá chnaipe uaine, léiríonn sé na sonraí a bhíonn cúléisteoirí in ann a fheiceáil nuair a úsáideann tú Tor agus HTTPS le chéile.
  • Nuair a bhíonn an dá chnaipe liath, léiríonn sé na sonraí a bhíonn cúléisteoirí in ann a fheiceáil nuair nach n-úsáideann tú Tor ná HTTPS.



POTENTIALLY VISIBLE DATA
Tuairisc.ie
An suíomh a dtugtar cuairt air.
úsáideoir / focal faire
Ainm úsáideora agus focal faire a úsáidtear le fíordheimhniú.
sonraí
Na sonraí á n-aistriú.
suíomh
Seoladh an ríomhaire a úsáideadh chun cuairt a thabhairt ar an suíomh (an seoladh IP poiblí).
Tor
An bhfuil Tor in úsáid nó nach bhfuil.

Oibreoirí

Tor guesses its IP address by asking the computer for its hostname, and then resolving that hostname. Often people have old entries in their /etc/hosts file that point to old IP addresses.

If that doesn't fix it, you should use the "Address" config option to specify the IP you want it to pick. If your computer is behind a NAT and it only has an internal IP address, see the following Support entry on dynamic IP addresses.

Also, if you have many addresses, you might also want to set "OutboundBindAddress" so external connections come from the IP you intend to present to the world.

If your relay is relatively new then give it time. Tor decides which relays it uses heuristically based on reports from Bandwidth Authorities. These authorities take measurements of your relay's capacity and, over time, directs more traffic there until it reaches an optimal load. The lifecycle of a new relay is explained in more depth in this blog post. If you've been running a relay for a while and still having issues then try asking on the tor-relays list.

If you allow exit connections, some services that people connect to from your relay will connect back to collect more information about you. For example, some IRC servers connect back to your identd port to record which user made the connection. (This doesn't really work for them, because Tor doesn't know this information, but they try anyway.) Also, users exiting from you might attract the attention of other users on the IRC server, website, etc. who want to know more about the host they're relaying through.

Another reason is that groups who scan for open proxies on the Internet have learned that sometimes Tor relays expose their socks port to the world. We recommend that you bind your socksport to local networks only.

In any case, you need to keep up to date with your security. See this article on security for Tor relays for more suggestions.

  • The exit relay is the most needed relay type but it also comes with the highest legal exposure and risk (and you should NOT run them from your home).
  • If you are looking to run a relay with minimal effort, fast guard relays are also very useful
  • Followed by bridges.

When an exit is misconfigured or malicious it's assigned the BadExit flag. This tells Tor to avoid exiting through that relay. In effect, relays with this flag become non-exits. If you got this flag then we either discovered a problem or suspicious activity when routing traffic through your exit and weren't able to contact you. Please reach out to the bad-relays team so we can sort out the issue.

When upgrading your Tor relay, or moving it on a different computer, the important part is to keep the same identity keys (stored in "keys/ed25519_master_id_secret_key" and "keys/secret_id_key" in your DataDirectory). Keeping backups of the identity keys so you can restore a relay in the future is the recommended way to ensure the reputation of the relay won't be wasted.

This means that if you're upgrading your Tor relay and you keep the same torrc and the same DataDirectory, then the upgrade should just work and your relay will keep using the same key. If you need to pick a new DataDirectory, be sure to copy your old keys/ed25519_master_id_secret_key and keys/secret_id_key over.

Note: As of Tor 0.2.7 we are using new generation identities for relays based on ed25519 elliptic curve cryptography. Eventually they will replace the old RSA identities, but that will happen in time, to ensure compatibility with older versions. Until then, each relay will have both an ed25519 identity (identity key file: keys/ed25519_master_id_secret_key) and a RSA identity (identity key file: keys/secret_id_key). You need to copy / backup both of them in order to restore your relay, change your DataDirectory or migrate the relay on a new computer.

We're looking for people with reasonably reliable Internet connections, that have at least 10 Mbit/s (Mbps) available bandwidth each way. If that's you, please consider running a Tor relay.

Even if you do not have at least 10 Mbit/s of available bandwidth you can still help the Tor network by running a Tor bridge with obfs4 support. In that case you should have at least 1 MBit/s of available bandwidth.

You're right, for the most part a byte into your Tor relay means a byte out, and vice versa. But there are a few exceptions:

If you open your DirPort, then Tor clients will ask you for a copy of the directory. The request they make (an HTTP GET) is quite small, and the response is sometimes quite large. This probably accounts for most of the difference between your "write" byte count and your "read" byte count.

Another minor exception shows up when you operate as an exit node, and you read a few bytes from an exit connection (for example, an instant messaging or ssh connection) and wrap it up into an entire 512 byte cell for transport through the Tor network.

If your Tor relay is using more memory than you'd like, here are some tips for reducing its footprint:

  • If you're on Linux, you may be encountering memory fragmentation bugs in glibc's malloc implementation. That is, when Tor releases memory back to the system, the pieces of memory are fragmented so they're hard to reuse. The Tor tarball ships with OpenBSD's malloc implementation, which doesn't have as many fragmentation bugs (but the tradeoff is higher CPU load). You can tell Tor to use this malloc implementation instead: ./configure --enable-openbsd-malloc.
  • If you're running a fast relay, meaning you have many TLS connections open, you are probably losing a lot of memory to OpenSSL's internal buffers (38KB+ per socket). We've patched OpenSSL to release unused buffer memory more aggressively. If you update to OpenSSL 1.0.0 or newer, Tor's build process will automatically recognize and use this feature.
  • If you still can't handle the memory load, consider reducing the amount of bandwidth your relay advertises. Advertising less bandwidth means you will attract fewer users, so your relay shouldn't grow as large. See the MaxAdvertisedBandwidth option in the man page.

All of this said, fast Tor relays do use a lot of ram. It is not unusual for a fast exit relay to use 500-1000 MB of memory.

We aim to make setting up a Tor relay easy and convenient:

  • It's fine if the relay goes offline sometimes. The directories notice this quickly and stop advertising the relay. Just try to make sure it's not too often, since connections using the relay when it disconnects will break.
  • Each Tor relay has an exit policy that specifies what sort of outbound connections are allowed or refused from that relay. If you are uncomfortable allowing people to exit from your relay, you can set it up to only allow connections to other Tor relays.
  • Your relay will passively estimate and advertise its recent bandwidth capacity, so high-bandwidth relays will attract more users than low-bandwidth ones. Therefore, having low-bandwidth relays is useful too.

If you're using Debian or Ubuntu especially, there are a number of benefits to installing Tor from the Tor Project's repository.

  • Your ulimit -n gets set to 32768 high enough for Tor to keep open all the connections it needs.
  • A user profile is created just for Tor, so Tor doesn't need to run as root.
  • An init script is included so that Tor runs at boot.
  • Tor runs with --verify-config, so that most problems with your config file get caught.
  • Tor can bind to low level ports, then drop privileges.

All outgoing connections must be allowed, so that each relay can communicate with every other relay.

In many jurisdictions, Tor relay operators are legally protected by the same common carrier regulations that prevent internet service providers from being held liable for third-party content that passes through their network. Exit relays that filter some traffic would likely forfeit those protections.

Tor promotes free network access without interference. Exit relays must not filter the traffic that passes through them to the internet. Exit relays found to be filtering traffic will get the BadExit flag once detected.

Ní bheadh. Dá gcuirfeadh na gardaí spéis sa trácht atá ag dul trí d'athsheachadán amach, bheadh contúirt ann go ngabhfaidís seilbh ar do ríomhaire. Dá bharr seo, níor chóir duit athsheachadán amach a rith sa mbaile nó ar do líonra baile.

Ina áit sin, ba chóir duit an t-athsheachadán amach a rith i gcomhlacht a thacaíonn le haidhmeanna Tor. Úsáid seoladh IP ar leith don athsheachadán amach, agus ná seol do chuid tráchta féin tríd. Ar ndóigh, níor chóir duit aon fhaisnéis phearsanta nó íogair a choinneáil ar an ríomhaire a bhfuil an t-athsheachadán amach air.

  • Ná húsáid na pacáistí i gcartlanna Ubuntu. Ní dhéantar nuashonrú orthu ar bhonn rialta. Má úsáideann tú iad, ní bhfaighidh tú nuashonruithe tábhachtacha a bhaineann le cobhsaíocht agus le slándáil.
  • Is féidir leat an leagan Ubuntu atá agat a fháil amach leis an ordú seo a leanas:
     $ lsb_release -c
    
  • As root, add the following lines to /etc/apt/sources.list. Replace 'version' with the version you found in the previous step:
     $ deb https://deb.torproject.org/torproject.org version main
     $ deb-src https://deb.torproject.org/torproject.org version main
    
  • Sainigh an eochair gpg a úsáideadh chun na pacáistí a shíniú leis na horduithe seo a leanas:
     $ curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo apt-key add -
    
  • Rith na horduithe seo a leanas chun Tor a shuiteáil agus na sínithe a dheimhniú:
     $ sudo apt-get update
     $ sudo apt-get install tor deb.torproject.org-keyring
    

In simple words, it works like this:

  • There is a master ed25519 identity secret key file named "ed25519_master_id_secret_key". This is the most important one, so make sure you keep a backup in a secure place - the file is sensitive and should be protected. Tor could encrypt it for you if you generate it manually and enter a password when asked.
  • A medium term signing key named "ed25519_signing_secret_key" is generated for Tor to use. Also, a certificate is generated named "ed25519_signing_cert" which is signed by the master identity secret key and confirms that the medium term signing key is valid for a certain period of time. The default validity is 30 days, but this can be customized by setting "SigningKeyLifetime N days|weeks|months" in torrc.
  • There is also a master public key named "ed25519_master_id_public_key, which is the actual identity of the relay advertised in the network. This one is not sensitive and can be easily computed from "ed5519_master_id_secret_key".

Tor will only need access to the medium term signing key and certificate as long as they are valid, so the master identity secret key can be kept outside DataDirectory/keys, on a storage media or a different computer. You'll have to manually renew the medium term signing key and certificate before they expire otherwise the Tor process on the relay will exit upon expiration.

This feature is optional, you don't need to use it unless you want to. If you want your relay to run unattended for longer time without having to manually do the medium term signing key renewal on regular basis, best to leave the master identity secret key in DataDirectory/keys, just make a backup in case you'll need to reinstall it. If you want to use this feature, you can consult our more detailed guide on the topic.

Since it's now a guard, clients are using it less in other positions, but not many clients have rotated their existing guards out to use it as a guard yet. Read more details in this blog post or in Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor.

Great. If you want to run several relays to donate more to the network, we're happy with that. But please don't run more than a few dozen on the same network, since part of the goal of the Tor network is dispersal and diversity.

If you do decide to run more than one relay, please set the "MyFamily" config option in the torrc of each relay, listing all the relays (comma-separated) that are under your control:

MyFamily $fingerprint1,$fingerprint2,$fingerprint3

where each fingerprint is the 40 character identity fingerprint (without spaces).

That way, Tor clients will know to avoid using more than one of your relays in a single circuit. You should set MyFamily if you have administrative control of the computers or of their network, even if they're not all in the same geographic location.

The accounting options in the torrc file allow you to specify the maximum amount of bytes your relay uses for a time period.

    AccountingStart day week month [day] HH:MM

This specifies when the accounting should reset. For instance, to setup a total amount of bytes served for a week (that resets every Wednesday at 10:00am), you would use:

    AccountingStart week 3 10:00
    AccountingMax 500 GBytes

This specifies the maximum amount of data your relay will send during an accounting period, and the maximum amount of data your relay will receive during an account period. When the accounting period resets (from AccountingStart), then the counters for AccountingMax are reset to 0.

Example: Let's say you want to allow 50 GB of traffic every day in each direction and the accounting should reset at noon each day:

    AccountingStart day 12:00
    AccountingMax 50 GBytes

Note that your relay won't wake up exactly at the beginning of each accounting period. It will keep track of how quickly it used its quota in the last period, and choose a random point in the new interval to wake up. This way we avoid having hundreds of relays working at the beginning of each month but none still up by the end.

If you have only a small amount of bandwidth to donate compared to your connection speed, we recommend you use daily accounting, so you don't end up using your entire monthly quota in the first day. Just divide your monthly amount by 30. You might also consider rate limiting to spread your usefulness over more of the day: if you want to offer X GB in each direction, you could set your RelayBandwidthRate to 20*X KBytes. For example, if you have 50 GB to offer each way, you might set your RelayBandwidthRate to 1000 KBytes: this way your relay will always be useful for at least half of each day.

    AccountingStart day 0:00
    AccountingMax 50 GBytes
    RelayBandwidthRate 1000 KBytes
    RelayBandwidthBurst 5000 KBytes # allow higher bursts but maintain average

Tor has partial support for IPv6 and we encourage every relay operator to enable IPv6 functionality in their torrc configuration files when IPv6 connectivity is available. For the time being Tor will require IPv4 addresses on relays, you can not run a Tor relay on a host with IPv6 addresses only.

The parameters assigned in the AccountingMax and BandwidthRate apply to both client and relay functions of the Tor process. Thus you may find that you are unable to browse as soon as your Tor goes into hibernation, signaled by this entry in the log:

Bandwidth soft limit reached; commencing hibernation. No new
    connections will be accepted

The solution is to run two Tor processes - one relay and one client, each with its own config. One way to do this (if you are starting from a working relay setup) is as follows:

  • In the relay Tor torrc file, simply set the SocksPort to 0.
  • Create a new client torrc file from the torrc.sample and ensure it uses a different log file from the relay. One naming convention may be torrc.client and torrc.relay.
  • Modify the Tor client and relay startup scripts to include -f /path/to/correct/torrc.
  • In Linux/BSD/Mac OS X, changing the startup scripts to Tor.client and Tor.relay may make separation of configs easier.

Great. That's exactly why we implemented exit policies.

Each Tor relay has an exit policy that specifies what sort of outbound connections are allowed or refused from that relay. The exit policies are propagated to Tor clients via the directory, so clients will automatically avoid picking exit relays that would refuse to exit to their intended destination. This way each relay can decide the services, hosts, and networks it wants to allow connections to, based on abuse potential and its own situation. Read the Support entry on issues you might encounter if you use the default exit policy, and then read Mike Perry's tips for running an exit node with minimal harassment.

The default exit policy allows access to many popular services (e.g. web browsing), but restricts some due to abuse potential (e.g. mail) and some since the Tor network can't handle the load (e.g. default file-sharing ports). You can change your exit policy by editing your torrc file. If you want to avoid most if not all abuse potential, set it to "reject :". This setting means that your relay will be used for relaying traffic inside the Tor network, but not for connections to external websites or other services.

If you do allow any exit connections, make sure name resolution works (that is, your computer can resolve Internet addresses correctly). If there are any resources that your computer can't reach (for example, you are behind a restrictive firewall or content filter), please explicitly reject them in your exit policy otherwise Tor users will be impacted too.

Tor can handle relays with dynamic IP addresses just fine. Just leave the "Address" line in your torrc blank, and Tor will guess.

Yes, you do get better anonymity against some attacks.

The simplest example is an attacker who owns a small number of Tor relays. They will see a connection from you, but they won't be able to know whether the connection originated at your computer or was relayed from somebody else.

There are some cases where it doesn't seem to help: if an attacker can watch all of your incoming and outgoing traffic, then it's easy for them to learn which connections were relayed and which started at you. (In this case they still don't know your destinations unless they are watching them too, but you're no better off than if you were an ordinary client.)

There are also some downsides to running a Tor relay. First, while we only have a few hundred relays, the fact that you're running one might signal to an attacker that you place a high value on your anonymity. Second, there are some more esoteric attacks that are not as well-understood or well-tested that involve making use of the knowledge that you're running a relay -- for example, an attacker may be able to "observe" whether you're sending traffic even if they can't actually watch your network, by relaying traffic through your Tor relay and noticing changes in traffic timing.

It is an open research question whether the benefits outweigh the risks. A lot of that depends on the attacks you are most worried about. For most users, we think it's a smart move.

See portforward.com for directions on how to port forward with your NAT/router device.

If your relay is running on a internal net, you need to setup port forwarding. Forwarding TCP connections is system dependent but the firewalled-clients FAQ entry offers some examples on how to do this.

Also, here's an example of how you would do this on GNU/Linux if you're using iptables:

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 9001 -j ACCEPT

You may have to change "eth0" if you have a different external interface (the one connected to the Internet). Chances are you have only one (except the loopback) so it shouldn't be too hard to figure out.

There are two options you can add to your torrc file:

BandwidthRate is the maximum long-term bandwidth allowed (bytes per second). For example, you might want to choose "BandwidthRate 10 MBytes" for 10 megabytes per second (a fast connection), or "BandwidthRate 500 KBytes" for 500 kilobytes per second (a decent cable connection). The minimum BandwidthRate setting is 75 kilobytes per second.

BandwidthBurst is a pool of bytes used to fulfill requests during short periods of traffic above BandwidthRate but still keeps the average over a long period to BandwidthRate. A low Rate but a high Burst enforces a long-term average while still allowing more traffic during peak times if the average hasn't been reached lately. For example, if you choose "BandwidthBurst 500 KBytes" and also use that for your BandwidthRate, then you will never use more than 500 kilobytes per second; but if you choose a higher BandwidthBurst (like 5 MBytes), it will allow more bytes through until the pool is empty.

If you have an asymmetric connection (upload less than download) such as a cable modem, you should set BandwidthRate to less than your smaller bandwidth (Usually that's the upload bandwidth). Otherwise, you could drop many packets during periods of maximum bandwidth usage - you may need to experiment with which values make your connection comfortable. Then set BandwidthBurst to the same as BandwidthRate.

Linux-based Tor nodes have another option at their disposal: they can prioritize Tor traffic below other traffic on their machine, so that their own personal traffic is not impacted by Tor load. A script to do this can be found in the Tor source distribution's contrib directory.

Additionally, there are hibernation options where you can tell Tor to only serve a certain amount of bandwidth per time period (such as 100 GB per month). These are covered in the hibernation entry below.

Note that BandwidthRate and BandwidthBurst are in Bytes, not Bits.

Seirbhísí Onion

When browsing an Onion Service, Tor Browser displays different onion icons in the address bar indicating the security of the current webpage.

Image of a green onion A green onion means:

  • The Onion Service is served over HTTP, or HTTPS with a self-signed certificate.

Image of a green onion with a lock A green onion with a lock means:

  • The Onion Service is served over HTTPS with a CA-Issued certificate.

Image of a grey onion with a red slash A grey onion with a red slash means:

  • The Onion Service is served over HTTPS with a self-signed or CA-Issued certificate.
  • The webpage contains subresources served over HTTP.

Murar féidir leat an tseirbhís onion atá uait a bhaint amach, deimhnigh gur chuir tú an seoladh onion 16-carachtar, nó sa leagan is déanaí, 56-carachtar, isteach i gceart: chuirfeadh fiú botún beag Brabhsálaí Tor ar strae agus ní bheadh sé in ann an tseirbhís a bhaint amach. Mura bhfuil tú in ann ceangal a bhunú leis an tseirbhís onion fós, bain triail eile as ar ball. B'fhéidir go bhfuil fadhb shealadach leis an líonra, nó b'fhéidir gur lig stiúrthóirí an tsuímh dó dul as líne gan rabhadh.

You can also ensure that you're able to access other onion services by connecting to DuckDuckGo's onion service.

Is féidir seirbhísí onion a úsáid chun brabhsáil ar ndóigh, ach is féidir iad a úsáid chun ábhar a fhoilsiú freisin, suímh Ghréasáin gan ainm san áireamh.

Onion services are also relied on for metadata-free chat and file sharing, safer interaction between journalists and their sources like with SecureDrop or OnionShare, safer software updates, and more secure ways to reach popular websites like Facebook.

These services use the special-use top level domain (TLD) .onion (instead of .com, .net, .org, etc..) and are only accessible through the Tor network.

Nuair a thugann tú cuairt ar shuíomh a úsáideann seirbhís onion, taispeánann Brabhsálaí Tor oinniún beag glas sa mbarra URL a léiríonn staid an cheangail: slán agus seirbhís onion i bhfeidhm.

Onion icon

And if you're accessing a website with HTTPS and onion service, it will show an icon of a green onion and a padlock.

Green onion with a padlock

Tugtar "onion" ar shuíomh Gréasáin nach féidir teacht air ach trí líonra Tor, agus úsáideann na suímh seo an fearann barrleibhéil .onion. For example, the DuckDuckGo onion is https://3g2upl4pq6kufc4m.onion. Is féidir leat Brabhsálaí Tor a úsáid chun teacht ar na suímh seo. Caithfidh tú na seoltaí a fháil go díreach ó óstach an tsuímh, toisc nach bhfuil suímh onion innéacsaithe ag innill chuardaigh sa chaoi a ndéantar le gnáthshuímh Ghréasáin.

Tor Metrics

We actually don't count users, but we count requests to the directories that clients make periodically to update their list of relays and estimate user numbers indirectly from there.

Relays and bridges report some of the data in 24-hour intervals which may end at any time of the day.
And after such an interval is over relays and bridges might take another 18 hours to report the data.
We cut off the last two days from the graphs, because we want to avoid that the last data point in a graph indicates a recent trend change which is in fact just an artifact of the algorithm.

No, but we can see what fraction of directories reported them, and then we can extrapolate the total number in the network.

We put in the assumption that the average client makes 10 such requests per day. A tor client that is connected 24/7 makes about 15 requests per day, but not all clients are connected 24/7, so we picked the number 10 for the average client.
We simply divide directory requests by 10 and consider the result as the number of users.
Another way of looking at it, is that we assume that each request represents a client that stays online for one tenth of a day, so 2 hours and 24 minutes.

Average number of concurrent users, estimated from data collected over a day. We can't say how many distinct users there are.

No, the relays that report these statistics aggregate requests by country of origin and over a period of 24 hours.
The statistics we would need to gather for the number of users per hour would be too detailed and might put users at risk.

Then we count those users as one. We really count clients, but it's more intuitive for most people to think of users, that's why we say users and not clients.

No, because that user updates their list of relays as often as a user that doesn't change IP address over the day.

The directories resolve IP addresses to country codes and report these numbers in aggregate form. This is one of the reasons why tor ships with a GeoIP database.

Very few bridges report data on transports or IP versions yet, and by default we consider requests to use the default OR protocol and IPv4. Once more bridges report these data, the numbers will become more accurate.

The reason is that we publish user numbers once we're confident enough that they won't change significantly anymore.
But it's always possible that a directory reports data a few hours after we were confident enough, but which then slightly changed the graph.

We do have descriptor archives from before that time, but those descriptors didn't contain all the data we use to estimate user numbers. Please find the following tarball for more details:

Tarball

For direct users, we include all directories which we didn't do in the old approach.
We also use histories that only contain bytes written to answer directory requests, which is more precise than using general byte histories.

Oh, that's a whole different story. We wrote a 13 page long technical report explaining the reasons for retiring the old approach.
tl;dr: in the old approach we measured the wrong thing, and now we measure the right thing.

We run an anomaly-based censorship-detection system that looks at estimated user numbers over a series of days and predicts the user number in the next days.
If the actual number is higher or lower, this might indicate a possible censorship event or release of censorship. For more details, see our technical report.

Topaicí Éagsúla

Ní dhéanaimid cothabháil ar Vidalia a thuilleadh. Tá cuid mhaith de na gnéithe in Vidalia ar fáil i mBrabhsálaí Tor anois.

Ní chuirimid aon seirbhísí ar líne ar fáil. A list of all of our software projects can be found on our projects page.

Ní choinníonn Tor aon logchomhad a chabhródh linn úsáideoirí a aithint. We do take some safe measurements of how the network functions, which you can check out at Tor Metrics.

Is oth linn a rá go bhfuil bogearra mailíseach ar do ríomhaire. Ní muidne a chruthaigh an bogearra mailíseach seo. Tá na daoine a chruthaigh é ag iarraidh ort Brabhsálaí Tor a íoslódáil anois sa chaoi go mbeidh tú in ann dul i dteagmháil leo gan ainm chun an t-airgead fuascailte a íoc.

Más é seo an chéad uair a chuala tú faoi Bhrabhsálaí Tor, b'fhéidir go gceapann tú gur drochdhaoine muid, agus go soláthraímid uirlisí do dhaoine fiú níos measa.

Ach leis an bhfírinne a rá, úsáideann go leor daoine ár gcuid bogearraí go laethúil ar bhealaí dlisteanacha: gníomhaithe ar son cearta daonna, iriseoirí, daoine a tháinig slán ó dhroch-íde sa mbaile, daoine nochta scéil, gardaí, agus neart eile. Faraor, is féidir le coirpigh agus le húdair bogearraí mailíseacha leas a bhaint as an gcosaint chéanna a sholáthraíonn Tor do na grúpaí seo. Níl aon ghlacadh againn le daoine a úsáideann ár gcuid bogearraí ar bhealaí mailíseacha.

Ní mholaimid duit Tor a úsáid le BitTorrent. For further details, please see our blog post on the subject.

Tá Tor á mhaoiniú ag urraitheoirí éagsúla, gníomhaireachtaí rialtais SAM, fondúireachtaí príobháideacha, agus daoine aonair san áireamh. Check out a list of all our sponsors and a series of blog posts on our financial reports.

We feel that talking openly about our sponsors and funding model is the best way to maintain trust with our community. Bímid ag lorg foinsí maoinithe níos ilchineálaí i gcónaí, go háirithe ó fhondúireachtaí agus ó dhaoine aonair.

Dearadh Tor chun cearta daonna agus príobháideachas a chosaint trí chosc a chur ar dhaoine cinsireacht a dhéanamh, muidne san áireamh. Is fuath linn go ndéanann daoine áirithe rudaí uafásacha ar líonra Tor, ach ní féidir linn bata is bóthar a thabhairt dóibh gan go leor gníomhaíoch, iriseoirí, agus daoine a tháinig slán ó dhroch-íde a chur i gcontúirt. Dá gcuirfimis cosc ar dhaoine áirithe, an bealach amháin a bheadh againn é sin a dhéanamh ná saghas "cúldorais" a chur ar fáil, rud a chuirfeadh ár gcuid úsáideoirí ionraice i gcontúirt ó dhrochrialtais agus ó naimhde eile.

Go raibh maith agat as tacú le Tor! You can find more information about donating on our donor FAQ.

For sharing files over Tor, OnionShare is a good option. OnionShare is an open source tool for securely and anonymously sending and receiving files using Tor onion services. It works by starting a web server directly on your computer and making it accessible as an unguessable Tor web address that others can load in Tor Browser to download files from you, or upload files to you. It doesn't require setting up a separate server, using a third party file-sharing service, or even logging into an account.

Unlike services like email, Google Drive, DropBox, WeTransfer, or nearly any other way people typically send files to each other, when you use OnionShare you don't give any companies access to the files that you're sharing. So long as you share the unguessable web address in a secure way (like pasting it in an encrypted messaging app), no one but you and the person you're sharing with can access the files.

OnionShare is developed by Micah Lee.

Cumraítear go leor athsheachadán le cosc a chur ar chineálacha áirithe tráchta a bhaineann le comhroinnt comhad, mar shampla BitTorrent. BitTorrent in particular is not anonymous over Tor.

Faoi láthair, tá Tor códáilte le 3 nód a úsáid, móide líon na n-athsheachadán sa chosán atá íogair. Is é sin le rá, úsáideann sé 3 cinn de ghnáth, ach má tá tú ag úsáid seirbhíse onion nó seoladh ".exit", d'fhéadfadh sé a bheith níos mó ná 3 cinn.

Níor mhaith linn moladh do dhaoine cosáin níos faide a úsáid toisc go gcruthódh sé sin lód níos troime ar an líonra, gan (go bhfios dúinn) slándáil a fheabhsú. Also, using paths longer than 3 could harm anonymity, first because it makes denial of security attacks easier, and second because it could act as an identifier if only a small number of users have the same path length as you.

Níl forbróirí Tor in ann aon rud a dhéanamh chun úsáideoirí Tor a lorg. Ní féidir linn úsáideoirí a lorg mar gheall ar na gnéithe céanna a chosnaíonn do chuid faisnéis phearsanta ar dhrochdhaoine.

Tor relies on the support of users and volunteers around the world to help us improve our software and resources, so your feedback is extremely valuable to us (and to all Tor users).

Feedback template

When sending us feedback or reporting a bug, please include as many of these as possible:

  • OS you are using
  • Tor Browser version
  • Step by step of how you got to the issue, so we can reproduce it (e.g. I opened the browser, typed a url, clicked on (i) icon, then my browser crashed)
  • A screenshot of the problem
  • The log

How to Reach Us

There are several ways to reach us, so please use what works best for you.

Trac

You can file a ticket at https://trac.torproject.org. We track all Tor Browser 9 related issues with the tbb-9.0-issues keyword. Tickets related to our website should be added with the component "Webpages/Website."

Email

Send us an email to frontdesk@torproject.org

In the subject line of your email, please tell us what you're reporting. The more specific your subject line is (e.g. "Connection failure", "feedback on website", "feedback on Tor Browser", "I need a bridge"), the easier it will be for us to understand and follow up. Sometimes when we receive emails without subject lines, they're marked as spam and we don't see them.

For the fastest response, please write in English, Spanish, and/or Portuguese if you can. If none of these languages works for you, please write in any language you feel comfortable with, but keep in mind it will take us a bit longer to answer as we will need help with translation to understand it.

Blog post comments

You can always leave comments on the blog post related to the issue or feedback you want to report. If there is not a blog post related to your issue, please contact us another way.

IRC

You can find us in the #tor channel on OFTC to give us feedback or report bugs/issues. We may not respond right away, but we do check the backlog and will get back to you when we can.

Learn how to connect to OFTC servers.

Email Lists

For reporting issues or feedback using email lists, we recommend that you do so on the one that is related to what you would like to report.

For feedback or issues related to Tor Browser, Tor network or other projects developed by Tor: tor-talk

For feedback or issues related to our websites: ux

For feedback or issues related to running a Tor relay: tor-relays

For feedback on content related to Tor Browser Manual or Support website: tor-community-team

Report a security issue

If you've found a security issue in one of our projects or in our infrastructure, please email tor-security@lists.torproject.org. If you've found a security bug in Tor or Tor Browser, feel free to submit it for our bug bounty program. If you want to encrypt your mail, you can get the GPG public key for the list by contacting tor-security-sendkey@lists.torproject.org or from pool.sks-keyservers.net. Here is the fingerprint:

  gpg --fingerprint tor-security@lists.torproject.org
  pub 4096R/1A7BF184 2017-03-13
  Key fingerprint = 8B90 4624 C5A2 8654 E453 9BC2 E135 A8B4 1A7B F184
  uid tor-security@lists.torproject.org
  uid tor-security@lists.torproject.org
  uid tor-security@lists.torproject.org
  sub 4096R/C00942E4 2017-03-13

Get in Touch

The #tor-project channel is where Tor people discuss and coordinate daily Tor work. It has fewer members than #tor and is more focused on the work at hand. You are also welcome to join this channel. To access #tor-project, your nickname (nick) must be registered and verified.

Here's how to reach #tor-project and other registered channels.

Register your nickname

  1. Log onto #tor. See How can I chat with Tor Project teams?

  2. Then, click on the word "Status" at the top left of the screen.

  3. In the window at the bottom of the page, type: /msg nickserv REGISTER yournewpassword youremailaddress

  4. Hit enter.

If all goes well, you will receive a message that you are registered.

The system may register you as your nick_ instead of your nick.

If so, just go with it but remember you are user_ and not user.

Every time you log on to IRC, to identify your registered nick, type:

/nick yournick

/msg nickserv IDENTIFY YourPassWord

How to verify your nickname

Then, to complete the registration and ultimately gain access to the #tor-project channel, your nickname must be verified.

  1. To verify your nick, open a new browser window and go to https://webchat.oftc.net/?channels=tor.

  2. Log in with your IRC nickname and password.

  3. Look for the word verify and log in there. It may appear that nothing has happened. Look at the top of the page, and there will be a column called Account.

  4. Click on Account.

  5. Click on the small sentence at the bottom of the square that says: Verify account.

  6. Fill out the CAPTCHA that pops up, and click ok.

  7. A tiny message will appear: "Your NickServ account has been verified."

  8. Go back to the IRC webpage where you are logged in and type:

    /msg nickserv checkverify

  9. Click ENTER.

  10. If all is well, you will receive a message that says:

*!NickServ*checkverify

Usermodechange: +R

!NickServ- Successfully set +R on your nick.
`

Your nick is verified!

Now, to join #tor-project, you can just type:

/join #tor-project and hit enter.

You will be allowed into the channel. If so, Congratulations!

However, if you get stuck, you can ask for help in the #tor channel.

You can toggle back and forth between channels by clicking on the different channel names at the top left of the IRC window.

Here is how you can get onto IRC and start to chat with Tor contributors in real time:

  1. Enter in OFTC webchat.

  2. Fill in the blanks:

    NICKNAME: Anything you want, but choose the same nickname (nick) every time you use IRC to talk to people on Tor. If your nick is already being used, you will get a message from the system and you should choose another nick.

    CHANNEL: #tor

  3. Click Enter

Congratulations! You're on IRC.

After a few seconds, you will automatically enter #tor, which is a chatroom with Tor developers, relay operators and other community members. There are some random people in #tor as well.

You can ask questions in the empty bar at the bottom of the screen. Please, don't ask to ask, just ask your question.

People may be able to answer right away, or there may be a bit of a delay (some people are listed on the channel but are away from their keyboards and record channel activities to read later).

If you want to chat with someone specific, start your comment with their nick and they will typically receive a notification that someone is trying to contact them.

OFTC often doesn't allow people to use their webchat over Tor. For this reason, and because many people end up preferring it anyway, you should also consider using an IRC client.

Tor relies on the support of users and volunteers around the world to help us improve our software and resources, so your feedback is extremely valuable to us (and to all Tor users).

Feedback template

When sending us feedback or reporting a bug, please include as many of these as possible:

  • OS you are using
  • Tor Browser version
  • Step by step of how you got to the issue, so we can reproduce it (e.g. I opened the browser, typed a url, clicked on (i) icon, then my browser crashed)
  • A screenshot of the problem
  • The log

How to Reach Us

There are several ways to reach us, so please use what works best for you.

Trac

You can file a ticket at https://trac.torproject.org. We track all Tor Browser 9 related issues with the tbb-9.0-issues keyword. Tickets related to our website should be added with the component "Webpages/Website."

Email

Send us an email to frontdesk@torproject.org

In the subject line of your email, please tell us what you're reporting. The more specific your subject line is (e.g. "Connection failure", "feedback on website", "feedback on Tor Browser", "I need a bridge"), the easier it will be for us to understand and follow up. Sometimes when we receive emails without subject lines, they're marked as spam and we don't see them.

For the fastest response, please write in English, Spanish, and/or Portuguese if you can. If none of these languages works for you, please write in any language you feel comfortable with, but keep in mind it will take us a bit longer to answer as we will need help with translation to understand it.

Blog post comments

You can always leave comments on the blog post related to the issue or feedback you want to report. If there is not a blog post related to your issue, please contact us another way.

IRC

You can find us in the #tor channel on OFTC to give us feedback or report bugs/issues. We may not respond right away, but we do check the backlog and will get back to you when we can.

Learn how to connect to OFTC servers.

Email Lists

For reporting issues or feedback using email lists, we recommend that you do so on the one that is related to what you would like to report.

For feedback or issues related to Tor Browser, Tor network or other projects developed by Tor: tor-talk

For feedback or issues related to our websites: ux

For feedback or issues related to running a Tor relay: tor-relays

For feedback on content related to Tor Browser Manual or Support website: tor-community-team

Report a security issue

If you've found a security issue in one of our projects or in our infrastructure, please email tor-security@lists.torproject.org. If you've found a security bug in Tor or Tor Browser, feel free to submit it for our bug bounty program. If you want to encrypt your mail, you can get the GPG public key for the list by contacting tor-security-sendkey@lists.torproject.org or from pool.sks-keyservers.net. Here is the fingerprint:

  gpg --fingerprint tor-security@lists.torproject.org
  pub 4096R/1A7BF184 2017-03-13
  Key fingerprint = 8B90 4624 C5A2 8654 E453 9BC2 E135 A8B4 1A7B F184
  uid tor-security@lists.torproject.org
  uid tor-security@lists.torproject.org
  uid tor-security@lists.torproject.org
  sub 4096R/C00942E4 2017-03-13

Debian Repository

Yes, deb.torproject.org is also served through via an Onion Service: http://sdscoq7snqtznauu.onion/

Note: The symbol # refers to running the code as root. This means you should have access to a user account with system administration privileges, e.g your user should be in the sudo group.

To use Apt over Tor, the apt transport needs to be installed:

   # apt install apt-transport-tor

Then replace the address in the lines added before with, for example:

   # For the stable version.
   deb tor://sdscoq7snqtznauu.onion/torproject.org <DISTRIBUTION> main

   # For the unstable version.
   deb tor://sdscoq7snqtznauu.onion/torproject.org tor-nightly-master-<DISTRIBUTION> main

Replace <DISTRIBUTION> with your Operating System codename. Run lsb_release -c or cat /etc/debian_version to check the Operating System version.

Now refresh your sources and try to install tor again:

   # apt update
   # apt install tor

No. Do not use the packages in Ubuntu's universe. In the past they have not been reliably updated. That means you could be missing stability and security fixes. Instead, please use Tor Debian repository.

The Tor Project maintains its own Debian package repository. Since Debian provides the LTS version of Tor, this might not always give you the latest stable Tor version. Therefore, it's recommended to install tor from our repository.

Here's how you can enable Tor Package Repository in Debian based distributions:

Note: The symbol # refers to running the code as root. This means you should have access to a user account with system administration privileges, e.g your user should be in the sudo group.

1. Install apt-transport-https

To enable all package managers using the libapt-pkg library to access metadata and packages available in sources accessible over https (Hypertext Transfer Protocol Secure).

   # apt install apt-transport-https

2. Add the following entries to /etc/apt/sources.list or a new file in /etc/apt/sources.list.d/

   deb https://deb.torproject.org/torproject.org <DISTRIBUTION> main
   deb-src https://deb.torproject.org/torproject.org <DISTRIBUTION> main

If you want to try experimental packages:

   deb https://deb.torproject.org/torproject.org tor-experimental-0.3.4.x-<DISTRIBUTION> main
   deb-src https://deb.torproject.org/torproject.org tor-experimental-0.3.4.x-<DISTRIBUTION> main

Or nightly builds:

   deb https://deb.torproject.org/torproject.org tor-nightly-master-<DISTRIBUTION> main
   deb-src https://deb.torproject.org/torproject.org tor-nightly-master-<DISTRIBUTION> main

Replace <DISTRIBUTION> with your Operating System codename. Run lsb_release -c or cat /etc/debian_version to check the Operating System version.

3. Then add the gpg key used to sign the packages by running the following commands at your command prompt

   # wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import
   # gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

4. Install tor and tor debian keyring

We provide a Debian package to help you keep our signing key current. It is recommended you use it. Install it with the following commands:

   # apt update
   # apt install tor deb.torproject.org-keyring

Tor rpm packages

The Tor Project maintains its own RPM package repository for CentOS and RHEL and Fedora.

Note: The symbol # refers to be running the code as root. That means you should have access to a user account with system administration privileges, e.g your user should be in the sudo group.

Here's how you can enable Tor Package Repository for both CentOS and RHEL and Fedora:

1. Enable epel repository (only for CentOS and RHEL)

# dnf install epel-release -y

2. Add the following to /etc/yum.repos.d/tor.repo

For CentOS or RHEL:

[tor]
name=Tor for Enterprise Linux $releasever - $basearch
baseurl=https://rpm.torproject.org/centos/$releasever/$basearch
enabled=1
gpgcheck=1
gpgkey=https://rpm.torproject.org/centos/public_gpg.key
cost=100

For Fedora:

[tor]
name=Tor for Fedora $releasever - $basearch
baseurl=https://rpm.torproject.org/fedora/$releasever/$basearch
enabled=1
gpgcheck=1
gpgkey=https://rpm.torproject.org/fedora/public_gpg.key
cost=100

3. Install the Tor package

Then you can install the latest Tor package.

# dnf install tor -y

Using it for the first time, you will have to import the GPG public key.

Importing GPG key 0x3621CD35:
Userid     : "Kushal Das (RPM Signing key) <kushal@torproject.org>"
Fingerprint: 999E C8E3 14BC 8D46 022D 6C7D E217 C30C 3621 CD35
From       : https://rpm.torproject.org/fedora/public_gpg.key
Is this ok [y/N]: y

Abuse FAQs

Criminals can already do bad things. Since they're willing to break laws, they already have lots of options available that provide better privacy than Tor provides. They can steal cell phones, use them, and throw them in a ditch; they can crack into computers in Korea or Brazil and use them to launch abusive activities; they can use spyware, viruses, and other techniques to take control of literally millions of Windows machines around the world.

Tor aims to provide protection for ordinary people who want to follow the law. Only criminals have privacy right now, and we need to fix that.

Some advocates of anonymity explain that it's just a tradeoff — accepting the bad uses for the good ones — but there's more to it than that. Criminals and other bad people have the motivation to learn how to get good anonymity, and many have the motivation to pay well to achieve it. Being able to steal and reuse the identities of innocent victims (identity theft) makes it even easier. Normal people, on the other hand, don't have the time or money to spend figuring out how to get privacy online. This is the worst of all possible worlds.

So yes, criminals can use Tor, but they already have better options, and it seems unlikely that taking Tor away from the world will stop them from doing their bad things. At the same time, Tor and other privacy measures can fight identity theft, physical crimes like stalking, and so on.

Distributed denial of service (DDoS) attacks typically rely on having a group of thousands of computers all sending floods of traffic to a victim. Since the goal is to overpower the bandwidth of the victim, they typically send UDP packets since those don't require handshakes or coordination.

But because Tor only transports correctly formed TCP streams, not all IP packets, you cannot send UDP packets over Tor. (You can't do specialized forms of this attack like SYN flooding either.) So ordinary DDoS attacks are not possible over Tor. Tor also doesn't allow bandwidth amplification attacks against external sites: you need to send in a byte for every byte that the Tor network will send to your destination. So in general, attackers who control enough bandwidth to launch an effective DDoS attack can do it just fine without Tor.

First of all, the default Tor exit policy rejects all outgoing port 25 (SMTP) traffic. So sending spam mail through Tor isn't going to work by default. It's possible that some relay operators will enable port 25 on their particular exit node, in which case that computer will allow outgoing mails; but that individual could just set up an open mail relay too, independent of Tor. In short, Tor isn't useful for spamming, because nearly all Tor relays refuse to deliver the mail.

Of course, it's not all about delivering the mail. Spammers can use Tor to connect to open HTTP proxies (and from there to SMTP servers); to connect to badly written mail-sending CGI scripts; and to control their botnets — that is, to covertly communicate with armies of compromised computers that deliver the spam.

This is a shame, but notice that spammers are already doing great without Tor. Also, remember that many of their more subtle communication mechanisms (like spoofed UDP packets) can't be used over Tor, because it only transports correctly-formed TCP connections.

Not much, in the grand scheme of things. The network has been running since October 2003, and it's only generated a handful of complaints. Of course, like all privacy-oriented networks on the net, it attracts its share of jerks. Tor's exit policies help separate the role of "willing to donate resources to the network" from the role of "willing to deal with exit abuse complaints," so we hope our network is more sustainable than past attempts at anonymity networks.

Since Tor has many good uses as well, we feel that we're doing pretty well at striking a balance currently.

If you run a Tor relay that allows exit connections (such as the default exit policy), it's probably safe to say that you will eventually hear from somebody. Abuse complaints may come in a variety of forms. For example:

  • Somebody connects to Hotmail, and sends a ransom note to a company. The FBI sends you a polite email, you explain that you run a Tor relay, and they say "oh well" and leave you alone. [Port 80]
  • Somebody tries to get you shut down by using Tor to connect to Google groups and post spam to Usenet, and then sends an angry mail to your ISP about how you're destroying the world. [Port 80]
  • Somebody connects to an IRC network and makes a nuisance of himself. Your ISP gets polite mail about how your computer has been compromised; and/or your computer gets DDoSed. [Port 6667]
  • Somebody uses Tor to download a Vin Diesel movie, and your ISP gets a DMCA takedown notice. See EFF's Tor DMCA Response Template, which explains why your ISP can probably ignore the notice without any liability. [Arbitrary ports]

Some hosting providers are friendlier than others when it comes to Tor exits. For a listing see the good and bad ISPs wiki.

For a complete set of template responses to different abuse complaint types, see the collection of templates. You can also proactively reduce the amount of abuse you get by following these tips for running an exit node with minimal harassment and running a reduced exit policy.

You might also find that your Tor relay's IP is blocked from accessing some Internet sites/services. This might happen regardless of your exit policy, because some groups don't seem to know or care that Tor has exit policies. (If you have a spare IP not used for other activities, you might consider running your Tor relay on it.) In general, it's advisable not to use your home internet connection to provide a Tor relay.

A collection of templates for successfully responding to ISPs is collected here.

Sometimes jerks make use of Tor to troll IRC channels. This abuse results in IP-specific temporary bans ("klines" in IRC lingo), as the network operators try to keep the troll off of their network.

This response underscores a fundamental flaw in IRC's security model: they assume that IP addresses equate to humans, and by banning the IP address they can ban the human. In reality, this is not the case — many such trolls routinely make use of the literally millions of open proxies and compromised computers around the Internet. The IRC networks are fighting a losing battle of trying to block all these nodes, and an entire cottage industry of blacklists and counter-trolls has sprung up based on this flawed security model (not unlike the antivirus industry). The Tor network is just a drop in the bucket here.

On the other hand, from the viewpoint of IRC server operators, security is not an all-or-nothing thing. By responding quickly to trolls or any other social attack, it may be possible to make the attack scenario less attractive to the attacker. And most individual IP addresses do equate to individual humans, on any given IRC network at any given time. The exceptions include NAT gateways which may be allocated access as special cases. While it's a losing battle to try to stop the use of open proxies, it's not generally a losing battle to keep klining a single ill-behaved IRC user until that user gets bored and goes away.

But the real answer is to implement application-level auth systems, to let in well-behaving users and keep out badly-behaving users. This needs to be based on some property of the human (such as a password they know), not some property of the way their packets are transported.

Of course, not all IRC networks are trying to ban Tor nodes. After all, quite a few people use Tor to IRC in privacy in order to carry on legitimate communications without tying them to their real-world identity. Each IRC network needs to decide for itself if blocking a few more of the millions of IPs that bad people can use is worth losing the contributions from the well-behaved Tor users.

If you're being blocked, have a discussion with the network operators and explain the issues to them. They may not be aware of the existence of Tor at all, or they may not be aware that the hostnames they're klining are Tor exit nodes. If you explain the problem, and they conclude that Tor ought to be blocked, you may want to consider moving to a network that is more open to free speech. Maybe inviting them to #tor on irc.oftc.net will help show them that we are not all evil people.

Finally, if you become aware of an IRC network that seems to be blocking Tor, or a single Tor exit node, please put that information on The Tor IRC block tracker so that others can share. At least one IRC network consults that page to unblock exit nodes that have been blocked inadvertently.

Even though Tor isn't useful for spamming, some over-zealous blacklisters seem to think that all open networks like Tor are evil — they attempt to strong-arm network administrators on policy, service, and routing issues, and then extract ransoms from victims.

If your server administrators decide to make use of these blacklists to refuse incoming mail, you should have a conversation with them and explain about Tor and Tor's exit policies.

We're sorry to hear that. There are some situations where it makes sense to block anonymous users for an Internet service. But in many cases, there are easier solutions that can solve your problem while still allowing users to access your website securely.

First, ask yourself if there's a way to do application-level decisions to separate the legitimate users from the jerks. For example, you might have certain areas of the site, or certain privileges like posting, available only to people who are registered. It's easy to build an up-to-date list of Tor IP addresses that allow connections to your service, so you could set up this distinction only for Tor users. This way you can have multi-tiered access and not have to ban every aspect of your service.

For example, the Freenode IRC network had a problem with a coordinated group of abusers joining channels and subtly taking over the conversation; but when they labeled all users coming from Tor nodes as "anonymous users," removing the ability of the abusers to blend in, the abusers moved back to using their open proxies and bot networks.

Second, consider that hundreds of thousands of people use Tor every day simply for good data hygiene — for example, to protect against data-gathering advertising companies while going about their normal activities. Others use Tor because it's their only way to get past restrictive local firewalls. Some Tor users may be legitimately connecting to your service right now to carry on normal activities. You need to decide whether banning the Tor network is worth losing the contributions of these users, as well as potential future legitimate users. (Often people don't have a good measure of how many polite Tor users are connecting to their service — you never notice them until there's an impolite one.)

At this point, you should also ask yourself what you do about other services that aggregate many users behind a few IP addresses. Tor is not so different from AOL in this respect.

Lastly, please remember that Tor relays have individual exit policies. Many Tor relays do not allow exiting connections at all. Many of those that do allow some exit connections might already disallow connections to your service. When you go about banning nodes, you should parse the exit policies and only block the ones that allow these connections; and you should keep in mind that exit policies can change (as well as the overall list of nodes in the network).

If you really want to do this, we provide a Tor exit relay list or a DNS-based list you can query.

(Some system administrators block ranges of IP addresses because of official policy or some abuse pattern, but some have also asked about whitelisting Tor exit relays because they want to permit access to their systems only using Tor. These scripts are usable for whitelisting as well.)

Níl forbróirí Tor in ann aon rud a dhéanamh chun úsáideoirí Tor a lorg. The same protections that keep bad people from breaking Tor's anonymity also prevent us from figuring out what's going on.

Some fans have suggested that we redesign Tor to include a backdoor. There are two problems with this idea. First, it technically weakens the system too far. Having a central way to link users to their activities is a gaping hole for all sorts of attackers; and the policy mechanisms needed to ensure correct handling of this responsibility are enormous and unsolved. Second, the bad people aren't going to get caught by this anyway, since they will use other means to ensure their anonymity (identity theft, compromising computers and using them as bounce points, etc).

This ultimately means that it is the responsibility of site owners to protect themselves against compromise and security issues that can come from anywhere. This is just part of signing up for the benefits of the Internet. You must be prepared to secure yourself against the bad elements, wherever they may come from. Tracking and increased surveillance are not the answer to preventing abuse.

But remember that this doesn't mean that Tor is invulnerable. Traditional police techniques can still be very effective against Tor, such as investigating means, motive, and opportunity, interviewing suspects, writing style analysis, technical analysis of the content itself, sting operations, keyboard taps, and other physical investigations. The Tor Project is also happy to work with everyone including law enforcement groups to train them how to use the Tor software to safely conduct investigations or anonymized activities online.

The Tor Project does not host, control, nor have the ability to discover the owner or location of a .onion address. The .onion address is an address from an onion service. The name you see ending in .onion is an onion service descriptor. It's an automatically generated name which can be located on any Tor relay or client anywhere on the Internet. Onion services are designed to protect both the user and service provider from discovering who they are and where they are from. The design of onion services means the owner and location of the .onion site is hidden even from us.

But remember that this doesn't mean that onion services are invulnerable. Traditional police techniques can still be very effective against them, such as interviewing suspects, writing style analysis, technical analysis of the content itself, sting operations, keyboard taps, and other physical investigations.

If you have a complaint about child abuse materials, you may wish to report it to the National Center for Missing and Exploited Children, which serves as a national coordination point for investigation of child pornography: http://www.missingkids.com/. We do not view links you report.

We take abuse seriously. Activists and law enforcement use Tor to investigate abuse and help support survivors. We work with them to help them understand how Tor can help their work. In some cases, technological mistakes are being made and we help to correct them. Because some people in survivors' communities embrace stigma instead of compassion, seeking support from fellow victims requires privacy-preserving technology.

Our refusal to build backdoors and censorship into Tor is not because of a lack of concern. We refuse to weaken Tor because it would harm efforts to combat child abuse and human trafficking in the physical world, while removing safe spaces for victims online. Meanwhile, criminals would still have access to botnets, stolen phones, hacked hosting accounts, the postal system, couriers, corrupt officials, and whatever technology emerges to trade content. They are early adopters of technology. In the face of this, it is dangerous for policymakers to assume that blocking and filtering is sufficient. We are more interested in helping efforts to halt and prevent child abuse than helping politicians score points with constituents by hiding it. The role of corruption is especially troubling; see this United Nations report on The Role of Corruption in Trafficking in Persons.

Finally, it is important to consider the world that children will encounter as adults when enacting policy in their name. Will they thank us if they are unable to voice their opinions safely as adults? What if they are trying to expose a failure of the state to protect other children?