How to manage Tor service on Linux
How to install Tor on Linux
The Tor package is available on most Linux distributions and can be installed from standard repositories.
Tor installation on Debian, Linux Mint, Ubuntu, Kali Linux and their derivatives:
sudo apt install tor
Tor installation on Arch Linux, BlackArch and their derivatives:
sudo pacman -S tor
To run Tor, no configuration is required – the program already has default values for options. However, you can change many of Tor's operating parameters using the command line options and directives in the configuration file.
How to start the Tor service
To start use the command:
sudo systemctl start tor
To check the status:
systemctl status tor
To add the Tor service to startup so that it starts every time the computer is booting:
sudo systemctl enable tor
To stop the Tor service:
sudo systemctl stop tor
To remove from startup:
sudo systemctl disable tor
How to start the tor service without switching to the background
The tor launch methods shown above turn it into a daemon – that is, a process that runs in the background and is detached from the console.
If you want the Tor service not to go into the background, for example, for debugging, and so that it can be closed with CTRL+c, then start the Tor service as follows in Debian and its derivatives:
sudo -u debian-tor tor
On Arch Linux, BlackArch, and derivatives, the startup is done like this:
sudo -u tor tor
In fact, tor does not require superuser privileges. But for the service to work, it needs files and directories (/var/lib/tor) the permissions to which are closed to all users (even root) and which belong to the debian-tor or tor user (the username depends on the distribution). For this reason, sudo is used with the -u option, followed by the name of the user on whose behalf the command is executed.
Example of running tor without demonization:
Lines containing the word Bootstrapped indicate the progress of connecting to the Tor network. When everything is ready for traffic exchange with the Internet through the Tor network, it will display:
Bootstrapped 100% (done): Done
Tor Settings Files
The main configuration file for the Tor service is /etc/tor/torrc. This file contains only comments, that is, by default it does not set any settings. Tor has default configuration for all settings. For this reason, the file is optional – if it is missing, the Tor service will still start.
If the file /etc/tor/torrc is not found, an attempt will be made to find the file $HOME/.torrc. If there is no such file either, then Tor will simply continue to launch.
There is another configuration file with default settings: /etc/tor/torrc-defaults. The idea is that it should contain default options that can be overwritten with /etc/tor/torrc or $HOME/.torrc. But in practice, this file does not even come with the Tor package.
Next, consider a few options related to configuration files. These options can be specified when the service starts via the tor file.
--verify-config
Checking the Tor configuration file for correctness.
The launch depends on the tor username on the system:
sudo -u debian-tor tor --verify-config
Or so:
sudo -u tor tor --verify-config
-f FILE
Specifies a new configuration file containing further Tor configuration options. If you specify - (dash), then the options will be read from standard input. By default, /etc/tor/torrc or, if this file is not found, then $HOME/.torrc).
--allow-missing-torrc
Do not require the configuration file specified by the -f option to exist if you can access the default torrc).
--defaults-torrc FILE
Specifies the file in which to search for default values for the Tor options. The contents of this file are overwritten with the usual configuration files and options from the command line (by default /etc/tor/torrc-defaults).
--ignore-missing-torrc
Indicates that Tor should process the missing torrc file as if it were empty. Normally, Tor does this because there are no default torrc files, but not for files specified on the command line.
Configure Tor Logs
Tor logs are configured in the configuration file using the Log directive. This directive consists of three components:
Log SEVERITY_ LEVEL SOURCE_OUTPUT
SEVERITY_ LEVEL can be: debug, info, notice, warn and err. It is permissible to specify ranges of the form:
Log MINIMUM_SEVERITY-MAXIMUM_SEVERITY SOURCE_OUTPUT
As SOURCE_OUTPUT can be:
- stderr – standard error output
- stdout – standard output
- syslog – system log (Unix only)
- file FILE_NAME – save the log to a file
For example, to output notice level messages to standard output, you would write this:
Log notice stdout
To display messages from the info level to the err level in the tor.log file, you need to write the following directive to the configuration file:
Log info-err file /var/lib/tor/tor.log
The Log directive can be specified several times.
How to view Tor logs
You can view Tor logs in various ways, one of the options is:
journalctl -u tor
Please note that if you have Debian or a release from this distribution, then in the previous and next you need to specify the debian-tor user instead of tor, for example:
journalctl -u debian-tor
For example, to display the last 100 entries:
journalctl -u tor | tail -n 100
You can also view Tor events using:
journalctl -u "tor.service"
or with:
journalctl /usr/bin/tor
How to start the Tor service with options
Tor has many options that have default values. These values can be changed in the Tor configuration files, which are discussed in the next article.
You can start Tor service on the command line with the options used in the configuration file, for this, use a command of the form:
tor OPTION VALUE
Since in most cases you need to start the service as a debian-tor or tor user, the commands should look something like this (for Debian and derivatives):
sudo -u debian-tor tor OPTION1 VALUE1 OPTION2 VALUE2 OPTION3 VALUE3
On Arch Linux, BlackArch, and derivatives, the startup is done like this:
sudo -u tor tor OPTION1 VALUE1 OPTION2 VALUE2 OPTION3 VALUE3
An example of starting the Tor service with options for replacing their values from the configuration file:
sudo -u tor tor SocksPort 9100 DNSPort 53000
If the VALUE for an OPTION consists of more than one word, or includes special characters, then it must be enclosed in quotation marks, for example:
sudo -u tor tor Log 'info stdout'
See the next article for rules for rewriting or adding option values.
How to use the Tor service on Linux
After starting the Tor service on your computer, the SOCKS proxy becomes available. If you do not know what it is, then it is recommended that you read the article ‘Proxy types, how to use proxy, how to check the quality of proxies’.
This proxy is available on the IP address and port localhost:9050.
About how to configure proxies in Linux, see here.
Remember that some programs have their own proxy settings and may ignore system-wide settings:
Remember that you must specify localhost as the IP address, and 9050 as the port number.
Many programs can work directly with SOCKS4 and SOCKS5:
curl --socks5 localhost:9050 suip.biz/ip/
Compare with the output:
curl suip.biz/ip/
If the program supports only HTTP/HTTPS proxies, but does not know how to work with SOCKS, then use the Privoxy or ProxyChains-NG program as a mediator.
Tor troubleshooting
Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running?
If you encounter "Could not bind to …: Address already in use." Errors, for example:
Nov 07 10:34:13.816 [notice] Opening Socks listener on 127.0.0.1:9050 Nov 07 10:34:13.816 [warn] Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running? Nov 07 10:34:13.816 [notice] Opening DNS listener on 127.0.0.1:5353 Nov 07 10:34:13.816 [notice] Opened DNS listener on 127.0.0.1:5353 Nov 07 10:34:13.816 [notice] Opening Transparent pf/netfilter listener on 127.0.0.1:9040 Nov 07 10:34:13.816 [warn] Could not bind to 127.0.0.1:9040: Address already in use. Is Tor already running? Nov 07 10:34:13.816 [notice] Closing partially-constructed DNS listener on 127.0.0.1:5353 Nov 07 10:34:13.816 [warn] Failed to parse/validate config: Failed to bind one of the listener ports. Nov 07 10:34:13.816 [err] Reading config failed--see warnings above.
This means that the ports that Tor is trying to listen to are already binded by another process, possibly another running instance of Tor. To correct this situation, stop another instance of the tor service or find a program that occupies this port.
Directory /var/lib/tor cannot be read: Permission denied
Error:
Nov 07 12:56:43.834 [warn] Directory /var/lib/tor cannot be read: Permission denied Nov 07 12:56:43.834 [warn] Failed to parse/validate config: Couldn't create private data directory "/var/lib/tor" Nov 07 12:56:43.834 [err] Reading config failed--see warnings above.
occurs when the tor process does not have sufficient permissions to access the /var/lib/tor folder. You must start the tor process on behalf of the corresponding debian-tor or tor user as follows:
sudo -u debian-tor tor #OR sudo -u tor tor
/var/lib/tor is not owned by this user
If such errors occur:
Nov 07 10:34:52.481 [warn] /var/lib/tor is not owned by this user (root, 0) but by tor (43). Perhaps you are running Tor as the wrong user? Nov 07 10:34:52.481 [warn] Failed to parse/validate config: Couldn't create private data directory "/var/lib/tor" Nov 07 10:34:52.481 [err] Reading config failed--see warnings above.
This means that you run Tor as root, and you need to run as debian-tor or tor user as follows:
sudo -u debian-tor tor #OR sudo -u tor tor
Related articles:
- Tor tips and usage examples (100%)
- Free easy way to hide IP in Linux (91.1%)
- How to install and run Tor Browser on Kali Linux (91.1%)
- How to install Tor and create Tor hidden service on Windows (91.1%)
- How to redirect all traffic through the Tor network (91.1%)
- How to bypass Cloudflare, Incapsula, SUCURI and another WAF (RANDOM - 11.8%)