How to manage Tor service on Linux

How to install Tor on Linux

The Tor package is available on most Linux distributions and can be installed from standard repositories.

Tor installation on Debian, Linux Mint, Ubuntu, Kali Linux and their derivatives:

sudo apt install tor

Tor installation on Arch Linux, BlackArch and their derivatives:

sudo pacman -S tor

To run Tor, no configuration is required – the program already has default values for options. However, you can change many of Tor's operating parameters using the command line options and directives in the configuration file.

How to start the Tor service

To start use the command:

sudo systemctl start tor

To check the status:

systemctl status tor

To add the Tor service to startup so that it starts every time the computer is booting:

sudo systemctl enable tor

To stop the Tor service:

sudo systemctl stop tor

To remove from startup:

sudo systemctl disable tor

How to start the tor service without switching to the background

The tor launch methods shown above turn it into a daemon – that is, a process that runs in the background and is detached from the console.

If you want the Tor service not to go into the background, for example, for debugging, and so that it can be closed with CTRL+c, then start the Tor service as follows in Debian and its derivatives:

sudo -u debian-tor tor

On Arch Linux, BlackArch, and derivatives, the startup is done like this:

sudo -u tor tor

In fact, tor does not require superuser privileges. But for the service to work, it needs files and directories (/var/lib/tor) the permissions to which are closed to all users (even root) and which belong to the debian-tor or tor user (the username depends on the distribution). For this reason, sudo is used with the -u option, followed by the name of the user on whose behalf the command is executed.

Example of running tor without demonization:

Lines containing the word Bootstrapped indicate the progress of connecting to the Tor network. When everything is ready for traffic exchange with the Internet through the Tor network, it will display:

Bootstrapped 100% (done): Done

Tor Settings Files

The main configuration file for the Tor service is /etc/tor/torrc. This file contains only comments, that is, by default it does not set any settings. Tor has default configuration for all settings. For this reason, the file is optional – if it is missing, the Tor service will still start.

If the file /etc/tor/torrc is not found, an attempt will be made to find the file $HOME/.torrc. If there is no such file either, then Tor will simply continue to launch.

There is another configuration file with default settings: /etc/tor/torrc-defaults. The idea is that it should contain default options that can be overwritten with /etc/tor/torrc or $HOME/.torrc. But in practice, this file does not even come with the Tor package.

Next, consider a few options related to configuration files. These options can be specified when the service starts via the tor file.

--verify-config

Checking the Tor configuration file for correctness.

The launch depends on the tor username on the system:

sudo -u debian-tor tor --verify-config

Or so:

sudo -u tor tor --verify-config

-f FILE

Specifies a new configuration file containing further Tor configuration options. If you specify - (dash), then the options will be read from standard input. By default, /etc/tor/torrc or, if this file is not found, then $HOME/.torrc).

--allow-missing-torrc

Do not require the configuration file specified by the -f option to exist if you can access the default torrc).

--defaults-torrc FILE

Specifies the file in which to search for default values for the Tor options. The contents of this file are overwritten with the usual configuration files and options from the command line (by default /etc/tor/torrc-defaults).

--ignore-missing-torrc

Indicates that Tor should process the missing torrc file as if it were empty. Normally, Tor does this because there are no default torrc files, but not for files specified on the command line.

Configure Tor Logs

Tor logs are configured in the configuration file using the Log directive. This directive consists of three components:

Log SEVERITY_ LEVEL SOURCE_OUTPUT

SEVERITY_ LEVEL can be: debug, info, notice, warn and err. It is permissible to specify ranges of the form:

Log MINIMUM_SEVERITY-MAXIMUM_SEVERITY SOURCE_OUTPUT

As SOURCE_OUTPUT can be:

  • stderr – standard error output
  • stdout – standard output
  • syslog – system log (Unix only)
  • file FILE_NAME – save the log to a file

For example, to output notice level messages to standard output, you would write this:

Log notice stdout

To display messages from the info level to the err level in the tor.log file, you need to write the following directive to the configuration file:

Log info-err file /var/lib/tor/tor.log

The Log directive can be specified several times.

How to view Tor logs

You can view Tor logs in various ways, one of the options is:

journalctl -u tor

Please note that if you have Debian or a release from this distribution, then in the previous and next you need to specify the debian-tor user instead of tor, for example:

journalctl -u debian-tor

For example, to display the last 100 entries:

journalctl -u tor | tail -n 100

You can also view Tor events using:

journalctl -u "tor.service"

or with:

journalctl /usr/bin/tor

How to start the Tor service with options

Tor has many options that have default values. These values can be changed in the Tor configuration files, which are discussed in the next article.

You can start Tor service on the command line with the options used in the configuration file, for this, use a command of the form:

tor OPTION VALUE

Since in most cases you need to start the service as a debian-tor or tor user, the commands should look something like this (for Debian and derivatives):

sudo -u debian-tor tor OPTION1 VALUE1 OPTION2 VALUE2 OPTION3 VALUE3

On Arch Linux, BlackArch, and derivatives, the startup is done like this:

sudo -u tor tor OPTION1 VALUE1 OPTION2 VALUE2 OPTION3 VALUE3

An example of starting the Tor service with options for replacing their values from the configuration file:

sudo -u tor tor SocksPort 9100 DNSPort 53000

If the VALUE for an OPTION consists of more than one word, or includes special characters, then it must be enclosed in quotation marks, for example:

sudo -u tor tor Log 'info stdout'

See the next article for rules for rewriting or adding option values.

How to use the Tor service on Linux

After starting the Tor service on your computer, the SOCKS proxy becomes available. If you do not know what it is, then it is recommended that you read the article ‘Proxy types, how to use proxy, how to check the quality of proxies’.

This proxy is available on the IP address and port localhost:9050.

About how to configure proxies in Linux, see here.

Remember that some programs have their own proxy settings and may ignore system-wide settings:

Remember that you must specify localhost as the IP address, and 9050 as the port number.

Many programs can work directly with SOCKS4 and SOCKS5:

curl --socks5 localhost:9050 suip.biz/ip/

Compare with the output:

curl suip.biz/ip/

If the program supports only HTTP/HTTPS proxies, but does not know how to work with SOCKS, then use the Privoxy or ProxyChains-NG program as a mediator.

Tor troubleshooting

Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running?

If you encounter "Could not bind to …: Address already in use." Errors, for example:

Nov 07 10:34:13.816 [notice] Opening Socks listener on 127.0.0.1:9050
Nov 07 10:34:13.816 [warn] Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running?
Nov 07 10:34:13.816 [notice] Opening DNS listener on 127.0.0.1:5353
Nov 07 10:34:13.816 [notice] Opened DNS listener on 127.0.0.1:5353
Nov 07 10:34:13.816 [notice] Opening Transparent pf/netfilter listener on 127.0.0.1:9040
Nov 07 10:34:13.816 [warn] Could not bind to 127.0.0.1:9040: Address already in use. Is Tor already running?
Nov 07 10:34:13.816 [notice] Closing partially-constructed DNS listener on 127.0.0.1:5353
Nov 07 10:34:13.816 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
Nov 07 10:34:13.816 [err] Reading config failed--see warnings above.

This means that the ports that Tor is trying to listen to are already binded by another process, possibly another running instance of Tor. To correct this situation, stop another instance of the tor service or find a program that occupies this port.

Directory /var/lib/tor cannot be read: Permission denied

Error:

Nov 07 12:56:43.834 [warn] Directory /var/lib/tor cannot be read: Permission denied
Nov 07 12:56:43.834 [warn] Failed to parse/validate config: Couldn't create private data directory "/var/lib/tor"
Nov 07 12:56:43.834 [err] Reading config failed--see warnings above.

occurs when the tor process does not have sufficient permissions to access the /var/lib/tor folder. You must start the tor process on behalf of the corresponding debian-tor or tor user as follows:

sudo -u debian-tor tor
#OR
sudo -u tor tor

/var/lib/tor is not owned by this user

If such errors occur:

Nov 07 10:34:52.481 [warn] /var/lib/tor is not owned by this user (root, 0) but by tor (43). Perhaps you are running Tor as the wrong user?
Nov 07 10:34:52.481 [warn] Failed to parse/validate config: Couldn't create private data directory "/var/lib/tor"
Nov 07 10:34:52.481 [err] Reading config failed--see warnings above.

This means that you run Tor as root, and you need to run as debian-tor or tor user as follows:

sudo -u debian-tor tor
#OR
sudo -u tor tor

Recommended for you:

Leave a Reply

Your email address will not be published. Required fields are marked *