Tor Relay Configuration Tool

Tor Relay Configuration Tool

This tool helps you generate a configuration template for running a Tor relay. The generated configuration is a starting point and may need adjustments based on your specific requirements and security considerations. Review Tor's official documentation for detailed information.

Installing Tor

Before using this configuration tool, you need to have Tor installed on your system. Below are installation instructions for common Linux distributions:

Debian / Ubuntu

Install Tor from the official repositories:

sudo apt-get update
sudo apt-get install tor

RHEL / CentOS / AlmaLinux / Rocky / Oracle / Fedora

For RHEL/CentOS 7 and earlier, enable EPEL repository first:

# RHEL/CentOS 7
sudo yum install epel-release
sudo yum install tor

# RHEL/CentOS 8+ / AlmaLinux / Rocky Linux / Oracle Linux / Fedora
sudo dnf install tor

Arch Linux

Install Tor from the official repositories:

sudo pacman -S tor

openSUSE

Install Tor using zypper:

sudo zypper install tor

FreeBSD

Install Tor using pkg or ports:

# Using pkg (binary package)
sudo pkg install tor

# Using ports (compile from source)
cd /usr/ports/security/tor
sudo make install clean

OpenBSD

Install Tor using pkg_add:

sudo pkg_add tor

NetBSD

Install Tor using pkgin or pkgsrc:

# Using pkgin (binary package)
sudo pkgin install tor

# Using pkgsrc (compile from source)
cd /usr/pkgsrc/security/tor
sudo make install

After Installation

Once Tor is installed, you can manage the service. Note that BSD systems use different service management:

Linux (systemd):
- Check status: sudo systemctl status tor
- Start service: sudo systemctl start tor
- Enable on boot: sudo systemctl enable tor
FreeBSD:
- Enable in /etc/rc.conf: tor_enable="YES"
- Start service: sudo service tor start
OpenBSD:
- Enable in /etc/rc.conf.local: tor_flags=""
- Start service: sudo rcctl start tor
The default configuration file is located at: /etc/tor/torrc (or /usr/local/etc/tor/torrc on some BSD systems)

Note: After generating your configuration, you'll need to edit /etc/tor/torrc and restart the Tor service for changes to take effect. For more detailed installation instructions, visit the Tor Project relay setup guide.

Configuration Options

? Snowflake: Helps users bypass censorship. Minimal configuration needed.
Exit Relay: Allows traffic to exit to the Internet.
Guard Relay: Non-exit relay that helps build circuits.
Bridge: Unlisted relay that helps censored users connect. Relay Type:

Identity & Contact

? Public identifier for your relay (1–19 alphanumeric characters, no spaces). Nickname:

? Email address or URL for abuse/security contact. Strongly recommended for all relay types. Contact Info (Email or URL):

Network Settings

? Your relay's public IPv4 address. Tor usually auto-detects this, but you can specify it explicitly. IPv4 Address (optional):

? Your relay's public IPv6 address, if available. IPv6 Address (optional):

? The port your relay listens on for Tor connections (typically 9001 or 443). ORPort:

? Directory mirror port. Only needed if you want to mirror directory information. DirPort (optional):

Limits & Quotas

? Maximum upload bandwidth to allow. This limits how much traffic your relay will handle. Upload Bandwidth (MB/s):

? Maximum total bandwidth per day. Leave empty if you don't want daily limits. Daily Bandwidth Quota (GB, optional):

? Maximum total bandwidth per month. Leave empty if you don't want monthly limits. Note: Only one quota (daily or monthly) can be active. Monthly Bandwidth Quota (GB, optional):

? Path where Tor stores its data. Default is /var/lib/tor. Data Directory (optional):

Generated Configuration

Copy this configuration into /etc/tor/torrc, then restart Tor.

Next Steps:
1. Review the generated configuration carefully
2. Consult Tor Project documentation
3. Back up your current /etc/tor/torrc if it exists
4. Apply the configuration and restart Tor: sudo systemctl restart tor

Monitoring Your Relay with Nyx

Nyx (formerly known as arm) is a terminal-based status monitor for Tor relays. It provides real-time statistics, bandwidth usage, connection information, and more.

Installation

Install nyx using your package manager:

# Debian/Ubuntu
sudo apt-get update
sudo apt-get install nyx

# CentOS/RHEL/Fedora
sudo yum install nyx
# or
sudo dnf install nyx

# Arch Linux
sudo pacman -S nyx

Configuration

To use nyx with your relay, you need to enable the ControlPort in your torrc file. Add the following line (note: this is different from the relay-only configuration above):

Add to your torrc for monitoring (remove SocksPort 0 and ControlPort 0 if present):

# Enable control port for nyx (local access only)
ControlPort 9051
# Optional: Set a cookie authentication file
CookieAuthentication 1

Security Note: The ControlPort should only be accessible locally. If you're using the relay-only configuration generated above, you'll need to temporarily enable ControlPort for monitoring, or use a separate Tor instance for monitoring.

Usage

Once installed and configured, run nyx:

Start nyx:

nyx

Key Features:

Bandwidth Statistics: View real-time upload/download rates and total usage
Connection Information: See active circuits, streams, and connections
Relay Status: Monitor your relay's status, flags, and uptime
Log Viewer: Access Tor logs directly from the interface
Configuration Editor: Edit torrc settings on the fly (use with caution)

Navigation:

Use ↑ ↓ arrow keys to navigate
Press Enter to select items
Press q to quit
Press ? for help

Additional Resources

Understanding Tor Relay Types

Tor relays are servers that help route traffic through the Tor network, providing anonymity and privacy to users. Different relay types serve different roles in the network. Understanding these types will help you choose the right configuration for your needs.

Guard Relay

Role: Guard relays (also called entry guards) are the first hop in a Tor circuit. They are the initial point of contact for users connecting to the Tor network.

Traffic: Guard relays only handle traffic within the Tor network. They never see the final destination of user traffic, making them lower risk to operate.

Requirements: Stable connection, good bandwidth, and consistent uptime. Guard relays need to be reliable as they're trusted entry points.

Risk Level: Low - Guard relays don't exit traffic to the internet.

Exit Relay

Role: Exit relays are the final hop in a Tor circuit. They connect to the destination website or service on behalf of Tor users.

Traffic: Exit relays handle traffic exiting the Tor network to the regular internet. This means they can see the final destination of user requests.

Requirements: High bandwidth, stable connection, and careful exit policy configuration. Exit relays should block dangerous ports (mail, abuse ports) to prevent abuse.

Risk Level: Medium - Exit relays may receive abuse complaints. Requires careful exit policy configuration.

Bridge Relay

Role: Bridge relays are unlisted relays that help users in censored regions bypass censorship and access the Tor network.

Traffic: Bridges don't appear in public Tor directories, making them harder for censors to block. They help users connect when regular Tor entry points are blocked.

Requirements: Stable connection and bandwidth. Bridges can be distributed through various methods (HTTPS, email, etc.) to reach censored users.

Risk Level: Low - Bridges don't exit traffic to the internet.

Snowflake Relay

Role: Snowflake relays are temporary proxies that help users bypass censorship by acting as a bridge between censored users and the Tor network.

Traffic: Snowflake relays handle temporary connections from users trying to access Tor through censorship. They're lightweight and designed for easy deployment.

Requirements: Minimal configuration needed. Can run in a browser or as a standalone application. Very easy to set up and operate.

Risk Level: Low - Snowflake relays are temporary and don't maintain persistent connections.

Key Differences Summary

Guard Relays: First hop, non-exit, low risk, high reliability needed
Exit Relays: Final hop, exits to internet, medium risk, requires strict exit policy
Bridge Relays: Unlisted, helps bypass censorship, low risk, important for censored users
Snowflake Relays: Temporary proxies, minimal setup, low risk, easy to deploy

Note: All relay types contribute to the Tor network's health and user privacy. Choose the type that best matches your technical capabilities, bandwidth, and risk tolerance. For more detailed information, consult the official Tor Project relay documentation.

Our Services	About Us	Support and Contact
CloudLinux Shared Hosting	Announcements	IncogNET Client Area
"BS Blocking" WireGuard VPN	About Our Business	Knowledge Base & FAQ
US and EU based KVM Virtual Servers	Sponsored Privacy Projects	Network Status / Reports
Kansas City, USA & Netherlands Dedicated Servers	Accepted Payment Methods	Contact Sales Department
DNS Hosting Services	Legal Stuff (TOS / AUP / Privacy)	Contact Support (Requires Login)
Domain Name Registration	Warrant Canary	Report Network Abuse
RAID Array Calculator	Network Locations & Looking Glass

Hosted On:				Social / Chat: