The objective is to install Tor on Ubuntu 18.04 Bionic Beaver. This guide will also provide you with some basic configuration and usage of Tor network in order to conceal your identity.
Operating System and Software Versions
- Operating System: – Ubuntu 18.04 Bionic Beaver
- Software: – Tor version 0.3.2.9
Privileged access to your Ubuntu System as root or via
sudo command is required.
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
- $ – requires given linux commands to be executed as a regular non-privileged user
Other Versions of this Tutorial
Install Tor on Ubuntu
Let’s start by Tor installation on Ubuntu 18.04 system. To install Tor execute the below
$ sudo apt install tor
By default Tor listens for all requests on port
9050. Confirm that Tor is up and running on this specific port by using the
$ ss -nlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 5 127.0.0.1:631 0.0.0.0:* LISTEN 0 128 127.0.0.1:9050 0.0.0.0:*
You can also check for the Tor version by entering:
$ tor --version Tor version 0.3.2.9 (git-64a719dd25a21acb).
Tor Network connection test
At this stage we are going to test our Tor installation by obtaining an external IP address via Tor network. First, check your external IP address:
$ wget -qO - https://api.ipify.org; echo 126.96.36.199
Next, use the
torsocks command to obtain your external IP address via Tor network:
$ torsocks wget -qO - https://api.ipify.org; echo 188.8.131.52
Torify your shell
Set your shell to use
torsocks as default for any command. This will allow you to use commands without prefixing them with the
torsocks command. To enable
torsocks for your current shell session enter:
$ source torsocks on Tor mode activated. Every command will be torified for this shell.
Test your torified shell but this time without the
torsocks command prefix:
$ wget -qO - https://api.ipify.org; echo 184.108.40.206
To make this change permanent for all your new shell sessions and after reboot enter:
$ echo ". torsocks on" >> ~/.bashrc
To disable Tor for your current shell enter:
$ source torsocks off Tor mode deactivated. Command will NOT go through Tor anymore.
Enable Tor Control Port
Next, we are going to enable Tor’s Control Port which will allow as to communicate with Tor local installation. We will also password protect Tor connection with password eg.
my-tor-password. First set your password variable with your password:
torpass=$(tor --hash-password "my-tor-password")
Next, enable Tor control port and insert our previously hashed password:
$ printf "HashedControlPassword $torpass\nControlPort 9051\n" | sudo tee -a /etc/tor/torrc
/etc/tor/torrc configuration to confirm that hash password settings has been correctly included. The configuration should look similar to the below:
HashedControlPassword 16:AF74D4E29C8F0B9160F43D89DDED341A8F0387B6E40A6D0C58840FD2D6 ControlPort 9051
Restart Tor to apply changes:
$ sudo /etc/init.d/tor restart
Your Tor service should be now listening on both ports
$ $ ss -nlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 5 127.0.0.1:631 0.0.0.0:* LISTEN 0 128 127.0.0.1:9050 0.0.0.0:* LISTEN 0 128 127.0.0.1:6010 0.0.0.0:* LISTEN 0 128 127.0.0.1:9051 0.0.0.0:*
Connect to Tor Control Port
Using Tor Control Port we are able to communicate with Tor and issue commands. For example let’s use the
telnet command and request a new Tor circuit and clear cache:
$ telnet 127.0.0.1 9051 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. AUTHENTICATE "my-tor-password" 250 OK SIGNAL NEWNYM 250 OK SIGNAL CLEARDNSCACHE 250 OK quit 250 closing connection Connection closed by foreign host.
On Line 5 we have entered
AUTHENTICATE command and our Tor password. On Line 7 and Line 9 we asked Tor for a new circuit and clean cache.
The communication with the Tor control port can also be shell scripted. Consider the following example of requesting a new clean circuit:
$ source torsocks off Tor mode deactivated. Command will NOT go through Tor anymore. $ torsocks wget -qO - https://api.ipify.org; echo 220.127.116.11 $ echo -e 'AUTHENTICATE "my-tor-password"\r\nsignal NEWNYM\r\nQUIT' | nc 127.0.0.1 9051 250 OK 250 OK 250 closing connection $ torsocks wget -qO - https://api.ipify.org; echo 18.104.22.168
Configure Browser to use Tor network
Lastly, configure your Firefox browser to use local Tor host: