ObjectiveThe objective is to install Tor on Ubuntu 18.04 Bionic Beaver. This guide will also provide you with some basic configuration and usage of Tor network in order to conceal your identity.
Operating System and Software Versions
- Operating System: - Ubuntu 18.04 Bionic Beaver
- Software: - Tor version 0.3.2.9
RequirementsPrivileged access to your Ubuntu System as root or via
sudocommand is required.
- # - requires given linux commands to be executed with root privileges either directly as a root user or by use of
- $ - requires given linux commands to be executed as a regular non-privileged user
Install Tor on UbuntuLet's start by Tor installation on Ubuntu 18.04 system. To install Tor execute the below
$ sudo apt install torBy default Tor listens for all requests on port
9050. Confirm that Tor is up and running on this specific port by using the
You can also check for the Tor version by entering:
$ ss -nlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 5 127.0.0.1:631 0.0.0.0:* LISTEN 0 128 127.0.0.1:9050 0.0.0.0:*
$ tor --version Tor version 0.3.2.9 (git-64a719dd25a21acb).
Tor Network connection testAt this stage we are going to test our Tor installation by obtaining an external IP address via Tor network. First, check your external IP address:
$ wget -qO - https://api.ipify.org; echo 220.127.116.11Next, use the
torsockscommand to obtain your external IP address via Tor network:
$ torsocks wget -qO - https://api.ipify.org; echo 18.104.22.168
Torify your shellSet your shell to use
torsocksas default for any command. This will allow you to use commands without prefixing them with the
torsockscommand. To enable
torsocksfor your current shell session enter:
$ source torsocks on Tor mode activated. Every command will be torified for this shell.Test your torified shell but this time without the
$ wget -qO - https://api.ipify.org; echo 22.214.171.124To make this change permanent for all your new shell sessions and after reboot enter:
$ echo ". torsocks on" >> ~/.bashrcTo disable Tor for your current shell enter:
$ source torsocks off Tor mode deactivated. Command will NOT go through Tor anymore.
Enable Tor Control PortNext, we are going to enable Tor's Control Port which will allow as to communicate with Tor local installation. We will also password protect Tor connection with password eg.
my-tor-password. First set your password variable with your password:
torpass=$(tor --hash-password "my-tor-password")Next, enable Tor control port and insert our previously hashed password:
$ printf "HashedControlPassword $torpass\nControlPort 9051\n" | sudo tee -a /etc/tor/torrcCheck your
/etc/tor/torrcconfiguration to confirm that hash password settings has been correctly included. The configuration should look similar to the below:
HashedControlPassword 16:AF74D4E29C8F0B9160F43D89DDED341A8F0387B6E40A6D0C58840FD2D6 ControlPort 9051Restart Tor to apply changes:
$ sudo /etc/init.d/tor restartYour Tor service should be now listening on both ports
$ $ ss -nlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 5 127.0.0.1:631 0.0.0.0:* LISTEN 0 128 127.0.0.1:9050 0.0.0.0:* LISTEN 0 128 127.0.0.1:6010 0.0.0.0:* LISTEN 0 128 127.0.0.1:9051 0.0.0.0:*
Connect to Tor Control PortUsing Tor Control Port we are able to communicate with Tor and issue commands. For example let's use the
telnetcommand and request a new Tor circuit and clear cache:
On Line 5 we have entered
$ telnet 127.0.0.1 9051 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. AUTHENTICATE "my-tor-password" 250 OK SIGNAL NEWNYM 250 OK SIGNAL CLEARDNSCACHE 250 OK quit 250 closing connection Connection closed by foreign host.
AUTHENTICATEcommand and our Tor password. On Line 7 and Line 9 we asked Tor for a new circuit and clean cache.
The communication with the Tor control port can also be shell scripted. Consider the following example of requesting a new clean circuit:
$ source torsocks off Tor mode deactivated. Command will NOT go through Tor anymore. $ torsocks wget -qO - https://api.ipify.org; echo 126.96.36.199 $ echo -e 'AUTHENTICATE "my-tor-password"\r\nsignal NEWNYM\r\nQUIT' | nc 127.0.0.1 9051 250 OK 250 OK 250 closing connection $ torsocks wget -qO - https://api.ipify.org; echo 188.8.131.52