Tor on Librem 5

Librem Phones (Librem 5)
1

I managed to install tor and browse using tor on my Librem 5. Here’s a short description how to accomplish that:

  1. sudo apt install tor # Install the tor package, the torbrower-launcher is not yet available
  2. sudo vim /etc/tor/torrc # Change the tor config file
  3. Uncomment SocksPort 9050 in torrc
  4. Uncomment RunAsDaemon 1 in torrc
  5. Save torrc file
  6. service tor start # start the tor service
  7. service --status-all # check that the tor service is started, a ‘+’ appears before the service
  8. Open ‘Scale Screen’ in the librem5-goodies package. This is needed since firefox doesn’t handle the settings screen correctly on Librem 5 yet. The port and Ok (to save) button will be inaccessible outside the screen even in landscape mode. Scale to 1.5.
  9. Open the browser, I use firefox-esr
  10. Open the Network Settings (search for proxy in settings)
  11. Switch to landscape mode to access port and Ok
  12. Select manual proxy configuration
  13. SOCKS Host to localhost and port to 9050
  14. Press Ok to save
  15. Reset scaling to 2.0
  16. open check.torproject.org so see that it is working correctly
13 Likes
2

You should use tor browser package!
Following steps above would still leak your DNS and other metrics. You can test for this at
https://www.dnsleaktest.com/
https://whoer.net/
If you really have to use Firefox, at least add this to your torrc:
DNSPort 0.0.0.0:53
Then point here your DNS request via settings under Network Setting > Advanced Settings > IPv4 > IPv4 Method > Manual.
You can check your default DNS server with command:
nmcli device show wlan0

But you should really use TBB package at all times if you want real anonymity.

6 Likes
3

Thanks for pointing out the leaks! I started by trying to install the tor browser package, but it wasn’t available in the default repo for Librem 5 yet, https://wiki.debian.org/TorBrowser. Maybe I should just add the backports repo and try installing it from there.

2 Likes
4

It would have been good if check.torproject.org would have warned me (and others) about that. When browsing there with my settings it seem all fine.

5

https://check.torproject.org/ checks your user-agent string and if it’s not TBB it does displays orange warning message.
In case I was clear, when changing DNS, do not point it to 0.0.0.0:53 ,but 127.0.0.1:53
Also if using firefox try to avoid allowing javascript to run.
In FF about:config set javascript.enabled to FALSE.
Or use plugin like noscript
If you have to use javascript disable UDP stun - this also bypasses proxy setting:
media.peerconnection.enabled = FALSE

1 Like
6

Actually it doesn’t display an orange message. This is how it looks.

2020-12-26-100354
2020-12-26-100354720×1440 107 KB

1 Like
7

but dnsleaktest.com shows the dns leak.

2020-12-26-101739
2020-12-26-101739720×1440 87.6 KB

8

I know where I was wrong. Since you are using FF-ESR, same broweser TBB is based on, your user-agent is identical to TBB user agent. This orange message does only appear if using diferent browser. This is what it looks like:

tor
tor540×960 82.4 KB