Tor on Librem 5

Hardware Librem 5
1

I managed to install tor and browse using tor on my Librem 5. Here’s a short description how to accomplish that:

  1. sudo apt install tor # Install the tor package, the torbrower-launcher is not yet available
  2. sudo vim /etc/tor/torrc # Change the tor config file
  3. Uncomment SocksPort 9050 in torrc
  4. Uncomment RunAsDaemon 1 in torrc
  5. Save torrc file
  6. service tor start # start the tor service
  7. service --status-all # check that the tor service is started, a ‘+’ appears before the service
  8. Open ‘Scale Screen’ in the librem5-goodies package. This is needed since firefox doesn’t handle the settings screen correctly on Librem 5 yet. The port and Ok (to save) button will be inaccessible outside the screen even in landscape mode. Scale to 1.5.
  9. Open the browser, I use firefox-esr
  10. Open the Network Settings (search for proxy in settings)
  11. Switch to landscape mode to access port and Ok
  12. Select manual proxy configuration
  13. SOCKS Host to localhost and port to 9050
  14. Press Ok to save
  15. Reset scaling to 2.0
  16. open check.torproject.org so see that it is working correctly
14 Likes
2

You should use tor browser package!
Following steps above would still leak your DNS and other metrics. You can test for this at
https://www.dnsleaktest.com/
https://whoer.net/
If you really have to use Firefox, at least add this to your torrc:
DNSPort 0.0.0.0:53
Then point here your DNS request via settings under Network Setting > Advanced Settings > IPv4 > IPv4 Method > Manual.
You can check your default DNS server with command:
nmcli device show wlan0

But you should really use TBB package at all times if you want real anonymity.

7 Likes
3

Thanks for pointing out the leaks! I started by trying to install the tor browser package, but it wasn’t available in the default repo for Librem 5 yet, https://wiki.debian.org/TorBrowser. Maybe I should just add the backports repo and try installing it from there.

3 Likes
4

It would have been good if check.torproject.org would have warned me (and others) about that. When browsing there with my settings it seem all fine.

1 Like
5

https://check.torproject.org/ checks your user-agent string and if it’s not TBB it does displays orange warning message.
In case I was clear, when changing DNS, do not point it to 0.0.0.0:53 ,but 127.0.0.1:53
Also if using firefox try to avoid allowing javascript to run.
In FF about:config set javascript.enabled to FALSE.
Or use plugin like noscript
If you have to use javascript disable UDP stun - this also bypasses proxy setting:
media.peerconnection.enabled = FALSE

2 Likes
6

Actually it doesn’t display an orange message. This is how it looks.

2020-12-26-100354
2020-12-26-100354720×1440 107 KB

2 Likes
7

but dnsleaktest.com shows the dns leak.

2020-12-26-101739
2020-12-26-101739720×1440 87.6 KB

1 Like
8

I know where I was wrong. Since you are using FF-ESR, same broweser TBB is based on, your user-agent is identical to TBB user agent. This orange message does only appear if using diferent browser. This is what it looks like:

tor
tor540×960 82.4 KB

1 Like
9

Gets a “sudo: vim: command not found”

Ideas?
~s

1 Like
10

‘vim’ is a Linux application used for editing a file from the device’s file system directly within the terminal.

Your “not found” message means vim is not currently installed, so just sudo apt install vim, then try the command again.

Any editor app other than vim, e.g. nano (which is probably already installed), can also be used to complete the editing, so you could just as easily do sudo nano /etc/tor/torrc.

The contents of the file being edited will open right inside the terminal, not like a Word document, but as lines of text in the terminal. To navigate to the line(s) you want to edit, use the arrow keys, backspace, delete, insert, etc.

The same file(s) you edit with vim or nano in the terminal also exist(s) in “GUI” form within the file system, but to edit it/them, you must first open the directory as “administrator” (which equates to sudo in the terminal).

After editing, follow the shortcut guide at the bottom of the terminal window, i.e. Ctrl X to close, save (if you want to keep changes), write over the existing file, etc. If you messed up, use Ctrl X to exit, but don’t save. Then you can start over.

Comments that are there for guidance are prefixed with a “#”, which prevents anything following the “#” from executing or being used for anything. Therefore to “uncomment” a line, you just have to delete the “#” that precedes it.

3 Likes
11

Thanks a bunch @amarok - I wish I had seen your post earlier. I think it should be somewhere as a FAQ or How-to. It beats all the older ones.

Problem solved but I don’t see a “Solved” icon.
~s

2 Likes
12

Only because you’re not the one who created the thread.

2 Likes
13

Alternative solution: replace vim with vi in the command.

vim is just “Vi IMproved” and claims that “Vim is a text editor that is upwards compatible to Vi.” - and so if you are only attempting to make a basic edit to a text file, the two commands are likely to be functionally equivalent, other than that one command may be installed and the other command is not.

Whether vim or vi, it assumes of course that you know how to do basic editing i.e. you know enough vi commands to get the job done.

2 Likes
14

Well, I’m like the average person that just wants a working phone. Not have to take dozens of courses on how to use dozens of ‘apps’ in order to repair tweak, the teaks, and poor patches for the tweaks… Like I keep saying, it’s a toy for hobbyists that like to tinker. Not for those the ads are targeting.

I’m only going along with this piece of I received. Almost 2 years now, and almost every day, I find I have to look for a rescue to make it send/receive texts and if the moon is in the correct phase, and the update hasn’t screwed things up again, maybe send/receive texts with pics. That is very rare.
This phone is already obsolete. Was the day I bought it.

1 Like