TOR Problem in Opensuse 11.2

English Network/Internet
1

Hi all!

I hope the “Network Forum” is the right place to ask this question.
All together I am quite happy with the new release 11.2 of Opensuse, and if I could solve the following issue everything would be perfect!

I installed the latest Tor package from the Packman Repo:

tor-0.2.1.20-1.pm.1.1.x86_64

and additionally the Privoxy package frpm the official Opensuse Repo:

privoxy-3.0.13.90.1-4.1.x86_64

the I went in

/etc/tor/

and copied the torrc.sample to have a valid torrc file:

cp torrc.sample torrc

after I configured /etc/privoxy/config

vi /etc/privoxy/config

and changed

To chain Privoxy and Tor, both running on the same system,

you would use something like:

forward-socks5 / 127.0.0.1:9050 .

to

forward-socks5 / 127.0.0.1:9050

as I m used to!

If I try now to start tor as a normal user from a terminal I get this:

Dec 02 16:17:05.377 [notice] Tor v0.2.1.20. This is experimental software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
Dec 02 16:17:05.378 [notice] Initialized libevent version 1.4.9-stable using method epoll. Good.
Dec 02 16:17:05.378 [notice] Opening Socks listener on 127.0.0.1:9050
Dec 02 16:17:05.398 [notice] Parsing GEOIP file.
Dec 02 16:17:05.606 [notice] No current certificate known for authority moria1; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority tor26; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority dizum; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority ides; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority gabelmoo; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority dannenberg; launching request.
Dec 02 16:17:05.606 [notice] No current certificate known for authority urras; launching request.
Dec 02 16:17:05.606 [notice] Bootstrapped 5%: Connecting to directory server.
Dec 02 16:17:05.606 [notice] I learned some more directory information, but not enough to build a circuit: We have no network-status consensus.
Dec 02 16:17:05.845 [notice] Bootstrapped 10%: Finishing handshake with directory server.
Dec 02 16:17:06.516 [warn] TLS error: unexpected close while renegotiating
Dec 02 16:17:06.516 [notice] No current certificate known for authority moria1; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority tor26; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority dizum; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority ides; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority gabelmoo; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority dannenberg; launching request.
Dec 02 16:17:06.516 [notice] No current certificate known for authority urras; launching request.
Dec 02 16:17:07.016 [warn] TLS error: unexpected close while renegotiating
Dec 02 16:17:07.086 [warn] TLS error: unexpected close while renegotiating

Can someone help me out with this?

Thanks,

rehcla

2

Try this post it seems a problem with some versions of tor in the OBS I found the 2.2.6-alpha worked if you google you’ll find a bug report.

openSUSE Forums - View Single Post - Automated Proxy-Management…

3

Hi
For sure, have a look at this link on what to do (last page post #43) :slight_smile:
http://forums.opensuse.org/applications/426702-automated-proxy-management.html


Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 2.6.27.37-0.1-default
up 10:37, 2 users, load average: 0.05, 0.15, 0.23
GPU GeForce 8600 GTS Silent - CUDA Driver Version: 190.18

4

@malcolm

why do you always need to quote a post? This is very annoying, especially if the OPs post is pretty long and you quote it. You always seem to do it… grrrrr

5

Hi
My bad, I forget sometimes to snip out stuff… old habits bouncing
between here, novell and usenet with nntp :frowning:


Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 2.6.27.37-0.1-default
up 12:18, 2 users, load average: 1.93, 2.09, 1.91
GPU GeForce 8600 GTS Silent - CUDA Driver Version: 190.18

6

two points:

first, i was never able to make the privoxy package actually work from the 11.2 repo, and used another release.

second, if you research this, i think you will find that the recent openssl update to mitigate the “man-in-the-middle” exploit makes tor almost unusable unless you use the current svn 0.2.2.6alpha version.

the “mitm” vunerability doesn’t effect the security of tor due to the way it establishes ssl connections, but since the new openssl patch prevents “re-negotiation”, tor is put in handcuffs looking for routes. The alpha version sidesteps this issue.

i’m currently using the tor alpha version ( https://www.torproject.org/download-unix.html.en ) and privoxy/tork with good results.

hope you resolve your problem. :slight_smile:

7

Thank you guys!

Nothing did help and the Homepage of TOR contains only i386 Packages :frowning:

So I hope for a soon update via Packman;)

Greetings

8

I’ve done this it works fine as j_xavier said that version but I found it on the OBS, I also used the privoxy from the standard repos and it works fine.

9

Hi
Your looking in the wrong place :wink:
Do you know about the repositories and OBS?
Search?

Grab the 0.2.2.6 alpha version here;
http://software.opensuse.org/search?baseproject=openSUSE%3A11.2&p=1&q=tor


Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel 2.6.27.37-0.1-default
up 13:51, 2 users, load average: 0.27, 0.31, 0.35
GPU GeForce 8600 GTS Silent - CUDA Driver Version: 190.18

10

Oh!
OBS means OpensuseBuildService :smiley:

I installed:

tor-0.2.2.6.alpha-1.1.x86_64

but still the same result!

Greetings

11

Compile it from sources (with openssl-devel and libevent-devel installed)
I have no problems with my compiled 0.2.2.6 version

12

Thanks for a solution!

I had the same problem with some “looks like a v2 handshake” sh*t in logs…

I deleted old tor and tried this alpha 0.2.2 Software.openSUSE.org but it did not help.

So I installed from sources from tor site and all work now rotfl!

BTW be careful, there is no /etc/init.d/tor script and you should start it simply “tor” (I did it from root cause otherwise he did not have some permissions).

Also old config didn’t work so use the new one.

Just copy torrc.sample to torrc as it is almost always enough…

ps OpenSuSE 11.0

13

Now we just need the tork GUI fixed to work under KDE4 :(.

14

tork still is very useful to me despite the fact that kde applications launcher “Anonymize” tab panel cannot start kde4 applications.

altering the network/proxy settings of the application to point to privoxy or tor depending on your needs works for apps that have this configuring ability.

but more importantly, once you get the application using tor, having tork running gives you more control over all the tor connections.

it’s my understanding that a kde4 Tork is being planned, but there is no release date.

15

Hmm, for me it just clean quits each time I click on “citizen of”, I’ve tried everything I can think of but it just keeps crashing.

16

Tork does have a problem with those functions now, i spoke with the developer on irc.oftc.net months ago.

for me it was crashing when sorting servers, turns out the huge increase in tor servers (2900 online at this moment) is more than Tork can handle, and crashes every time it tries to sort/parse them.

i’ll see if i can find out any more info, but for now that feature is broken.

17

Does this have to be done every time before Firefox is started or could it be added to the run-levels?:confused:

Thanks, tom