diff options
author | Tim Retout <tim@retout.co.uk> | 2014-04-20 15:37:27 +0100 |
---|---|---|
committer | Tim Retout <tim@retout.co.uk> | 2014-04-20 15:37:27 +0100 |
commit | 698a7462be62528ec42eeb7dbc779686e698b50e (patch) | |
tree | 803a068626375ccd74423f44beacb8a35609992f /README.md | |
parent | 3c2edc4a92bd373d384a9c025c193fe3084e9704 (diff) |
Add stream isolation, and document Acquire::tor::proxy
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 22 |
1 files changed, 22 insertions, 0 deletions
@@ -42,6 +42,28 @@ mirror, you can use that: deb tor://<long string>.onion/debian unstable main deb-src tor://<long string>.onion/debian unstable main +## Configuration + +Most users should not need to adjust SOCKS settings. + +By default, apt-transport-tor uses the following SOCKS proxy setting, which +matches the default Tor SOCKS port: + + socks5h://apt:apt@localhost:9050 + +If you want to use a different port, you can edit the Acquire::tor::proxy +apt preference: + + Acquire::tor::proxy "socks5h://apt:apt@localhost:9050"; + +Note the use of a username/password to make use of the default +IsolateSOCKSAuth Tor setting for stream isolation, which requires bug fixes +from Tor 0.2.4.19 to work well. This means your apt traffic will be sent +over a different circuit from your regular Tor traffic. + +Although "sock5h://" is put explicitly in these examples, at the moment its +use is hardcoded (to avoid DNS leaks). + ## Caveats Downloading your Debian packages over Tor prevents an attacker who is |