diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 24 |
1 files changed, 14 insertions, 10 deletions
@@ -51,22 +51,26 @@ available as an onion service. ## Configuration -Most users should not need to adjust SOCKS settings. +### Using a different Tor instance By default, apt-transport-tor uses the following SOCKS proxy setting, which -matches the default Tor SOCKS port: +is the default location of a locally installed Tor instance: - socks5h://apt-transport-tor@localhost:9050 + Acquire::tor::proxy "socks5h://apt-transport-tor@localhost:9050"; -If you want to use a different port, you can edit the Acquire::tor::proxy -apt preference: +Note the use of a username to make use of the default IsolateSOCKSAuth Tor +setting for stream isolation, which requires Tor 0.2.4.19 to work well. +This means your apt traffic will be sent over a different circuit from your +regular Tor traffic and for each host you connect to. - Acquire::tor::proxy "socks5h://apt-transport-tor@localhost:9050"; +### Disabling use of http(s) without Tor in APT -Note the use of a username to make use of the default IsolateSOCKSAuth Tor -setting for stream isolation, which requires bug fixes from Tor 0.2.4.19 to -work well. This means your apt traffic will be sent over a different circuit -from your regular Tor traffic for each host you connect to. +APT >= 1.3 allows methods to be disabled without removing them from the system, +so to avoid mistakenly adding new sources without using tor you can tell apt +via the following configuration options to fail for non-tor-http(s) sources: + + Dir::Bin::Methods::http "false"; + Dir::Bin::Methods::https "false"; ## Caveats |