diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -77,13 +77,20 @@ be configured for individual sources via sources.list options. By default, apt-transport-tor uses the following SOCKS proxy setting, which is the default location of a locally installed Tor instance: - Acquire::tor::proxy "socks5h://apt-transport-tor@localhost:9050"; + Acquire::tor::proxy "socks5h://apt-transport-tor@127.0.0.1:9050"; Note the use of a username to make use of the default IsolateSOCKSAuth Tor setting for stream isolation, which requires Tor 0.2.4.19 to work well. This means your apt traffic will be sent over a different circuit from your regular Tor traffic and for each host you connect to. +Earlier apt versions (before 1.7) default to `localhost` instead of `127.0.0.1`. +This can lead to SRV requests being sent to a DNS server – for most users that +should be a local caching server, but for some it might be a more remote (and +hence potentially hostile) server. This is something to be aware of in general +if you are using a hostname in the configuration. On the upside this can give +you all the flexibility provided via SRV. + ### Disabling use of http(s) without Tor in APT APT >= 1.3 allows methods to be disabled without removing them from the system, |