本文記錄了Tor Browser的下載、校驗、安裝及在GNOME桌面中創建快捷圖標。

Introduction

以下是Tor官方介紹

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. – https://www.torproject.org/projects/torbrowser.html.en

關於tor,可瀏覽WikiPedia Tor (anonymity network) ‘WikiPedia’)。

Tor瀏覽器默認監聽9150端口,可通過本人寫的Shell Script掃描系統中端口監聽情況。

OS Info

主機操作系統信息如下

item detail
OS Version CentOS Linux release 7.3.1611 (Core)
Kernel Version 3.10.0-514.2.2.el7.x86_64

Download && Verifiy

Tor Browser的下載頁面在Tor Browser Downloads,GPG簽名的校驗方法在Verify package signatures。Release信息可在其官方blog中查看鏈接

Download

官網當前提供的下載版本是6.5,release信息見Tor Browser 6.5 released

下載鏈接

1
2
3
https://www.torproject.org/dist/torbrowser/6.5/tor-browser-linux64-6.5_en-US.tar.xz
https://www.torproject.org/dist/torbrowser/6.5/tor-browser-linux64-6.5_en-US.tar.xz.asc

其中後綴爲.asc的爲GPG簽名文件。

此處定義下載路徑~/Downloads

Import GPG Public Key

下載完成後進行校驗操作,參考官方文檔 Verify package signatures

注意:主機上須導入指定的公鑰,否則無法進行校驗工作

KeyId是0x4E2C6E8793298290

執行如下命令安裝公鑰

1
2
3
4
5
6
7
8
9
10
11
12
#列出本機中的公鑰
gpg --list-keys
gpg --list-key 0x4E2C6E8793298290
#在keyserver中查詢指定的公鑰
gpg --keyserver keys.gnupg.net --search-keys 0x4E2C6E8793298290
#從keyserver下載指定的公鑰
gpg --keyserver keys.gnupg.net --recv-keys 0x4E2C6E8793298290
#查看公鑰及其指紋
gpg --fingerprint 0x4E2C6E8793298290

具體操作過程

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#列出本機中的公鑰
[[email protected] ~]$ gpg --list-key 0x4E2C6E8793298290
gpg: error reading key: No public key
#在keyserver中查詢公鑰
[[email protected] ~]$ gpg --keyserver keys.gnupg.net --search-keys 0x4E2C6E8793298290
gpg: searching for "0x4E2C6E8793298290" from hkp server keys.gnupg.net
(1) Tor Browser Developers (signing key) <[email protected]>
4096 bit RSA key 93298290, created: 2014-12-15, expires: 2020-08-24
Keys 1-1 of 1 for "0x4E2C6E8793298290". Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key 93298290 from hkp server keys.gnupg.net
gpg: key 93298290: public key "Tor Browser Developers (signing key) <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
#從keyserver下載公鑰
[[email protected] ~]$ gpg --keyserver keys.gnupg.net --recv-keys 0x4E2C6E8793298290
gpg: requesting key 93298290 from hkp server keys.gnupg.net
gpg: key 93298290: "Tor Browser Developers (signing key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
[[email protected] ~]$ gpg --list-key 0x4E2C6E8793298290
pub 4096R/93298290 2014-12-15 [expires: 2020-08-24]
uid Tor Browser Developers (signing key) <[email protected]>
sub 4096R/F65C2036 2014-12-15 [expires: 2017-08-25]
sub 4096R/D40814E0 2014-12-15 [expires: 2017-08-25]
sub 4096R/C3C07136 2016-08-24 [expires: 2018-08-24]
#查看公鑰及其指紋
[[email protected] ~]$ gpg --fingerprint 0x4E2C6E8793298290
pub 4096R/93298290 2014-12-15 [expires: 2020-08-24]
Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
uid Tor Browser Developers (signing key) <[email protected]>
sub 4096R/F65C2036 2014-12-15 [expires: 2017-08-25]
sub 4096R/D40814E0 2014-12-15 [expires: 2017-08-25]
sub 4096R/C3C07136 2016-08-24 [expires: 2018-08-24]
[[email protected] ~]$

Verifying GPG Signature

安裝公鑰後進行校驗,使用命令gpg --verify進行校驗

操作過程如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
#列出文件
[[email protected] ~]$ ls -lhF ~/Downloads/tor-browser-linux64-6.5_en-US.tar.xz*
-rw-r--r-- 1 flying flying 68M Feb 3 14:54 /home/flying/Downloads/tor-browser-linux64-6.5_en-US.tar.xz
-rw-r--r-- 1 flying flying 801 Feb 3 14:50 /home/flying/Downloads/tor-browser-linux64-6.5_en-US.tar.xz.asc
#校驗 校驗文件在前,源文件在後
[[email protected] ~]$ gpg --verify ~/Downloads/tor-browser-linux64-6.5_en-US.tar.xz{.asc,}
gpg: Signature made Tue 24 Jan 2017 09:42:49 AM EST using RSA key ID C3C07136
gpg: Good signature from "Tor Browser Developers (signing key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136
[[email protected] ~]$

校驗結果中出現

gpg: Good signature from “Tor Browser Developers (signing key) torbrowser@torproject.org

說明校驗成功,證明下載的文件是由Tor官方釋出,未經過第三方篡改,可以信任。

Installation

Tor Browser的安裝可參考官方文檔 Tor Installation guides

此處定義安裝路徑/opt/torBrowser,執行如下命令進行解壓

1
2
3
4
5
#創建目標路徑
[[ ! -d /opt/torBrowser ]] && sudo mkdir -m 755 -pv /opt/torBrowser || sudo rm -rf /opt/torBrowser/*
#解壓壓縮包到目標路徑
sudo tar xf ~/Downloads/tor-browser-linux64-6.5_en-US.tar.xz -C /opt/torBrowser --strip-components=1

解壓完成後,進入目標路徑,執行

1
./start-tor-browser.desktop

出現

Launching ‘./Browser/start-tor-browser –detach’…

即可啓動Tor Browser

操作過程如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
[[email protected] ~]$ [[ ! -d /opt/torBrowser ]] && sudo mkdir -pv /opt/torBrowser
mkdir: created directory ‘/opt/torBrowser’
[[email protected] ~]$ sudo tar xf ~/Downloads/tor-browser-linux64-6.5_en-US.tar.xz -C /opt/torBrowser --strip-components=1
[[email protected] ~]$ cd /opt/torBrowser/
[[email protected] torBrowser]$ ls -lhF
total 4.0K
drwx------ 1 flying flying 1.1K Feb 3 11:11 Browser/
-rwx------ 1 flying flying 1.7K Feb 3 14:31 start-tor-browser.desktop*
[[email protected] torBrowser]$ ls -lhF Browser/
total 94M
-rw------- 1 flying flying 440 Dec 31 1999 application.ini
drwx------ 1 flying flying 132 Dec 31 1999 browser/
drwx------ 1 flying flying 8 Dec 31 1999 defaults/
-rw------- 1 flying flying 127 Dec 31 1999 dependentlibs.list
drwxr-xr-x 1 flying flying 0 Jan 30 16:12 Desktop/
drwx------ 1 flying flying 36 Dec 31 1999 dictionaries/
drwx------ 1 flying flying 0 Feb 2 16:37 Downloads/
-rwx------ 1 flying flying 284 Dec 31 1999 execdesktop*
-rwx------ 1 flying flying 123K Dec 31 1999 firefox*
drwx------ 1 flying flying 2.2K Dec 31 1999 fonts/
drwx------ 1 flying flying 22 Dec 31 1999 icons/
-rwx------ 1 flying flying 479K Dec 31 1999 libfreebl3.so*
-rwx------ 1 flying flying 121K Dec 31 1999 liblgpllibs.so*
-rwx------ 1 flying flying 663K Dec 31 1999 libmozsqlite3.so*
-rwx------ 1 flying flying 261K Dec 31 1999 libnspr4.so*
-rwx------ 1 flying flying 962K Dec 31 1999 libnss3.so*
-rwx------ 1 flying flying 638K Dec 31 1999 libnssckbi.so*
-rwx------ 1 flying flying 119K Dec 31 1999 libnssdbm3.so*
-rwx------ 1 flying flying 163K Dec 31 1999 libnssutil3.so*
-rwx------ 1 flying flying 23K Dec 31 1999 libplc4.so*
-rwx------ 1 flying flying 15K Dec 31 1999 libplds4.so*
-rwx------ 1 flying flying 139K Dec 31 1999 libsmime3.so*
-rwx------ 1 flying flying 228K Dec 31 1999 libsoftokn3.so*
-rwx------ 1 flying flying 227K Dec 31 1999 libssl3.so*
-rwx------ 1 flying flying 80M Dec 31 1999 libxul.so*
-rw------- 1 flying flying 9.4M Dec 31 1999 omni.ja
-rw------- 1 flying flying 48 Dec 31 1999 platform.ini
-rwx------ 1 flying flying 263K Dec 31 1999 plugin-container*
-rw------- 1 flying flying 99K Dec 31 1999 precomplete
-rw------- 1 flying flying 707 Dec 31 1999 removed-files
-rwx------ 1 flying flying 8.8K Dec 31 1999 run-mozilla.sh*
-rwx------ 1 flying flying 13K Dec 31 1999 start-tor-browser*
-rwx------ 1 flying flying 1.7K Dec 31 1999 start-tor-browser.desktop*
drwx------ 1 flying flying 42 Feb 1 11:59 TorBrowser/
-rwx------ 1 flying flying 126K Dec 31 1999 updater*
-rw------- 1 flying flying 689 Dec 31 1999 updater.ini
-rw------- 1 flying flying 138 Dec 31 1999 update-settings.ini
drwx------ 1 flying flying 38 Jan 30 16:11 webapprt/
-rwx------ 1 flying flying 147K Dec 31 1999 webapprt-stub*
[[email protected] torBrowser]$

Create Desktop For GNOME

如果要在GNOME中爲Tor Browser創建快捷圖標,可通過在目錄/usr/share/applications/中創建.desktop文件實現。

start-tor-browser.desktop

查看啓動腳本start-tor-browser.desktop,內容如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/usr/bin/env ./Browser/execdesktop
#
# This file is a self-modifying .desktop file that can be run from the shell.
# It preserves arguments and environment for the start-tor-browser script.
#
# Run './start-tor-browser.desktop --help' to display the full set of options.
#
# When invoked from the shell, this file must always be in a Tor Browser root
# directory. When run from the file manager or desktop GUI, it is relocatable.
#
# After first invocation, it will update itself with the absolute path to the
# current TBB location, to support relocation of this .desktop file for GUI
# invocation. You can also add Tor Browser to your desktop's application menu
# by running './start-tor-browser.desktop --register-app'
#
# If you use --register-app, and then relocate your TBB directory, Tor Browser
# will no longer launch from your desktop's app launcher/dock. However, if you
# re-run --register-app from inside that new directory, the script
# will correct the absolute paths and re-register itself.
#
# This file will also still function if the path changes when TBB is used as a
# portable app, so long as it is run directly from that new directory, either
# via the shell or via the file manager.
[Desktop Entry]
Type=Application
Name=Tor Browser Setup
GenericName=Web Browser
Comment=Tor Browser is +1 for privacy and -1 for mass surveillance
Categories=Network;WebBrowser;Security;
Exec=sh -c '"$(dirname "$*")"/Browser/start-tor-browser --detach || ([ ! -x "$(dirname "$*")"/Browser/start-tor-browser ] && "$(dirname "$*")"/start-tor-browser --detach)' dummy %k
X-TorBrowser-ExecShell=./Browser/start-tor-browser --detach
Icon=web-browser
StartupWMClass=Tor Browser

根據該文件中的內容創建定製化的.desktop文件

Custom Create torbrowser.desktop

Tor Browser的logo圖片可下如下路徑中找到

1
2
3
#cd /opt/torBrowser/
./Browser/browser/chrome/icons/default
./Browser/browser/icons/mozicon128.png

須將logo圖片複製或創建符號鏈接至路徑/usr/share/pixmaps/

執行如下命令創建定製化的.desktop文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[[ -f /usr/share/pixmaps/torbrowser.png ]] && sudo rm -f /usr/share/pixmaps/torbrowser.png
sudo cp -a /opt/torBrowser/Browser/browser/chrome/icons/default/default48.png /usr/share/pixmaps/torbrowser.png
sudo tee /usr/share/applications/torbrowser.desktop <<-'EOF'
[Desktop Entry]
Encoding=UTF-8
Name=Tor Browser
GenericName[en]=Web Browser
Comment=Tor Browser is +1 for privacy and -1 for mass surveillance
Type=Application
Categories=Network;WebBrowser;Security;
Exec=/opt/torBrowser/Browser/start-tor-browser %u
Icon=torbrowser.png
Terminal=false
StartupWMClass=Tor Browser
MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;
EOF

Applications -> Internet 中即可看到Tor Browser的圖標,點擊該圖標可正常啓動Tor Browser。

連接到Tor Network需要一段時間,請耐心等待。

連接成功後,可通過如下地址檢測Tor瀏覽器是否正常工作

1
https://check.torproject.org/

Setting Custom Bridge

Tor Bridges Configuration 設置過程中,可配置custom bridges。具體解釋說明見官方文檔 Tor: Bridges

custom bridges可通過如下鏈接獲取

1
2
3
https://bridges.torproject.org
https://bridges.torproject.org/options

也可通過給bridges@bridges.torproject.org發送題爲 get bridges 的郵件獲取,但只支持Gmail,Riseup,Yahoo。

You can also get bridges by sending mail to [email protected] with the line “get bridges” by itself in the body of the mail. You’ll need to send this request from a Gmail, Riseup!, or Yahoo! account, though — we only accept these providers because otherwise we make it too easy for an attacker to make a lot of email addresses and learn about all the bridges. – https://www.torproject.org/docs/bridges.html.en#FindingMore

獲取到的custom bridges格式如下

1
2
3
4
5
6
7
8
9
#type 1
23.229.18.162:8584 107316EC0170228DADE8F5FD521B4987FB0C93A8
13.54.46.194:8443 A9B168022DDF6B0AA7D728CD233C6E42617A58C0
91.219.68.181:443 53935564E40B358BADDF9169ABBDEDB237C7EA59
#type2
obfs4 89.177.136.11:45423 9CD55E88DA7B9D861EEFB6156D74E369BF964C70 cert=LjPVCVAsil6PFjaa8/VbfcMQ90I33NN5H1KIgVgSbdp1zICsX6LG8PTD9Q+21/yIYYq8Qg iat-mode=0
obfs4 37.218.246.32:33081 B9B43048D75BF880DCC25606B0E10CFCDEDCB161 cert=ZnlWh5pqbNzc4HOON0rDQ+t+6a42FustCCJx45iKRLTLl/JKytbyK4ccQItjoZ86yV2MMA iat-mode=0
obfs4 185.101.218.42:41758 E3BBFDD00B287113C7A1EB2A2C2EC1D9D6A80218 cert=ePT0ASv45frcpQ9pSzQ3Ae/wNMufga/x5jGdqdZpLGLbHdYKm3s5QQGhPkQKivRwz/Csfg iat-mode=0

在如下文本框中填寫即可

Snapshots About Anonymous Connection

此處使用本地代理連接成功,以下是操作過程截圖

Network Setting

Tor Bridge Connection

Local Proxy Connection

Connecting To The Tor Network

Welcome Page

IP Status

References

Bibliography

Change Logs

  • 2016.12.22 17:24 Thu Asia/Shanghai
    • 初稿完成
  • 2017.02.03 15:02 Fri America/Boston
    • 添加custom bridges配置