Delivery-Date: Sun, 18 Jan 2015 18:23:49 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	FROM_LOCAL_NOVOWEL,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DC64E1E0AD0
	for <archiver@seul.org>; Sun, 18 Jan 2015 18:23:47 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7E61632EF7;
	Sun, 18 Jan 2015 23:23:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3802032D21
 for <tor-talk@lists.torproject.org>; Sun, 18 Jan 2015 23:23:38 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 8oRv1ZJdAEkZ for <tor-talk@lists.torproject.org>;
 Sun, 18 Jan 2015 23:23:38 +0000 (UTC)
Received: from mail.bitmessage.ch (mail.bitmessage.ch [146.228.112.252])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id C412332AA0
 for <tor-talk@lists.torproject.org>; Sun, 18 Jan 2015 23:23:37 +0000 (UTC)
dkim-signature: v=1; a=rsa-sha256; d=bitmessage.ch; s=mail;
 c=relaxed/relaxed; q=dns/txt;
 h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
 bh=Bul9pTxPy9CYs99VG1P+CdjUwaxhAWzr5smmQ3EFrMk=;
 b=CG/G7GJfJQnsBpccg2vMC/H1dihnonrRs8K57RNEjqwhvJwH7qZeDa/R60BnJoGJdtguhyT8YfH65u8uI9OhoUI51UPTL7cYJUNgAsPgOog6WEVtYcMeN0xfryDrywcOV2JVetJjqE0/MtuJ78ypowLTdudJF8vGw57tqWHN3LM=
Received: from localhost (exit1.torproxy.org [89.187.142.208])
 by mail.bitmessage.ch with ESMTPSA
 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128)
 ; Mon, 19 Jan 2015 00:23:21 +0100
Message-ID: <E42512B2-FB67-4222-AE0B-C6D1B02DEBB8@mail.bitmessage.ch>
Date: Sun, 18 Jan 2015 18:23:29 -0500
From: <BM-2cTjsegDfZQNGQWUQjSwro6jrWLC9B3MN3@bitmessage.ch>
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
Subject: [tor-talk] force apt-get & yum updates through tor?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

I'm wondering what the best way to force yum and apt-get through tor
is, in fedora 21 and debian 7.7 respectivly. Are any of the following
least likely to produce dns or other leaks, or considered safest?

In fedora, I see several options for forcing yum through tor:

OPTION 1: (appears to work)
sudo nano /etc/yum.conf
ADD THIS: proxy=socks5://127.0.0.1:9050
Use yum normally...is this likely to leak anything, dns perhaps?

OPTION 2: (safest?)
sudo torsocks yum ...
This seems to work, though produces lots of this error at the command
line: WARNING torsocks[12367]: [syscall] Unsupported syscall number 191.
Denying the call (in tsocks_syscall() at syscall.c:165). Is this a
concern or just noise?

OPTION 3: setup privoxy with tor, direct yum through privoxy

OPTION 4: specify tor-ip:port as socks_proxy enviornment variable

OPTION 5: 
proxy3 recommended here, though I don't see why this isn't just less
clean:
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc


For debian 7.7, the only one that seems to actually force apt-get
through tor is torsocks

OPTION 1: 
sudo nano /etc/apt/apt.conf
ADD THIS: Acquire::socks::proxy "socks5://127.0.0.1:9150";
When using apt-get as normal, debian ignores this and skips tor

OPTION 2: 
sudo socks_proxy=socks5://127.0.0.1:9150 apt-get update
Debian ignores this too.

OPTION 3: (the only one that works)
sudo torsocks agt-get ...
Appears to work and produces no errors as it does in fedora 21

OPTION 4: (untested)
privoxy-tor-apt-get

Thanks!

Alternatively, does anyone know a clean way to force all traffic
through tor?

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

