Delivery-Date: Sun, 18 Jan 2015 19:06:50 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id B364E1E0ADE
	for <archiver@seul.org>; Sun, 18 Jan 2015 19:06:48 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 863E133068;
	Mon, 19 Jan 2015 00:06:45 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3013032FEC
 for <tor-talk@lists.torproject.org>; Mon, 19 Jan 2015 00:06:42 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id FypYIAjaH_VN for <tor-talk@lists.torproject.org>;
 Mon, 19 Jan 2015 00:06:42 +0000 (UTC)
Received: from cagroups.com (cagroups.com [70.33.254.170])
 by eugeni.torproject.org (Postfix) with ESMTP id 1100732FF6
 for <tor-talk@lists.torproject.org>; Mon, 19 Jan 2015 00:06:42 +0000 (UTC)
X-Greylist: delayed 335 seconds by postgrey-1.34 at eugeni;
 Mon, 19 Jan 2015 00:06:42 UTC
Received: from [192.168.0.80] (ip68-230-27-175.ph.ph.cox.net [68.230.27.175])
 by cagroups.com (Postfix) with ESMTPSA id 711D3CCDE
 for <tor-talk@lists.torproject.org>; Sun, 18 Jan 2015 17:01:04 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cagroups.com; s=mail;
 t=1421625664; bh=CSv7L4R4koKmj975Jus6Iau72+xxvOXsCltGDMTovb8=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=W5V7GsMZfg3sUhtyg5aMSKiqDw3/sx6AJNuasFB3C1o3qmtmdHw6qGNbdzIDKvfaO
 VY5CmMgdliv9R1N6WL91v6Wzj7LigVunb6dmrxvzSI8YdS8nwQP3eZWTdth74Ua47w
 bFkZfaah0Cj9Un+/jwLSZZwNkaCABDUDwlPLWUR8=
Message-ID: <54BC4940.1060903@cagroups.com>
Date: Sun, 18 Jan 2015 17:01:04 -0700
From: Thom Miller <thom@cagroups.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Icedove/31.3.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <E42512B2-FB67-4222-AE0B-C6D1B02DEBB8@mail.bitmessage.ch>
In-Reply-To: <E42512B2-FB67-4222-AE0B-C6D1B02DEBB8@mail.bitmessage.ch>
Subject: Re: [tor-talk] force apt-get & yum updates through tor?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>



On 01/18/2015 04:23 PM,
BM-2cTjsegDfZQNGQWUQjSwro6jrWLC9B3MN3@bitmessage.ch wrote:
> I'm wondering what the best way to force yum and apt-get through tor
> is, in fedora 21 and debian 7.7 respectivly. Are any of the following
> least likely to produce dns or other leaks, or considered safest?
> 
> In fedora, I see several options for forcing yum through tor:
> 
> OPTION 1: (appears to work)
> sudo nano /etc/yum.conf
> ADD THIS: proxy=socks5://127.0.0.1:9050
> Use yum normally...is this likely to leak anything, dns perhaps?
> 
> OPTION 2: (safest?)
> sudo torsocks yum ...
> This seems to work, though produces lots of this error at the command
> line: WARNING torsocks[12367]: [syscall] Unsupported syscall number 191.
> Denying the call (in tsocks_syscall() at syscall.c:165). Is this a
> concern or just noise?
> 
> OPTION 3: setup privoxy with tor, direct yum through privoxy
> 
> OPTION 4: specify tor-ip:port as socks_proxy enviornment variable
> 
> OPTION 5: 
> proxy3 recommended here, though I don't see why this isn't just less
> clean:
> https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc

I'm using your OPTION 3 on a Debian Wheezy system and it's working for
me. I sometimes get a bad package (didn't download properly) and I have
to remove it and re-download it.

> Alternatively, does anyone know a clean way to force all traffic
> through tor?
> 
I run hidden services in a VM with no internet access, and route apt-get
through privoxy on a separate VM. Seems to work well for me.

-Thom
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

