Tor can be configured with pluggable transport modules - amongst which, the ability to use obfuscated bridges that have the capability of obfuscating tor traffic such that an upstream ISP will only see random traffic instead of Tor traffic. The current effort is to bypass the Great Firewall of China (GCF), although it can have its applications in other states practicing mass surveillance of its citizens.
You can always build all the necessary packages from source, but it is usually more convenient to rely on a managed distribution such as Red Hat or Debian to get pre-compiled packages. You will need to locate the packages:
via your distribution's package manager and install them.
Tor supports several types of obfuscated bridges - this tutorial will settle for
obfs4. In order to use
obfs4 with tor, you will need to get a client transport plugin for
Install the packages:
create a directory for go:
mkdir -p /usr/src/go
and then set the
GOPATH path in your shell:
Change directory to the
GOPATH directory and issue:
go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy
after a while, a binary will be generated at
Copy the binary to
/usr/bin/ next to the standard
cp $GOPATH/bin/obfs4proxy /usr/bin/
and you are done.
It is of course best to find out some private and non-public bridges to use with tor. However, if you are just testing, you can use the bridges provided by the tor project bridge retrieval system.
Compose an E-Mail from either a Google or Yahoo account (otherwise, you will not get a reply) and address it to
email@example.com. The subject can be left blank but the body must contain just the phrase:
get transport obfs4
Within some time you should receive some
So, let me get this straight... You are sending an E-Mail from a Google account because the Tor project claims that Google accounts are less accessible to spammers all the while being aware that Google stores all your private information and thereby is able to link your “real, most likely not a spammer's” identity to the highly private bridges you are going to use?
Alternatively, you can use the tor project website to get bridges.
To configure Tor to use your bridges, edit
/etc/tor/torrc and add the lines:
UseBridges 1 bridge obfs4 184.108.40.206:41826 8C193FFE274CEFA347E45BB1136831359A39AAFE cert=nGDCCQWqeUlQMMyvB8hLxnzAHV6XBffo9vJ0ZuAA+HyJZlLjxgT4Am3psKVCYBcvta/799 iat-mode=0 bridge obfs4 72.237.281.11:58250 4E47E8DA7BAA63E3236A8CE92C92C9E560C79C04 cert=Ju0NexLVeYvXCRAjLfPoY0SQhCWaaCENIdRVMSqO+BcvtYIRUn0CmClGxOPDW1ATn1xnzp iat-mode=0 ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
torto use the supplied bridges.
bridgerepresents a bridge, you should replace everything after
obfs4with your own bridges.
ClientTransportPluginstarts the obfuscation proxy fetched earlier.
tor as usual, and verify that the bootstrap process completed. You should now be able to browse using obfuscated bridges. :-)