Tag Archives: cloud

Install Tor using apt-get on ubuntu- trusty 14.x





tor.mrd—/Users/shawnmehan


I went to turn on Tor on an ubuntu-64 “trusty” 14.x guest and ran into problems. There appears to be a bug
that critically affects the traditional methods using gpg, so here is some information on how to avoid this.


Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. There is a very neat Python
controller library for use with Tor called stem.

The problem

To install Tor on an ubuntu, the following instructions can be found:

$ sudo nano /etc/apt/sources.list.d/tor_repo.list

and then add the following lines:

deb http://deb.torproject.org/torproject.org trusty main
deb-src http://deb.torproject.org/torproject.org trusty main

The critical problem then occurs as you try to add the appropriate keyring and key used to sign the packages:


$ gpg –keyserver keys.gnupg.net –recv 886DDD89

$ gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add

There appears to be a bug with gpg and guests involving not correctly resolving DNS for the gpg commands. The symptom that I was getting was

$ gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add –
usage: gpg [options] [filename]
gpg: can't open `–': No such file or directory

The fail in the pipe is due to there not being anything actually exported by gpg. You can test this with:


$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
gpg: WARNING: nothing exported

Solution

So, take another approach. Use different packages to avoid any of this problem.


$ sudo apt-get update

$ sudo apt-get install deb.torproject.org-keyring

$ sudo apt-get install tor

which will get you something like:

The following NEW packages will be installed:
  deb.torproject.org-keyring
0 upgraded, 1 newly installed, 0 to remove and 63 not upgraded.
Need to get 5,268 B of archives.
After this operation, 7,168 B of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
  deb.torproject.org-keyring
Install these packages without verification? [y/N] Y
Get:1 http://deb.torproject.org/torproject.org/ trusty/main deb.torproject.org-keyring all 2014.08.31+b1 [5,268 B]
Fetched 5,268 B in 0s (22.3 kB/s)                     
Selecting previously unselected package deb.torproject.org-keyring.
(Reading database ... 128038 files and directories currently installed.)
Preparing to unpack .../deb.torproject.org-keyring_2014.08.31+b1_all.deb ...
Unpacking deb.torproject.org-keyring (2014.08.31+b1) ...
Setting up deb.torproject.org-keyring (2014.08.31+b1) ...
OK

and

    The following extra packages will be installed:
  libseccomp2 tor-geoipdb torsocks
Suggested packages:
  mixmaster torbrowser-launcher socat tor-arm apparmor-utils obfsproxy
  obfs4proxy
The following NEW packages will be installed:
  libseccomp2 tor tor-geoipdb torsocks
0 upgraded, 4 newly installed, 0 to remove and 63 not upgraded.
Need to get 1,707 kB of archives.
After this operation, 8,053 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
WARNING: The following packages cannot be authenticated!
  tor tor-geoipdb
Install these packages without verification? [y/N] Y
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libseccomp2 amd64 2.1.0+dfsg-1 [34.8 kB]
Get:2 http://deb.torproject.org/torproject.org/ trusty/main tor amd64 0.2.7.6-1~trusty+1 [1,024 kB]
Get:3 http://archive.ubuntu.com/ubuntu/ trusty/universe torsocks amd64 1.3-3 [73.0 kB]
Get:4 http://deb.torproject.org/torproject.org/ trusty/main tor-geoipdb all 0.2.7.6-1~trusty+1 [575 kB]
Fetched 1,707 kB in 2s (749 kB/s)
Selecting previously unselected package libseccomp2:amd64.
(Reading database ... 128043 files and directories currently installed.)
Preparing to unpack .../libseccomp2_2.1.0+dfsg-1_amd64.deb ...
Unpacking libseccomp2:amd64 (2.1.0+dfsg-1) ...
Selecting previously unselected package tor.
Preparing to unpack .../tor_0.2.7.6-1~trusty+1_amd64.deb ...
Unpacking tor (0.2.7.6-1~trusty+1) ...
Selecting previously unselected package torsocks.
Preparing to unpack .../torsocks_1.3-3_amd64.deb ...
Unpacking torsocks (1.3-3) ...
Selecting previously unselected package tor-geoipdb.
Preparing to unpack .../tor-geoipdb_0.2.7.6-1~trusty+1_all.deb ...
Unpacking tor-geoipdb (0.2.7.6-1~trusty+1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
Setting up libseccomp2:amd64 (2.1.0+dfsg-1) ...
Setting up tor (0.2.7.6-1~trusty+1) ...
Something or somebody made /var/lib/tor disappear.
Creating one for you again.
Something or somebody made /var/log/tor disappear.
Creating one for you again.
 * Starting tor daemon...                                                                                                                  [ OK ] 
Setting up torsocks (1.3-3) ...
Processing triggers for ureadahead (0.100.0-16) ...
Setting up tor-geoipdb (0.2.7.6-1~trusty+1) ...
Processing triggers for libc-bin (2.19-0ubuntu6.6) ...

Now you have Tor installed, just start it.


$ sudo /etc/init.d/tor start

Starting tor daemon...

It also appears that there is some confusion as to the defaul port the service is running on. I found it to be running on 9050, not 9150 as some
articles are reporting. I haven’t yet found an easy way to determine this but trial-and-error proved it to be true.


AWS re:Invent keynote has S3 and Redshift surprises

Sitting here at the first [Amazon](http://www.amazon.com) [AWS](http://aws.amazon.com/) conference, re:Invent, I listened to the keynote this a.m. from Andy Jassy, SVP for AWS. Besides an overenthusiastic JPL scientist making melodrama that would have made a soap opera director blush, he had a couple of interesting things to say about AWS. Continue reading AWS re:Invent keynote has S3 and Redshift surprises

Facedeals stirring up privacy concerns

[Facedeals](http://redpepperland.com/lab/details/facedeals) has been getting attention lately for a new technology that uses FB data to match video of customers coming into shops and determine identity and likes, then send customers contextualized coupons for that store. There are many concerns coming from privacy advocates and even FB is keeping silent on this. Continue reading Facedeals stirring up privacy concerns

Run down on current cloud based IAM standards

There has been some activity on cloud based IAM lately, most recently with the release of the new Intel Cloud based IAM solution. It looks pretty expensive for high volumes, but it might make sense for something that has total cost recovery or for small, elastic groups of transitory users. In HE, I am thinking about alumni or prospective students specifically. But in addition to writing about this, I wanted to make an updated rundown on the standards, since there is now movement on SCIM. Continue reading Run down on current cloud based IAM standards

ID provisioning with clouds

The architectural ideal is to have a single source of authority for identity and AuthN/Z claims, hopefully based on something nice and open like LDAP. Then we began to see lots of federated identity solutions entering with SAML type federations. This, and SaaS solutions in the cloud take us back to the days of multiple identity silos maintaining duplicate (at least partially) records of identity. SaaS providers even see this identity that they maintain as a business asset with which they can create stickiness with their platforms. Questions arise in terms of comparisons of internal provisioning with cloud use models, typical workflows and functions required for cloud provisioning, synch of id profiles and attrs, and what motivates SaaS providers in terms of identity stores. Continue reading ID provisioning with clouds

SAS 70 -> SSAE 16 – What does it impact?

As you probably know, there is a new specification for the security audit. It
was [SAS 70](http://en.wikipedia.org/wiki/Statement_on_Auditing_Standards_No._70:_Service_Organizations), but is now [SSAE 16](http://www.aicpa.org/Research/Standards/AuditAttest/Pages/SSAE.aspx). This is an important consideration if you are consuming a service from someone else, or if you provide a service to someone. Somewhere in that mix, if you have auditors, you are going to run into the new SSAE 16. Continue reading SAS 70 -> SSAE 16 – What does it impact?