I am trying to do some research for my school thesis related to the Tor network, and I need to specify and use only one guard relay that I own while using the Tor browser. I tried to specify it with the EntryNodes option in torcc config file, but with no success. Because my relay is new (47 hours now), it’s not yet relaying traffic, therefore I tried to connect to any other guard node, just to confirm that this option is possible. I tried to use an IP address of one relay, the IP addresses of 20 TOP relays, and one or more fingerprints of relays, but no circuits were created. I for example tried:
Circuits were only created in case I used country code in the EntryNodes option, such as EntryNodes {ca}.
I also tried MiddleNodes and ExitNodes options with specific IP addresses of relays and as well with fingerprints of these relays - everything worked fine and circuits were created, so I do not understand what might be the problem with the EntryNodes option. After every restart of the Tor process, according to the Nyx tool, it gets bootstrapped to 75%, then continuously print
Failed to find node for hop #1 of our path. Discarding this circuit.
I tried to turn on as much debug info as possible, but could not understand anything more than the path creation is not possible. I even tried to create circuits with no configuration, then take used guard nodes from created circuits and put their IP address in the EntryNodes option, but no circuits were created after the restart of the Tor process, so I don’t really understand what might be the problem. The option to specify entry nodes with fingerprints is stated in Tor documentation, and I have also found a few similar examples on the internet, so it should be possible. My Tor version is 0.4.7.12 and I am using the flatpack version tor browser (was not able to install the normal version due to an installation error) on Fedora 34.
I’m not sure why EntryNodes won’t work for you. I tried with the fingerprint you provided and it connected fine, however I do get the same error message when forcing the use of a non guard node via EntryNodes.
One thing you can do instead is to tell tor to connect to your relay as a vanilla bridge, for instance with the fingerprint you provided:
There shouldn’t be much difference between using some relay as a guard or a vanilla bridge.
I suppose your relay is instrumented in some way to help you gather what you need, and that’s why you want to force using it. Please be very mindful with anything you might gather, make sure to read this page about research safety, and as much as possible, use a test network instead of the public Tor network.
Hi, thank you for your response.
Unfortunately, neither your solution is working for me - the Bridge option gets deleted from the torrc file after the start of the tor browser (the browser was turned off while editing). It’s pretty strange behavior and I was wondering if it could be related to the browser itself, or maybe to the fact that the version I am using is from flathub. I tried to modify not the browser’s config file, but the one for the tor process itself (/etc/tor/torrc), and to my surprise, everything worked as it should, but I got a little confused there. What is the difference between these two config files and why both of them allowed me to use the EntryNodes option? Is the Tor browser using its own tor process? Is there any possibility that I can make the Tor browser use the tor process where the EntryNodes option worked? The EntryNodes option in the /etc/tor/torrc file does not seem to affect the function of the tor browser.
Bridge option gets deleted from the torrc file after the start of the tor browser
Yeah, if you use TorBrowser, you should add the bridge line by going on about:preferences#connection. I’m not sure what the exact rules about how TorBrowser modify the torrc are, I’m always a bit confused by what it override and what it does not.
What is the difference between these two config files and why both of them allowed me to use the EntryNodes option? Is the Tor browser using its own tor process?
TorBrowser does use its own tor process, so the difference is which tor will read it, the tor you installed on your system, or the tor shipped with TorBrowser. If your experimentation does not require TorBrowser, I suggest you don’t use the tor shipped with TorBrowser as it is managed by TorBrowser and will probably be reconfigured in ways you don’t expect.
Is there any possibility that I can make the Tor browser use the tor process where the EntryNodes option worked?
There are a bunch of environment variable that allows to change how TB starts and connect to tor. Afaik they are not documented. Those that could be useful to you are probably TOR_SKIP_LAUNCH=1, TOR_SOCKS_PORT=9050, TOR_SKIP_CONTROLPORTTEST=1 and/or TOR_CONTROL_PORT=9051. However, again, if you can, it will probably be easier in the long run to not rely on TorBrowser for your experimentation.
The EntryNodes option in the /etc/tor/torrc file does not seem to affect the function of the tor browser.