Can you tell me how I can use GNU/Linux utilities (curl, wget) to download the latest available version of the tor browser?
You can use wget, cURL to simply get this file: https://www.torproject.org/dist/torbrowser/11.0.14/tor-browser-linux64-11.0.14_en-US.tar.xz (11.0.14 is the latest version and I am using en-US as the locale for this example. More generic url for this will be: https://www.torproject.org/dist/torbrowser/$version/tor-browser-linux64-$version_$locale.tar.xz where you will have to provide the current version and locale of your choice).
To further automate this process you can use something like jq to query this file: https://aus1.torproject.org/torbrowser/update_3/release/downloads.json. This json page contains the information for the latest version of Tor Browser available (the built-in auto update mechanism of Tor Browser also happens to check this for updates).
This quick and dirty script should always download the latest Tor Browser for 64-bit Linux along with the signature file …
#!/bin/sh
version="$(curl -s https://aus1.torproject.org/torbrowser/update_3/release/downloads.json | jq -r ".version")"
locale="en-US" # mention your locale. default = en-US
wget -cv "https://www.torproject.org/dist/torbrowser/"$version"/tor-browser-linux64-"$version"_"$locale".tar.xz"
wget -cv "https://www.torproject.org/dist/torbrowser/"$version"/tor-browser-linux64-"$version"_"$locale".tar.xz.asc"
2 Likes
Thank you very much. It looks like these resources are blocked for me 
--2022-06-11 08:40:36-- https://www.torproject.org/dist/torbrowser//tor-browser-linux64-_en-US.tar.xz
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving www.torproject.org (www.torproject.org)... 188.186.146.207, 2a01:54e0:fb00::301
Connecting to www.torproject.org (www.torproject.org)|188.186.146.207|:443... connected.
GnuTLS: Error in the pull function.
Unable to establish SSL connection.
--2022-06-11 08:40:43-- https://www.torproject.org/dist/torbrowser//tor-browser-linux64-_en-US.tar.xz.asc
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving www.torproject.org (www.torproject.org)... 188.186.146.207, 2a01:54e0:fb00::301
Connecting to www.torproject.org (www.torproject.org)|188.186.146.207|:443... connected.
GnuTLS: Error in the pull function.
Unable to establish SSL connection.
How can I use mirrors for these resources in the script?
Unfortunately, I get the same result…
I checked all the https-enabled links from this list that I could open in firefox. All nine gave this output
--2022-06-11 10:08:36-- https://mirror.oldsql.cc/tor/dist/torbrowser//tor-browser-linux64-_en-US.tar.xz
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving mirror.oldsql.cc (mirror.oldsql.cc)... 37.187.101.179, 2001:41d0:a:25b3::1
Connecting to mirror.oldsql.cc (mirror.oldsql.cc)|37.187.101.179|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2022-06-11 10:08:37 ERROR 404: Not Found.
--2022-06-11 10:08:37-- https://mirror.oldsql.cc/tor/dist/torbrowser//tor-browser-linux64-_en-US.tar.xz.asc
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving mirror.oldsql.cc (mirror.oldsql.cc)... 37.187.101.179, 2001:41d0:a:25b3::1
Connecting to mirror.oldsql.cc (mirror.oldsql.cc)|37.187.101.179|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2022-06-11 10:08:37 ERROR 404: Not Found.
And judging by the link from the request, we can conclude that it is not possible to figure out the version.
--2022-06-11 08:40:36-- https://www.torproject.org/dist/torbrowser//tor-browser-linux64-_en-US.tar.xz
This means that the first link in the script is blocked for me… Does it have mirrors?
you have to install jq, otherwise the script does not work
The script will not work even with jq (which is installed) because the page https://aus1.torproject.org/torbrowser/update_3/release/downloads.json is not available.
Another place you can look for the latest available version of Tor Browser is https://gitlab.torproject.org/tpo/web/tpo/-/raw/main/databags/versions.ini
Give a try to this mirror as well: https://tor.calyxinstitute.org/download/
If none of this works and all of these sites are blocked I am not sure we can do this on the command line. In that case, you can download Tor Browser via GetTor.
We can get the version directly from Tor Project | Download or any other unlocked mirror.
#!/bin/sh
version="$(curl -s https://mirror.oldsql.cc/tor/download/ | grep -o -E -m 1 "dist/torbrowser/([^/]+)/tor-browser-linux64-" | cut -c 17-23)"
locale="en-US" # mention your locale. default = en-US
wget -cv "https://mirror.oldsql.cc/tor/dist/torbrowser/"$version"/tor-browser-linux64-"$version"_"$locale".tar.xz"
wget -cv "https://mirror.oldsql.cc/tor/dist/torbrowser/"$version"/tor-browser-linux64-"$version"_"$locale".tar.xz.asc"
There’s just a bit of tweaking left, adding automatic verification of available mirrors and signature verification. Thank you very much!
2 Likes
This topic was automatically closed 2 hours after the last reply. New replies are no longer allowed.
Do have a look into the torbrowser-launcher project.
Adding the following lines to the script should do the trick…
gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org
gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290
gpgv --keyring ./tor.keyring tor-browser-linux64-"$version"_"$locale".tar.xz.asc tor-browser-linux64-"$version"_"$locale".tar.xz
# Ask the user to verify that they received "Good signature from Tor Browser Developers (signing key) <torbrowser@torproject.org>" in the output
read -p "Was this a good signature (y/n)? " resp
if [ "$resp" = "y" ] || [ "$resp" = "Y" ]; then
tar -xf tor-browser-linux64-"$version"_"$locale".tar.xz
rm -rf tor-browser-linux64-"$version"_"$locale".tar.xz
cd tor-browser_"$locale"
./start-tor-browser.desktop --register-app
else
echo "The signature has not been verified. Aborting installation." && exit
fi
3 Likes