Sitting in Iran. Trying to circumvent Tor censorship on a postmarketos (alpine aarch64) linux mobile phone.
Might need to install obfs4proxy which is not available as package in alpine.
Where do i find the source files and maybe a writeup on how to build the stuff?
thanks for any hints!
(docker is not an option, since its currently broken)
The obfs4 repository has been cloned and renamed to lyrebird: The Tor Project / Anti-censorship / Pluggable Transports / lyrebird · GitLab
The README there has build instructions, but please let us know here or by opening an issue in that repo if there is missing knowledge as you go through the process 
thanks for the link.
I will make a writeup when finished, so far i can tell:
without tor or vpn running its quite hard the build the stuff… 
../../go/pkg/mod/github.com/refraction-networking/utls@v1.6.3/u_handshake_client.go:15:2: github.com/klauspost/compress@v1.17.4: reading https://proxy.golang.org/github.com/klauspost/compress/@v/v1.17.4.zip: 403 Forbidden
but i will somehow find my ways in manually getting the zip packages…
I need some more help!
finally could build lyrebird.
instructions work well but you need somehow access to a vpn in first place to get all the files, which is actually the problem why i want to install tor, so there it would be nice to get a zip from somewhere or better to have it packed in alpine, or via telegram or packed in a bag of onions on an usb drive in a can of babaganush…i don’t know ¯_( ͡❛ ͜ʖ ͡❛)_/¯
however, i can execute
/usr/local/bin/lyrebird and get
[ERROR]: lyrebird - must be run as a managed transport
so it seems to work.
after adding
ClientTransportPlugin obfs4 exec /usr/bin/lyrebird
to
/etc/tor/torrc
and starting the service with
sudo rc-service tor start
I configure firefox network settings to:
Manual proxy configuration
SOCKS Host 127.0.0.1 Port 9050
Ticked the Proxy DNS when using SOCKS v5
but i dont get any access to the internet like this.
so i stopped tor and started manually with my user,
which throws an error:
Feb 28 21:41:45.375 [warn] Directory /var/lib/tor cannot be read:
Feb 28 21:41:45.375 [warn] Failed to parse/validate config: Couldn't create private data directory "/var/lib/tor"
so i did:
sudo chmod -R a+rw /var/lib/tor
but still no luck.
what am i missing?
Under which user is tor running and is /var/lib/tor owned by that user?
usually with the method mentioned above, i was able to access tor in a free country. so i am not that sure if i have to dig in the ownership stuff… i have more the impression that tor is still blocked resp. detected by my isp.
on an android device orbot did not work for the past two versions, the newest version now works again… can i somehow get infos from there to know what else i have to configure in my mobile alpine linux setup?
btw. tor is run by tor user:
tor 6218 0.0 0.3 27572 23760 ? Ssl Feb28 0:03 /usr/bin/tor -f /etc/tor/torrc --runasdaemon 0
Try setting a different directory with the DataDirectory torrc option to see if that helps. Something like:
DataDirectory /home/user/.tor
Can you share your full torrc config?
Thanks for helping me on this!
the content of /etc/tor/torrc is:
Log notice file /var/log/tor/notices.log
DataDirectory /var/lib/tor
ClientTransportPlugin obfs4 exec /usr/local/bin/lyrebird
when i look into /var/log/tor/notices.log i see that bootstrapping takes 10 minutes and then it times out somehow.
Feb 29 23:04:21.011 [notice] Read configuration file "/etc/tor/torrc".
Feb 29 23:04:21.014 [notice] Opening Socks listener on 127.0.0.1:9050
Feb 29 23:04:21.014 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050
Feb 29 23:04:21.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Feb 29 23:04:21.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Feb 29 23:04:21.000 [notice] Bootstrapped 0% (starting): Starting
Feb 29 23:04:22.000 [notice] Starting with guard context "default"
Feb 29 23:04:23.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
Feb 29 23:04:23.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Feb 29 23:14:24.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay
Feb 29 23:14:25.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done
Feb 29 23:14:25.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
Feb 29 23:14:25.000 [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits
Feb 29 23:14:25.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
Feb 29 23:14:26.000 [notice] Bootstrapped 100% (done): Done
Feb 29 23:15:25.000 [notice] No circuits are opened. Relaxed timeout for circuit 25 (a Unlinked conflux circuit 3-hop circuit in state waiting to see how other guards perform with channel state open) to 60000ms. However, it appears the circuit has timed out anyway.
It looks like you are able to successfully bootstrap your connection. It can take a long time to bootstrap the first time you use it. I see you’re also not using Tor bridges though. To use them, you need to add the following lines to your torrc file:
UseBridges 1
Bridge obfs4 37.218.245.14:38224 D9A82D2F9C2F65A18407B1D2B764F130847F8B5D cert=bjRaMrr1BRiAW8IE9U5z27fQaYgOhX1UCmOpg2pFpoMvo6ZgQMzLsaTzzQNTlm7hNcb+Sg iat-mode=0
The last line is a Bridge line for one of our builtin bridges.
Thanks.
I figured out that when internet is slow, it will timeout so the connection terminates.
Then just retrying several times helps. Since there is no output it makes big sense to watch the log file in realtime as mentioned above.
Also to disable Auto-Suspend on the device, to not loose the connection and start over again
Thanks for the bridge, but this definitely does not work:
Mar 01 11:38:23.000 [warn] Problem bootstrapping. Stuck at 10% (conn_done): Connected to a relay. (unexpected eof while reading; TLS_ERROR; count 1; recommendation warn; host D9A82D2F9C2F65A18407B1D2B764F130847F8B5D at 37.218.245.14:38224)
Mar 01 11:38:23.000 [warn] 1 connections have failed:
Mar 01 11:38:23.000 [warn] 1 connections died in state handshaking (TLS) with SSL state error in HANDSHAKE
Mar 01 11:38:33.000 [warn] Problem bootstrapping. Stuck at 10% (conn_done): Connected to a relay. (unexpected eof while reading; TLS_ERROR; count 2; recommendation warn; host D9A82D2F9C2F65A18407B1D2B764F130847F8B5D at 37.218.245.14:38224)
Mar 01 11:38:33.000 [warn] 2 connections have failed:
Mar 01 11:38:33.000 [warn] 2 connections died in state handshaking (TLS) with SSL state error in HANDSHAKE
Mar 01 11:38:41.000 [warn] Problem bootstrapping. Stuck at 10% (conn_done): Connected to a relay. (unexpected eof while reading; TLS_ERROR; count 3; recommendation warn; host D9A82D2F9C2F65A18407B1D2B764F130847F8B5D at 37.218.245.14:38224)
Mar 01 11:38:41.000 [warn] 3 connections have failed:
Mar 01 11:38:41.000 [warn] 3 connections died in state handshaking (TLS) with SSL state error in HANDSHAKE
i made a howto writeup on postmarketos wiki and talked to some people to ask to have lyrebird in the repo (its too complicated for me to add it to the repo due all the censorship troubles)
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.