diff options
| author | Roger Dingledine <arma@torproject.org> | 2009-04-12 06:45:46 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2009-04-12 06:45:46 +0000 |
| commit | 115474a44ebd5cdd12eee315a3d6c93301631277 (patch) | |
| tree | 27b12c1c494756679cb4aba38c80ff7b4e2be82e | |
| parent | c024928b63ac41d722d5dd8b8ef7a305ca10fae2 (diff) | |
| download | tor-115474a44ebd5cdd12eee315a3d6c93301631277.tar.gz tor-115474a44ebd5cdd12eee315a3d6c93301631277.zip | |
put HashedControlPassword and CookieAuthentication explicitly in the
torrc.sample.in, so unix people don't shoot themselves in the foot.
svn:r19304
| -rw-r--r-- | src/config/torrc.sample.in | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in index a07d3e21ca..d0b1ee1591 100644 --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in @@ -1,5 +1,5 @@ ## Configuration file for a typical Tor user -## Last updated 30 January 2009 for Tor 0.2.1.12-alpha. +## Last updated 12 April 2009 for Tor 0.2.1.14-rc. ## (May or may not work for much older or much newer versions of Tor.) ## ## Lines that begin with "## " try to explain what's going on. Lines @@ -53,6 +53,10 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost ## The port on which Tor will listen for local connections from Tor ## controller applications, as documented in control-spec.txt. #ControlPort 9051 +## If you enable the controlport, be sure to enable one of these +## authentication methods, to prevent attackers from accessing it. +#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C +#CookieAuthentication 1 ############### This section is just for location-hidden services ### @@ -76,7 +80,7 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost ## Required: what port to advertise for incoming Tor connections. #ORPort 9001 -## If you need to listen on a port other than the one advertised +## If you want to listen on a port other than the one advertised ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the ## line below too. You'll need to do ipchains or other port forwarding ## yourself to make this work. @@ -85,7 +89,8 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost ## A handle for your relay, so people don't have to refer to it by key. #Nickname ididnteditheconfig -## The IP or FQDN for your relay. Leave commented out and Tor will guess. +## The IP address or full DNS name for your relay. Leave commented out +## and Tor will guess. #Address noname.example.com ## Define these to limit how much relayed traffic you will allow. Your @@ -104,14 +109,14 @@ SocksListenAddress 127.0.0.1 # accept connections only from localhost ## Uncomment this to mirror directory information for others. Please do ## if you have enough bandwidth. #DirPort 9030 # what port to advertise for directory connections -## If you need to listen on a port other than the one advertised +## If you want to listen on a port other than the one advertised ## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line ## below too. You'll need to do ipchains or other port forwarding yourself ## to make this work. #DirListenAddress 0.0.0.0:9091 ## Uncomment to return an arbitrary blob of html on your DirPort. Now you ## can explain what Tor is if anybody wonders why your IP address is -## contacting them. +## contacting them. See contrib/tor-exit-notice.html for a sample. #DirPortFrontPage /etc/tor/exit-notice.html ## Uncomment this if you run more than one Tor relay, and add the identity |