aboutsummaryrefslogtreecommitdiff
path: root/share/provision/files
diff options
context:
space:
mode:
Diffstat (limited to 'share/provision/files')
-rw-r--r--share/provision/files/tor-transproxy/etc/tor/torrc4
-rw-r--r--share/provision/files/tor-transproxy/tbb/user.js20
2 files changed, 24 insertions, 0 deletions
diff --git a/share/provision/files/tor-transproxy/etc/tor/torrc b/share/provision/files/tor-transproxy/etc/tor/torrc
index 9e17ea9..2b7369f 100644
--- a/share/provision/files/tor-transproxy/etc/tor/torrc
+++ b/share/provision/files/tor-transproxy/etc/tor/torrc
@@ -177,3 +177,7 @@ WarnPlaintextPorts 23,109
## but we have some code that reads Tor's logs and only supports plaintext
## log files at the moment, so let's keep logging to a file.
Log notice file /var/log/tor/log
+
+# WARNING: Hashed empty password, useful for a box with only a single user running Tor Browser
+# using the system-installed tor daemon and with sane firewall rules set.
+HashedControlPassword 16:756491A440833A1B609F2CCC095BFD2769A1634B4BEC4214BAA9E20629
diff --git a/share/provision/files/tor-transproxy/tbb/user.js b/share/provision/files/tor-transproxy/tbb/user.js
new file mode 100644
index 0000000..f8d9c0d
--- /dev/null
+++ b/share/provision/files/tor-transproxy/tbb/user.js
@@ -0,0 +1,20 @@
+// Preferences for system-installed Tor Browser
+// Needs either
+//
+// * Setting TOR_CONTROL_PASSWORD at ~/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/start-tor-browser
+// * Passing TOR_CONTROL_PASSWORD to start-tor-browser via the command line
+//
+// See https://trac.torproject.org/projects/tor/wiki/TorBrowserBundleSAQ
+//
+user_pref("network.security.ports.banned", "9050,9052");
+user_pref("network.proxy.socks", "127.0.0.1");
+user_pref("network.proxy.socks_port", 9050);
+user_pref("extensions.torbutton.inserted_button", true);
+user_pref("extensions.torbutton.launch_warning", false);
+user_pref("extensions.torbutton.loglevel", 2);
+user_pref("extensions.torbutton.logmethod", 0);
+user_pref("extensions.torlauncher.control_port", 9052);
+user_pref("extensions.torlauncher.loglevel", 2);
+user_pref("extensions.torlauncher.logmethod", 0);
+user_pref("extensions.torlauncher.prompt_at_startup",false);
+user_pref("extensions.torlauncher.start_tor", false);