How to run a Tor relay as a student for free

Jan 31, 2021

This post is based on Robert DeVore’s “Run a Tor relay” found here: https://www.robertdevore.com/run-a-tor-relay/

Tor is a service used by thousands of people everyday to access the internet safely and anonymously.

While I have been using Tor for quite some time, it always seemed daunting to help the Tor network by running a relay. Horror stories about getting mail from ISPs relating to the traffic of anonymous users accessing illegal materials masked by your IP.

This is a common misconception that just by running a relay, you run the risk of being targeted by authorities.

Types of Tor relays

Parts of this are abridged from the EFF’s page on Tor relays: https://www.eff.org/pages/what-tor-relay

There are three different types of Tor relays: middle relays, exit relays, and bridges. Each serve an important purpose, however the risk associated with running each type of relay is different.

When a connection is established using Tor, the first two hops are through middle relays. These middle relays help anonymize the the traffic of the user by passing it along to another relay. However, since these relays are not passing traffic into the clearnet, there is very little risk in running a middle relay. The main risk falls upon someone operating an exit relay.

Exit relays act as the source of the traffic, thus when illegal materials are accessed using Tor, the exit relay appears as the source of the request. Exit relays are much harder to operate due to the work required to maintain the relay as it may attract attention from law enforcement agencies.

Bridges are similar to middle relays, however they are not publicly listed as a relay. These relays are important to circumvent censorship tools in countries that restrict access to Tor.

In this guide I will demonstrate how to setup a middle relay.

Accessing the Github Student Pack

If you are not a student, you can skip this portion, however you will have to pay to setup the server that the relay operates from.

Since 2013, Github has provided students with a Student Developer Pack. This amazing program allows for students that sign up for Github with a student email to receive a plethora of free services and software.

All you need to do is navigate to: https://education.github.com/pack

Follow the instructions on the site to get access to your free pack. After this, you want to find the DigitalOcean free credit offer.

Copy and redeem the code on DigitalOcean’s billing page after creating an account.

Creating the Droplet

Once you’ve created your account DigitalOcean will provide you with some options to jumpstart a project. We will ignore this and instead navigate towards the Create Droplet button. You will be taken to a page that provides you with some options for configuring your Droplet.

Droplets are just what DigitalOcean calls their machines

Name your Droplet
Select the $5/month option
Select the New York #3 Region
Select Debian 10.0 x64 for the Droplet Image
Setup a password or SSH key as the login method (I suggest using an SSH key)
Finish creating the Droplet

At this point you should be all done setting up the Droplet!

Turning the Droplet into a Tor Relay

The next step is to SSH into the Droplet using an SSH client if you are on Windows or just from the command line if you are using Linux. (Or if you are using WSL then you fall under both categories. I will write another blog post about how to get setup with WSL and all the things I love about it some other time.)

Grab the IP address of the Droplet you’ve just created and try to login as root. If you have created a password, then you should be prompted to enter that. If you are using an SSH key then you should see some messages that ask you to enter Y/N, just enter Y to continue.

Now we will install Tor and Arm onto this server by typing in:

apt-get install tor tor-arm

It will prompt you again to confirm by entering Y/N, enter Y to continue.

Next we will need to edit some lines in the torrc file, type in:

nano /etc/tor/torrc

This will open the nano editor which allows you to edit the torrc file. Using arrow keys to scroll up and down in this file until you come across the following lines. These lines will be preceded by the # symbol. You will need to remove the # symbol and edit the lines to match the following input. These lines are not grouped together in the torrc file, however I assure you they are all present.

ORPort 443
Exitpolicy reject *.*
Nickname [Pick a nickname for your relay]
ContactInfo [email at provider dot com]
Log notice file /var/log/tor/notices.log
RelayBandwidthRate 1024 KB
RelayBandwidthBurst 1024 KB

Note that the ContactInfo email needs to be obfuscated a little. This is because this email will be publicly listed. Consider making a burner email specifically for this relay as you will not want spam arriving in your daily inbox.

Save and exit the file by pressing Ctrl X then following the prompt at the bottom of the screen.

Next run the command:

service tor restart

This will save the implement the changes you’ve made to the torrc file.

Finally, run:

sudo -u debian-tor nyx

If there have been no issues up until now, you should see some nice readouts showing you traffic coming into your brand new Tor relay.

For the first few days your relay will receive reduced traffic due to the network taking some time to trust new relays.

As a final step to ensure the relay is running you can check the list of Tor relays and search for your Tor relay’s nickname to see if it has been listed and check it’s trust status.

Closing notes

While this guide is mostly beginner friendly, some elements such as setting up SSH keys might not be. I encourage the reader to search a little bit to find out how to configure these things. Most of my work up until now has shown me that almost everything you want to know is out there, you just have to find it.

Big thank you to Robert DeVore’s original article that I based most of this post on. Most of his steps are still perfectly fine, however there were a few things that I wanted to clarify for users which spawned this post (along with the idea that students can essentially host a relay for free).