1. Enable Automatic Software Updates
One of the most important things to keep your relay secure is to install security updates timely and ideally automatically so you can not forget about it.
Follow the instructions to enable automatic software updates for your operating system.
2. Package installation
Recent OpenBSD systems, since 6.5, already have the repository configured on
/etc/installurl so we do not need to bother changing it.
If that's not your case, please adjust the
installurl configuration file like this:
# echo "https://cdn.openbsd.org/pub/OpenBSD" > /etc/installurl
pkg_add to install the package:
# pkg_add tor
3. Configuration file
Put the configuration file
/etc/tor/torrc in place:
Nickname myNiceRelay # Change "myNiceRelay" to something you like
ContactInfo your@e-mail # Write your e-mail and be aware it will be published
ORPort 443 # You might use a different port, should you want to
Log notice syslog
By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process.
For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised.
Append the following section to
OpenBSD also stores a kernel-level file descriptor limit in the sysctl variable
Increase it from the default of 7030 to 16000:
# echo "kern.maxfiles=16000" >> /etc/sysctl.conf
# sysctl kern.maxfiles=16000
5. Start the service
Here we set
tor to start during boot and call it for the first time:
# rcctl enable tor
# rcctl start tor
To apply our raised open files limits, make sure to start tor with
6. Final Notes
Latest version of tor will be made avaliable as package for the most recent OpenBSD release and OpenBSD -current(development snapshot), therefore, remember to upgrade OpenBSD on time and configure automatic software updates.
If you are having trouble setting up your relay, have a look at our help section.
If your relay is now running, check out the post-install notes.