/etc/tor/torsocks.conf不工作

Question

我试图使用/etc/ tor /torsocks.conf文件中的SOCKS5Username和SOCKS5Password字段激活tor安装的用户名和密码验证。在配置更改之后，我重新启动了服务，并检查它是否真的重新启动。但在我的机器上，没有用户名和密码，tor仍然可用。

我在EPEL回购公司安装了Tor。有关安装的更多信息：

Installed Packages
Name        : tor
Arch        : x86_64
Version     : 0.2.7.6
Release     : 5.el7


Current OS
CentOS Linux release 7.2.1511 (Core)


Tor Configuration
[root@torproxy ~]# cat /etc/tor/torsocks.conf | grep -v "^#"
TorAddress curl 10.0.0.43
TorPort 18009
OnionAddrRange 127.42.42.0/24
SOCKS5Username test
SOCKS5Password 1234

[root@torproxy ~]# cat /etc/tor/torrc | grep -v "^#"
ControlSocket /run/tor/control
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFile /run/tor/control.authcookie
CookieAuthFileGroupReadable 1
SOCKSPort 10.0.0.43:18009
SOCKSPolicy accept *

Answer 1

Tor实际上并不试图验证SOCKS客户端提供给它的身份验证信息。它可以完全未经身份验证使用，并且没有强制身份验证的配置。因此，强烈建议不要将SOCKS端口公开到任何您不希望直接连接到它的IP地址。

从手册页：

       NOTE: Although this option allows you to specify an IP address
       other than localhost, you should do so only with extreme caution.
       The SOCKS protocol is unencrypted and (as we use it)
       unauthenticated, so exposing it in this way could leak your
       information to anybody watching your network, and allow anybody to
       use your computer as an open proxy.

Tor对身份验证信息所做的是流隔离。可以将Tor配置为使用完全不同的电路对具有不同凭据的客户端进行“身份验证”。

       IsolateSOCKSAuth
           Don’t share circuits with streams for which different SOCKS
           authentication was provided. (On by default; you can disable it
           with NoIsolateSOCKSAuth.)