Building a TOR WLAN AccessPoint

Since a couple of years I am using different distributions of TOR routing packages. I installed TunnelBlick, TOR Browser Bundle and tried to build something different based on a Linux distribution hosted on my VMWare platform.

It was always a little bit difficult. My family did not like those things installed by me and was not very supportive to switch to this kind of anonymous browsing.

Some months ago I saw different articles related to Raspberry Pi which I really liked. Some years ago I created my home automation and watering system based on Arduino and a self developed client server environment with some 10 thousand lines of code for the SQL server, the server and the Arduino environment.

So taking a closer look at the Raspberry was the next thing to find out what you can really use it for. Given my experience with the Arduino I was really surprised about the fact that there is already a Linux distribution available and a lot of projects based on Linux features.

Difference between Arduino and Raspberry

The roots of Arduino and the Raspberry Pi seem to be pretty similar. Both have been developed to make projects as easy as possible.

Bild

The Arduino needs to be loaded with self developed code. It is developed in a java based coding environment, then make a compile step and load it via USB into the NVRAM of the Arduino. The board itself is developed to have as many I/O ports as possible. These ports may be used as digital I/O or analog I/O. Use-cases are switching relays (I do so in my watering environment) , sensors for water, temperature and others. It was designed to operate actors and sensors in art projects.

The Raspberry is more or less used as a micro computer having everything in place what a “big” machine has: USB ports for keyboards and Mouses, HDMI interface for Monitors and an SD Card Slot for storage and booting the OS.

My Own Raspberry Pi Project

When I decided to start with the Raspberry Pi it took me longer time to figure out whether this is a step of improvement for my home IT or is it just another platform.

I believe that a single Raspberry is powerful enough to serve as AccessPoint or work as XMBC Device  but first time that I was really convinced when I saw that the Raspberry can also work in a cluster successfully and it scales excellent.

In different articles I read that the scaling effect of Raspberry Pi is pretty good when up to 50 (the exact number is 48 – don’t ask me why) nodes are clustered.

All the machines that I have in my Home IT environment use on central SAN so that I no not need storage but application servers for eMail,OpenVPN, TOR and MySQl and some other minor applications. Especially for OpenVPN and MySQL I believe that the Raspberry Pi could be a good choice to get rid of the VMWare servers (I want to switch my platform from a DELL server to a MAC OSX server to have more benefits in my home entertainment environment which is dominated by APPLE products).

So let’s start to build the Raspberry TOR AccessPoint. For all of you which are German native speakers you may also want to read the Spiegel Online Posting which is excellent. For all other readers I try to make it as simple as possible. Just to let you know: I am not a Linux expert so bear with me if you feel that you might have more easy or elegant ways to go a certain step.

There are also some sceptic voices I do not want to conceal. The TOR network itself has a good foundation to enable anonymous communication. If you do things wrong you will not be anonymous anymore. Login in to social websites, using eMail and other things might endanger your privacy. The TOR concept itself has also some weaknesses in the exit node. To compromise the exit nodes means eliminating privacy. To be on the safe side it is recommended to use secure exit nodes. A list of those exit nodes is available in the internet. A good article about this issue comes from Mike Kuketz. I will try to find something similar in english and update this posting.

During the project I will fix this issue and define a number of secure exit nodes in the configuration files.

Step 1: Prepare your environment

What you need is a PC or Mac to build your boot device based on an SDHC Card.

I will be using a SanDisk Ultra with 16GB and Speedclass 10. You will find several articles about the influence of the SD card related to the Raspberry Pi so that I do not describe it in detail.

This SDHC card will be prepared with the Linux Distribution coming from Adafruit, called Occidentalis. Please download it here: Occidentalis on Adafruit.

This Linux distribution needs to be written to your SDHC card. For the preparation of  the SDHC card you can use Ray’s installation script or any other tool for your platform described in Adafruit’s article about the preparation of an SDHC card.

Extract Occidentalis and Ray’s script to one single folder – which makes life a lot easier when running the install script later.

Open a terminal window on your mac and go to your directory.

Please make sure to get rid of all devices that you mounted before like software installers and disks you do not need because it makes it easier to find the right device later when you have to select the device to install the Linux distribution on.

Beware: In case you select the wrong disk (eG your Mac startup volume) it will be lost!

You can check upfront in the terminal using the command df -hl 

Bild

which devices are mounted.

Hint: I already gave the SDHC Card a Name to make it better identifiable in the course of the installation process

Step 2: Install the Image

Run the command sudo ./install Occidentalis_v02.img and select the SDHC card you inserted in your cardreader.

Bild

Please be patient – the process takes a couple of minutes to complete.

It is completed when you see the message “All done!“. That’s the point when you already have a full bootable standard Linux for your Raspberry Pi in hands.

I decided to over clock the Raspberry Pi to have a better performance. Some people are writing that this might damage the SDHC card but I decided to ignore this hint. There are tables available for the different values but keep in mind that over clocking means increasing power consumption. If your power supply is weak this may cause instabilities. On certain cases (starting with 950 MHz) you also need to have a 6 V power supply! and set the over_voltage flag.

To over clock the Raspberry Pi you can directly mount the SDHC card again in your Mac and edit the config.txt file in the root partition.

#uncomment to overclock the arm. 700 MHz is the default.
arm_freq=900

I decided to replace the 800 MHz over clock with 900 MHz.  After saving the file please unmount the SDHC card again.

Step 3: Start up the Raspberry for the first time

I do not use an external keyboard or monitor. I just use a ssh connection.

Starting up the Raspberry means plugging in the Micro USB, the SDHC card and the ethernet cable. The Raspberry looks for a DHCP connection.

BildIn the next step you will need to open an SSH connection using the IP address the Raspberry Pi uses. Simply look in the administration console of your DHCP server (usually in home environments your DSL router)  and identify the device called raspberrypi. My Raspberry has the IP address 192.168.1.122 so you will find this IP in the course of the documentation.

Use ssh pi@<IP address> to connect and add the Raspberry Pi to the list of the known hosts by following the questions on your screen.

The default user is pi and the password is raspberry. Please make sure to have it changed asap using the command sudo passwd.

Step 4: Install the TOR package

Next step is to install the TOR environment that comes from Spiegel Online.

Please execute the following lines of code in your ssh console:

git clone https://github.com/spiegelonline/sponionpi.git SPONionPi

cd SPONionPi

sudo sh install.sh

The whole installation takes a longer time – around 45 minutes. You will be asked to reboot the Raspberry Pi by powering off and on again. After that you will have to run again (please be aware that this installation procedure resets the Pi’s password to raspberry) :

cd SPONionPi

sudo sh install.sh

Before doing anything with the card it is recommended to clone the SDHC card to avoid any additional work when misconfiguring  the interface later. Some tutorials how to do that are available in the internet. One is this one.

The commands you need to use are

diskutil list  (assume your SDHC Card is disk4)

sudo dd if=/dev/rdisk4 of=~/Desktop/pi.img bs=1m

You may use the SDHC image installer described in Step 2 to install the clone on a new SDHC card.

After the procedure terminates with success you will have to power off the device and plug in both WLAN adapters and remove the ethernet cable from the device.

After that you need to reconfigure the access point interfacce which is available under https://192.168.99.1 with the login credentials SPONionPi-Tor and spiegelonline.

Please follow the steps described there to modify your installation.

I will update this posting to after my next steps to tailor my Raspberry to meet my requirements including interfaces, Passwords, usernames etc.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s