Run Tor as a bridge in the Amazon Cloud

by Runa | November 21, 2011

The Tor Cloud project gives you a user-friendly way of deploying bridges to help users access an uncensored Internet. By setting up a bridge, you donate bandwidth to the Tor network and help improve the safety and speed at which users can access the Internet.

Bridges are Tor relays that aren't listed in the main directory. This means that to use a bridge, you'll need to locate one first. And because there is no complete public list of all the bridges, they are also harder to block. A bridge will act as the first hop in a circuit, and will only forward traffic on to other relays in the Tor network.

Setting up a Tor bridge on Amazon EC2 is simple and will only take you a couple of minutes. The images have been configured with automatic package updates and port forwarding, so you do not have to worry about Tor not working or the server not getting security updates.

You should not have to do anything once the instance is up and running. Tor will start up as a bridge, confirm that it is reachable from the outside, and then tell the bridge authority that it exists. After that, the address for your bridge will be given out to users.

To help new customers get started in the cloud, Amazon is introducing a free usage tier. The Tor Cloud images are all micro instances, and new customers will be able to run a free micro instance for a whole year. The Tor Cloud images have been configured with a bandwidth limit, so customers who don't qualify for the free usage tier should only have to pay an estimated $30 a month.

For more information, see the Tor Cloud website.

UPDATE: Some users have asked about the AWS free usage tier and pointed out that it only includes 15 GB of bandwidth out per month. I have updated the Tor Cloud website (changes should go live soon) with the following:

The Tor Cloud images have been configured to use no more than 40 GB of bandwidth out per month. We have estimated that customers who do not qualify for the free usage tier will pay up to $30 a month. Customers who qualify for the free usage tier, but who run bridges that use more than 15 GB of bandwidth out per month, will pay up to $3 per month.

I hope that this better clarifies the cost of running a bridge in the Amazon cloud, let me know if you have any questions.

Comments

Please note that the comment area below has been archived.

November 21, 2011

Permalink

Running a bridge is a good way to give back to the community. I'm a heavy tor user. Running a bridge is my way to start paying back.

Yes, there are other cloud providers with lower prices than Amazon. However, Amazon is one of the only providers that allow users to run custom images and have a nice and easy-to-use interface.

You'll probably want to read #4051: "... here are providers we should research when we're ready to offer images for more then just the Amazon cloud: softlayer.com, hetzner.de, and racksapce.com (they will allow custom images to clients soon)."

November 23, 2011

In reply to Runa

Permalink

Consider this: CloudSigma allows you to load any image (x86) and boot it. Based in Zurich, Switzerland, not subject to the US Patriot Act !!!

November 22, 2011

Permalink

Amazon fucked Wikileaks, fuck Amazon. Don't make Tor network depending from FBI Amazon.

Look wanker, wikileaks is the least transparent organization demanding everyone else be transparent. aren't they dead yet?

These are just bridges, nothing makes the tor network dependent upon the amazon cloud. don't like amazon? don't run a bridge in amazon.

November 22, 2011

Permalink

Hi All,

I am looking for an exit relay setup that would only allow sites that are mainly censored, like gmail, twitter, facebook cnn etc

I have tried to create exit policies for specific IPs of these sites but not sure if my relay is working properly.

Is there a torproject forum I can ask to?

Regards!

November 22, 2011

Permalink

Does this have security implications? Can Amazon peel the onion if too many relays are in their cloud?

The images have all been configured as Tor bridges. A bridge only replaces the first hop in a circuit, it will not replace any of the other hops.

November 22, 2011

Permalink

Hello my friend
I am Ahoora876 and live in Iran, in my country almost all of the sites are blocked so for God's sake send TOR browser full cracked to my email

Thanks so much

November 22, 2011

Permalink

Are there any plans on creating a similar Cloud Image but configured as an exit node?
I wouldn't mind paying 30 dollars a month to improve the TOR exit bandwidth...

Have there been many bridges deployed on Amazon since this project was released? :)

Thanks!

November 22, 2011

In reply to Runa

Permalink

Screw amazon. If we can host exit relays, we should. Let amazon shut them down then.

November 22, 2011

Permalink

Well, that clarifies my question / concern, thanks! And I suppose for $3/month, roughly, I can up the limit...

November 22, 2011

Permalink

Question: Can tor use more than 3 hops now or still only 3. I don't feel safe with only 3 for some reason.

November 22, 2011

Permalink

Amazon is one of the most expensive places to host anything.
Unless your making use of the cloud for dynamic load handling (which tor is not) then why use them at all?

There are tons of places to get a VPS for $5-20 per month with TBs of traffic, or even dedicated server for €15 with 5TB bandwidth at OVH/kimsufi (I am using them to host some Tor relays).
Just look on www.lowendbox.com or www.webhostingtalk.com

Yes, there are other cloud/VPS providers with lower prices than Amazon. However, Amazon is one of the only providers that allow users to run custom images and have a nice and easy-to-use interface.

You'll probably want to read #4051: "... here are providers we should research when we're ready to offer images for more then just the Amazon cloud: softlayer.com, hetzner.de, and racksapce.com (they will allow custom images to clients soon)."

November 22, 2011

Permalink

I like google, but they are a little close to certain Agencies who have no honest business snooping on Americans in America.

November 22, 2011

Permalink

fired up one yesterday. painless process. still running smoothly.
i already use aws so i just signed up for a new account with another email addy to qualify for the free tier.
lets hope the bandwidth doesn't cost over $3...times are rather tough at the moment cash-wise.

November 23, 2011

Permalink

http://www.orangewebsite.com/vps.php

After hearing of this idea I plan on hosting something on the site above. It's in Iceland so better laws regarding freedom of information. Will probably run it as an exit node as well.

Not the cheapest plan in the world but 200Gb bandwidth is pretty damn nice.

November 23, 2011

Permalink

I think there are a lot of VPS providers, which do not disallow Tor explicitly, which can be used.
Some can import images from recovery-shell with very low efford, for the others you could provide a shellscript which configures a standard debian install (available on almost all providers) for a bridge/exit. This should be no serious problem to do. The most complicated part is to compile a list of providers, which do not forbid running tor-instances / for the exit-nodes running open proxies.

November 23, 2011

Permalink

Hi.. and huge Apologies in advance for appearing to be an absolute numpty..

I heard about Tor for the first time today via some or other news release precisely about this.. i.e. using Amazon to host a bridge within Tor (I have spent the lat few hours reading all through this site) for the benefit of the wider good without costing any particular individual and arm and a leg.. A great cause and one I can identify with.. as I'm getting more than a little p'd off with all the big brother information gathering antics of state and commercial interests.. not to mention the "baddies".

Not sure I have anything to really hide myself.. but damnit.. my business is my business.. and I don't really want any lowlife from townhall who on a whim wants to know everything about me.. both unnaccountably for themselves and without my knowledge of their surveilance..

BUT.

In doing this.. (Registering with AWS.. Setting up the bridge with "tor.server" as a name, giving Amazon your details (they must ask for them for payment purposes) or just even browsing this website) wouldn't someone in effect being sticking their "head above the parapet" so to speak?

Surely the intelligence gathering agencies.. state sponsored or otherwise, must have this angle covered? Just browsing about tor must put you on some watchlist or other somewhere?

Yes, I have a whole bunch of virus and anti-malware software running.. but I'm in no doubt that they would in no way protect my PC from being cracked (and subsequently monitored undetectably) in less than a millisecond by either state or other malicious sources should they really want to.. I'm not an IT nerd or guru.. just your average Joe (that's not my real name btw)

I guess the belated question should be.. Now that I've posted this.. and visited your site.. Should I have been running tor before I did so?

Anonymous from Joe in Manchester! LOL

November 23, 2011

Permalink

It would be good if someone could offer a trusted service to set up a cloud based bridge on behalf of a new user or offer to install say when a bridge is paid for one year in advance?

January 06, 2012

Permalink

Any particular region i should choose that would help out the community more than another region?

May 14, 2012

Permalink

how do I use Tor to claim ny unemployment while Iam in europe for summer I need to be is US or Canada when I file