How to install the latest version of Tor on Ubuntu
March 15, 2022
How to get the latest version of Tor on Ubuntu
The tor package is present in the Ubuntu repositories, but its version may be out of date. This is especially true for Ubuntu distributions released several years ago, even if they have long-term support (LTS).
In new versions of Tor, identified weaknesses and vulnerabilities are eliminated, as well as updating and supplementing the functionality. For this reason, you may need to install the latest version of the tor package.
Like other programs on Linux, you can compile Tor from source, and this article will show you how. Fortunately, the Tor developers maintain a binary repository for Ubuntu and Debian distributions.
In this guide, we will look at two ways to install a fresh version of Tor – from the repositories and from the source code.
How to install Tor from the Tor developers repositories
The Tor Project has its own Debian repository. Debian itself includes an LTS version of Tor. With it, you will not always be able to have the latest and most stable version of Tor. Therefore, it is recommended to install tor from the Tor Project repository.
This section will show you how to enable the Tor package repository on Debian-based Linux distributions.
Prerequisite: Verify the CPU architecture
The package repository offers amd64, arm64, and i386 binaries. Verify your operating system is capable of running the binary by inspecting the output of the following commend:
dpkg --print-architecture
It should output either amd64, arm64, or i386. The repository does not support other CPU architectures.
Note on Raspbian: The package repository does not offer 32-bit ARM architecture (armhf) images (yet). You should either install the version Debian offers (make sure to check out Debian backports, too, as that one has often a more up-to-date Tor package), or build Tor from source.
1. Install apt-transport-https
This step is only required for apt versions below 1.5. Support for https was added in versions of apt 1.5 and later, so currently the apt-transport-https package is kept in the repository for compatibility only and can be removed from the system without consequences.
To check the version of apt use the command
apt --version
On older distributions, you may need to install this package:
sudo apt install apt-transport-https
2. Create a new file in /etc/apt/sources.list.d/ named tor.list.
sudo gedit /etc/apt/sources.list.d/tor.list
Add the following entries:
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org <DISTRIBUTION> main
In these lines, replace <DISTRIBUTION> with your operating system code. Run
lsb_release -c
to find out the operating system code.
The following command will output only the distribution code (the command is suitable for use in scripts):
lsb_release -c | awk '{print $2}'
Note. Starting with Ubuntu Focal, 32-bit applications are no longer supported, so when using sudo apt update, you may encounter the message:
Skipping acquire of configured file 'main/binary-i386/Packages' as repository 'http://deb.torproject.org/torproject.org focal InRelease' doesn't support architecture 'i386'
To get rid of this message, the entries in the /etc/apt/sources.list.d/tor.list file need to be edited to be in the following format:
deb [arch= signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org focal main deb-src [arch= signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org focal main
Replace <ARCHITECTURE> with the architecture of your system, which can be viewed with the command
dpkg --print-architecture
For example:
deb [arch=amd64 signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org impish main deb-src [arch=amd64 signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org impish main
3. Then add the gpg key used to sign the packages by running the following command at your command prompt:
wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | sudo tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
4. Install tor and tor debian keyring
It is provided a Debian package to help you keep the latest version of your signing key. To install, use the following commands:
sudo apt update sudo apt install tor deb.torproject.org-keyring
Source: https://support.torproject.org/apt/tor-deb-repo/
How to compile and install Tor from source on Ubuntu and Debian
This method differs from the previous one from a practical point of view in at least two important points:
- You need to keep track of new versions and update Tor yourself
- With this method, tor.service files are not created, that is, it will not be possible to manage the service using systemd with commands like
sudo systemctl start tor
To compile tor run the following commands:
sudo apt remove tor sudo apt update sudo apt install git make build-essential automake autoconf libevent-dev libssl-dev zlib1g-dev zlib1g asciidoc liblzma-dev libzstd-dev systemd libsystemd-dev pkg-config libnss3-dev git clone https://github.com/torproject/tor cd tor sh autogen.sh ./configure --enable-systemd --enable-nss make
Note that if the make command throws an error
make: *** No targets specified and no makefile found. Stop.
this means that the previous configure command failed. You need to return to its output and look in the last lines for the name of the missing package or another reason due to which the configuration failed.
After a successful compilation configuration, the installation is done like this:
sudo make install
To start Tor run the command:
tor
A sample configuration file is located at /usr/local/etc/tor/torrc.sample, you can use this as a base to configure Tor:
sudo cp /usr/local/etc/tor/torrc.sample /usr/local/etc/tor/torrc
Should I install Tor from my package manager or build from source?
If you are using Debian or Ubuntu, installing Tor from the Tor Project repository has several advantages:
- Your ulimit -n is set to 32768, which is enough for Tor to keep all necessary connections open.
- The user profile is created only for Tor, so Tor does not need to be run as root.
- An init script is included in the package so that Tor can be configured to start on boot. You can use systemd and systemctl to control the service
- Tor works with the --verify-config option, which means that before starting the service, the configuration file will be checked for correctness – this can help you solve problems if the service is not running.
- Tor can bind to low-level ports and then lower the privileges of its process.
See also: More Tor manuals
Related articles:
- Error “Cannot load modules/libphp7.so” (SOLVED) (77.7%)
- Chromium will no longer sync passwords - what should Linux users do? (77.7%)
- How to install a web server (Apache, PHP, MySQL, phpMyAdmin) on Linux Mint, Ubuntu and Debian (77.7%)
- Do services need to be restarted when updating packages (77.7%)
- Error “No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php8.1-fpm.sock (*:80) failed” (SOLVED) (77.7%)
- Windows stopped booting in Virtual Machine after upgrading to VirtualBox 7 (SOLVED) (RANDOM - 50%)
