The following is a quick overview of what I did to change my debian servers to update via Tor instead of the clearnet.
Install the transport and Tor:
apt install apt-transport-tor tor
Update your /etc/apt/sources.list:
Don't take my word for it that these onions are correct. Confirm they are by visiting onion.debian.org.
# Comment out everything else # Main FTP Server deb tor+http://vwakviie2ienjx6t.onion/debian jessie main # FTP Updates deb tor+http://vwakviie2ienjx6t.onion/debian jessie-updates main # Security Patches deb tor+http://sgvtcaew4bxjd7ln.onion/debian-security jessie/updates main # Enable FTP Backports if you enjoy that kinda thing #deb tor+http://vwakviie2ienjx6t.onion/debian jessie-backports main
Confirm that tor is set to start on boot and that it is listening on port 9050 for a local socks proxy. (How else is apt going to get the packages?)
# Enable Tor to start on boot sudo systemctl enable tor # Update torrc to have "SocksProxy 9050" sudo vim /etc/tor/torrc
Finishing up, Testing!
If everything is setup correctly, and you have tor running, run
apt update and you should get lines in your apt log saying
Ign tor+http://vwakviie2ienjx6t.onion jessie/contrib
Let me know in the comments if you have any problems or ideas on this topic! Or just found it useful.
Subscribe to Slowbro's Blog
Get the latest posts delivered right to your inbox