Re: Please review README.Debian pkg documentation
Dererk wrote:
> Vidalia for Debian
Okay, here's an inline diff, modified version attached. I was going
to annotate the diff all the way through, but almost all of my
comments boil down to "not bad, but I prefer it like this"!
I've recycled a few tweaks that came up in the template review.
--- README.Debian.old 2010-10-14 23:14:09.000000000 +0100
+++ README.Debian 2010-10-14 23:33:22.000000000 +0100
@@ -1,13 +1,13 @@
Vidalia for Debian
------------------
- For the anxious and patienceless people
- ---------------------------------------
+ For the anxious and impatient
+ -----------------------------
-3 different ways of running Vidalia:
+There are three ways of running Vidalia:
-1. Re/Configure Vidalia not to let Tor start and simply start Vidalia.
-2. Enable CookieAuthentication in tor's config, and grab
+1. (Re)Configure Vidalia not to let Tor start, and simply start Vidalia.
+2. Enable CookieAuthentication in Tor's config, and grab
/var/lib/tor/control_auth_cookie (RECOMMENDED for greater security)
3. Enable ControlPort and use HashedControlPassword from
'tor --hash-password'.
@@ -18,30 +18,22 @@
Full and complete explanation
-----------------------------
-
-Vidalia provides a GUI for the Tor software.
-That means that Vidalia needs to talk to the Tor software for configuring
-different aspects of the Tor Network, viewing its status at a glance,
-monitor its bandwidth usage, or just viewing logs between others
-
-The component of the Tor software that Vidalia talks to is a daemon process,
-which works on background without any user interaction required.
+Vidalia provides a graphical graphical user interface to configure
+various aspects of the Tor Network, check its status at a glance,
+monitor its bandwidth usage, or just view logs. This means that
+Vidalia needs to talk to the Tor daemon.
Vidalia supports three different ways of talking to Tor:
-
-
-1. Letting Vidalia start Tor process on its own.
+1. Let Vidalia start the Tor process on its own.
---------------------------------------------
------> "I want it, and I want it NOW!"
- This option is the simplest for end users.
+ This option is the simplest, but not usable on a multi-user system.
- This is the default option on debconf while configuring vidalia package,
- handled in the debconf front-end to Vidalia, easily reconfigurable
- by running 'dpkg-reconfigure vidalia' at any given time.
-
+ Debconf offers this as the default option, but it can be easily
+ reconfigured at any time by running 'dpkg-reconfigure vidalia'.
*********************** FOR PARANOIDS ONLY ***************************
| |
@@ -49,15 +41,15 @@
| In the remote and unlikely event of a bug existing in the |
| Tor routing algorithm or implementation itself, it might be |
| _relatively_ easy, or at least possible, for a remote user to |
- | gain access to the user's launching Vidalia data (an attack |
- | known as "privilege escalation") |
+ | gain access to the data of the user launching Vidalia (what's |
+ | known as a "privilege escalation" attack) |
| |
| |
- | This will be much more difficult if you run Vidalia using any |
- | of the two alternatives described below. |
+ | This will be much more difficult if you run Vidalia using |
+ | either of the two alternatives described below. |
| |
| |
- | ** Please consider using them if possible!!!! ** |
+ | ** Please consider using them if possible! ** |
| |
| |
*********************** FOR PARANOIDS ONLY ***************************
@@ -69,42 +61,44 @@
* The best password is the one you don't have to know about *
- This method consists of a password-less authentication. This means
- you won't have to remember any password, but you'll have to grab a
- very important and *SECRET* file from your disc, called "Auth Cookie".
+ This method consists of a password-less authentication. This means
+ you won't have to remember any password, but you'll have to grab a
+ very important and *SECRET* file called "Auth Cookie" from disk.
To enable this profile, edit Tor's configuration file, by default at
- '/etc/tor/torrc', add or uncomment the 'CookieAuthentication' value
- setting it to 1.
+ '/etc/tor/torrc', and add or uncomment the 'CookieAuthentication'
+ value, setting it to 1.
+
You will end up having something like this:
# grep Cookie /etc/tor/torrc
CookieAuthentication 1
- Now start/restart Tor daemon and start Vidalia from your regular X user.
- Vidalia will ask you for a "cookie file" at the next run:
+ Now start/restart the Tor daemon, and start Vidalia (as a regular X
+ user). Vidalia will ask you for a "cookie file" at the next run:
------------------------------------------------------------------------
You will have to fetch the "cookie file" from your local filesystem,
- by default at '/var/lib/tor/control_auth_cookie'
+ by default at '/var/lib/tor/control_auth_cookie'
- DO NOT share this file with anyone, Tor rests on it!
+ DO NOT share this file with anyone, Tor depends on it!
------------------------------------------------------------------------
This option might be simpler than all the others, but will require you
- to grab a different cookie file every time you restart the Tor process,
- in contrast to the next methods.
+ to grab a different cookie file every time you restart the Tor process,
+ in contrast to the next methods.
- This is my preferred and recommended method, simple and easy, no passwords.
+ This is my preferred and recommended method, simple and easy, no
+ passwords.
3. Enable Tor to use a control port to communicate with Vidalia.
-------------------------------------------------------------
- Edit Tor configuration file, by default '/etc/tor/torrc', add or
- uncomment the 'ControlPort 9051' option, and add the output
- you get from tor to 'HashedControlPassword', as shown here:
+ Edit the Tor configuration file, by default '/etc/tor/torrc', add or
+ uncomment the 'ControlPort 9051' option, and add the output you get
+ from Tor to 'HashedControlPassword', as shown here:
# tor --hash-password SOME_PASSWORD_HERE
Sep 17 18:48:49.421 [notice] Tor v0.2.0.30 (r15956). This is experimental
@@ -113,14 +107,14 @@
16:167F667A98F859D2600BD708B48B95343FEF7800B479E2AA4284ACF029
- You will end having something like this:
+ You will end up with something like this:
# grep Control /etc/tor/torrc
ControlPort 9051
HashedControlPassword 16:167F667A98F...4ACF029
- Now start/restart Tor daemon and start Vidalia from your regular X user.
- Vidalia will ask you for that password at the next run, in the example,
- 'SOME_PASSWORD_HERE' (as the phrase you pass it with --hash-password,
- not the hash), and will start a secure authentication. That's all!
-
+ Now start/restart the Tor daemon, and start Vidalia (as a regular X
+ user). Vidalia will ask you for that password at the next run (the
+ phrase you passed it with --hash-password, not the hash - in the
+ example, 'SOME_PASSWORD_HERE'), and will start a secure
+ authentication. That's all!
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
Vidalia for Debian
------------------
For the anxious and impatient
-----------------------------
There are three ways of running Vidalia:
1. (Re)Configure Vidalia not to let Tor start, and simply start Vidalia.
2. Enable CookieAuthentication in Tor's config, and grab
/var/lib/tor/control_auth_cookie (RECOMMENDED for greater security)
3. Enable ControlPort and use HashedControlPassword from
'tor --hash-password'.
Full and complete explanation
-----------------------------
Vidalia provides a graphical graphical user interface to configure
various aspects of the Tor Network, check its status at a glance,
monitor its bandwidth usage, or just view logs. This means that
Vidalia needs to talk to the Tor daemon.
Vidalia supports three different ways of talking to Tor:
1. Let Vidalia start the Tor process on its own.
---------------------------------------------
------> "I want it, and I want it NOW!"
This option is the simplest, but not usable on a multi-user system.
Debconf offers this as the default option, but it can be easily
reconfigured at any time by running 'dpkg-reconfigure vidalia'.
*********************** FOR PARANOIDS ONLY ***************************
| |
| |
| In the remote and unlikely event of a bug existing in the |
| Tor routing algorithm or implementation itself, it might be |
| _relatively_ easy, or at least possible, for a remote user to |
| gain access to the data of the user launching Vidalia (what's |
| known as a "privilege escalation" attack) |
| |
| |
| This will be much more difficult if you run Vidalia using |
| either of the two alternatives described below. |
| |
| |
| ** Please consider using them if possible! ** |
| |
| |
*********************** FOR PARANOIDS ONLY ***************************
2. Enable Tor to use CookieAuthentication to communicate with Vidalia.
-------------------------------------------------------------------
* The best password is the one you don't have to know about *
This method consists of a password-less authentication. This means
you won't have to remember any password, but you'll have to grab a
very important and *SECRET* file from your disc, called "Auth Cookie".
To enable this profile, edit Tor's configuration file, by default at
'/etc/tor/torrc', and add or uncomment the 'CookieAuthentication'
value, setting it to 1.
You will end up having something like this:
# grep Cookie /etc/tor/torrc
CookieAuthentication 1
Now start/restart the Tor daemon, and start Vidalia (as a regular X
user). Vidalia will ask you for a "cookie file" at the next run:
------------------------------------------------------------------------
You will have to fetch the "cookie file" from your local filesystem,
by default at '/var/lib/tor/control_auth_cookie'
DO NOT share this file with anyone, Tor depends on it!
------------------------------------------------------------------------
This option might be simpler than all the others, but will require you
to grab a different cookie file every time you restart the Tor process,
in contrast to the next methods.
This is my preferred and recommended method, simple and easy, no
passwords.
3. Enable Tor to use a control port to communicate with Vidalia.
-------------------------------------------------------------
Edit the Tor configuration file, by default '/etc/tor/torrc', add or
uncomment the 'ControlPort 9051' option, and add the output you get
from Tor to 'HashedControlPassword', as shown here:
# tor --hash-password SOME_PASSWORD_HERE
Sep 17 18:48:49.421 [notice] Tor v0.2.0.30 (r15956). This is experimental
software. Do not rely on it for strong anonymity. (Running on Linux x86_64)
16:167F667A98F859D2600BD708B48B95343FEF7800B479E2AA4284ACF029
You will end up with something like this:
# grep Control /etc/tor/torrc
ControlPort 9051
HashedControlPassword 16:167F667A98F...4ACF029
Now start/restart the Tor daemon, and start Vidalia (as a regular X
user). Vidalia will ask you for that password at the next run (the
phrase you passed it with --hash-password, not the hash - in the
example, 'SOME_PASSWORD_HERE'), and will start a secure
authentication. That's all!
Reply to: