The Tor BSD Diversity Project


Running OpenBSD -current for Tor Relays?

344 words by gman999 written on 2017–02–27, last edit: 2017–09–03, tags: openbsd, operator, relay, torPrevious post: Welcome Aboard, ViniciusNext post: March in Amsterdam

The question of which branch or flavor of OpenBSD to use for a Tor relay is a frequent point of mention.

OpenBSD maintains three flavors:

The logical notion is that -stable or even -release should be the Tor relay platorm choice. It does seem to be the most common recommendation.

Yet there are a number of things to consider, and we tend to favor -current as the best option in most use-cases for any OpenBSD box.

First, what is -current in OpenBSD is not some wildly unusable system. -current is the platform for OpenBSD development, in that it is the flavor on which OpenBSD developers actually work. Not a few production servers run on -current, and most significant problems are quickly resolved.

The other issue to consider is that OpenBSD’s ports development takes place on -current. Therefore the most current OpenBSD ports are found in -current. net/tor is at version with a single revision, while -stable is still at Tor with three revisions.

And no, for the inquisitive, OpenBSD does not support alpha or beta software in its ports tree, which excludes the Tor development branch.

Updating -stable isn’t difficult, which ever updating routes chosen. But following -current with the regular snapshots is equally simple. This guide from Peter Hansteen is dated, but gives the gist of the procedure.

Just because -current can update as frequently as a few times a day at times, doesn’t mean the Tor relay operator has to update the system each time. If one can keep a -current relay updated weekly, it should be fine.

The one other thing to note is that physical or serial console (or similar) access is also necessary for updating -current, as one has to boot off the bsd.rd kernel.

Copyright © 2015–2018 by The Tor BSD Diversity Project (TDP). All Rights Reserved.