I try to activate username and password authentication for my tor installation using the fields SOCKS5Username and SOCKS5Password in the /etc/tor/torsocks.conf file. I have restarted the service after config change and checked if it really restarted. But tor is still available without username and password on my machine.
I have installed Tor from EPEL repo. More information about Installation:
Installed Packages Name : tor Arch : x86_64 Version : 0.2.7.6 Release : 5.el7 Current OS CentOS Linux release 7.2.1511 (Core) Tor Configuration [root@torproxy ~]# cat /etc/tor/torsocks.conf | grep -v "^#" TorAddress curl 10.0.0.43 TorPort 18009 OnionAddrRange 127.42.42.0/24 SOCKS5Username test SOCKS5Password 1234 [root@torproxy ~]# cat /etc/tor/torrc | grep -v "^#" ControlSocket /run/tor/control ControlSocketsGroupWritable 1 CookieAuthentication 1 CookieAuthFile /run/tor/control.authcookie CookieAuthFileGroupReadable 1 SOCKSPort 10.0.0.43:18009 SOCKSPolicy accept *
Tor does not actually make any attempt to verify the authentication information that a SOCKS client provides to it. It can be used entirely unauthenticated, and it has no configuration to force authentication. As such, you are strongly recommended to not expose the SOCKS port to any IP address that you don’t want connecting directly to it.
From the man page:
NOTE: Although this option allows you to specify an IP address other than localhost, you should do so only with extreme caution. The SOCKS protocol is unencrypted and (as we use it) unauthenticated, so exposing it in this way could leak your information to anybody watching your network, and allow anybody to use your computer as an open proxy.
What Tor does do with the authentication information is stream isolation. Tor can be configured to use completely different circuits for clients which “authenticate” with different credentials.
IsolateSOCKSAuth Don’t share circuits with streams for which different SOCKS authentication was provided. (On by default; you can disable it with NoIsolateSOCKSAuth.)
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.