Misc. Torifying Instructions
The below section contains instructions on tools and programs commonly used with Tor, but do not have enough required information to warrant their own individual pages.
Filesharing / Bittorrent
It is highly advised against torrenting over Tor. Not only is it unsecured and prone to leakage, it creates a significant load on the network that it is not designed to manage. This harms every other person using it.
SSH
More recent dedicated article SSH.
The information originally found under the [#ssh_2 SSH] section has been merged to that page as well.
youtube-dl
Use youtube-dl's --proxy option to use it through Tor.
with a system Tor::
```
youtube-dl --proxy socks5://127.0.0.1:9050/ https://www.youtube.com/watch?v=
}}}
with Tor Browser::
{{{
youtube-dl --proxy socks5://127.0.0.1:9150/ https://www.youtube.com/watch?v=
}}}
Often, the YouTube server will be blocking the exit relay and you will get an error like one of these: {{{ ERROR: Unable to download webpage: HTTP Error 429: Too Many Requests ERROR: Unable to download webpage: No status line received - the server has closed the connection
If you keep running the same youtube-dl command, you will keep getting the same exit relay, and keep getting the same error message. You can work around the block using Tor's [circuit isolation](https://2019.www.torproject.org/docs/tor-manual.html.en#SocksPort). If you provide a different username and password to the SOCKS port, it will cause Tor to use a different circuit and exit relay. In the Unix shell, `$RANDOM` is a convenient way to get a random string. Keep trying the command until you get an exit relay that works.youtube-dl --proxy socks5://$RANDOM:$RANDOM@127.0.0.1:9050/ https://www.youtube.com/watch?v=
By default, youtube-dl will download the video in a high-resolution format. If you prefer a smaller video file, use the `-F` option to list the available formats and `-f` to choose a lower resolution. See [FORMAT SELECTION](https://github.com/ytdl-org/youtube-dl/blob/master/README.md#format-selection). The [Archive Team wiki](https://archiveteam.org/index.php?title=YouTube#.28Manual.29_Recommended_way_to_archive_YouTube_videos) has other tips on getting the most from youtube-dl.youtube-dl -f 43/18 --proxy socks5://$RANDOM:$RANDOM@127.0.0.1:9050/ https://www.youtube.com/watch?v=
### Video streams
You can use [streamlink](https://github.com/streamlink/streamlink) with proxy settings.streamlink --http-proxy socks5h://127.0.0.1:9050/ --https-proxy socks5h://127.0.0.1:9050/ --rtmp-proxy socks5h://127.0.0.1:9050/ https://www.twitch.tv/ 480p
In place of `480p` you can use e.g. `720p`, `best`. By default it will try to run `vlc` or another player that it finds; use the `--player=<command>` option to customize. Notice the `socks5h` scheme on the proxy URLs. [The `h` means to do DNS lookups through the proxy](https://github.com/shazow/urllib3/issues/1035); this is an artifact of the urllib3 library that streamlink uses underneath. If you use just plain `socks5` instead of `socks5h`, you will definitely leak DNS requests.
### TLS / SSL / HTTPS
Tor Browser uses HTTPS Everywhere to make preference for TLS connections.
Tor Browser also pins the https://check.torproject.org SSL certificate, see [TBB: hardcode SSL cert check to prevent MITM](https://trac.torproject.org/projects/tor/ticket/3555).
To enhance the situation there are several ways:
* Pin the [SSL CA](https://en.wikipedia.org/wiki/Certificate_authority). This assumes, that the issuing SSL CA must be compromised. Therefore not any SSL CA can issue a fraudulent certificate. It's more secure, but not perfect.
* (For your own servers:) Use self-signed certificates and check the fingerprint or save the public key in your keyring. The fingerprints must be shared over a pre-shared secure channel, such as a meeting (where you do not need to stay anonymous) or GPG encrypted.
### Wget (HTTP)
**Quick note:** wget sends a User-Agent that often provides both a wget version number and the originating platform. For example, Tails 2.5 provides `wget/1.16 (linux-gnu)` as its User-Agent. Every operating system will provide different versions of wget in their repositories at any given time, thus allowing a hypothetical observer to make an educated guess at your current operating system. It's advisable to either fake your User-Agent (you can find the one Tor Browser is using by searching `general.useragent.override` in `about:config`), use a common operating system like Ubuntu or Debian, or simply by using a distribution like Tails that is designed to create a consistent anonymous set for all of its users.
In wget, spoofing the User Agent can be done with the `-U` or `--user-agent` option. An example:
wget -U "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0" [urlhere]
#### Method 1: Torsocks
Wget can be torified by using [Torsocks](https://trac.torproject.org/projects/tor/wiki/doc/torsocks). This can be accomplished simply by invoking:
torsocks wget [fileaddress]
#### Method 2: Proxy / Modifying wgetrc
Wget will also respect the http_proxy enviroment variable, however you can simplify the process by editing `/etc/wgetrc` after installing Privoxy or similar:
... http_proxy = http://localhost:8118 use_proxy = on ...
Please note port 8118 is simply the default port of Privoxy, and should be adjusted as per your local setup / software.
### cURL
**Notice**: Like for wget above, you must spoof your User Agent. Replace the `--user-agent` option in the below example with the relevant one from the `general.useragent.override` field in your Tor Browser's `about:config`.
==== Method 1: Proxy Settings
cURL can be torified by simply using its `--proxy` argument. An example:
curl --proxy "socks5h://localhost:9050" --tlsv1.2 --compressed --user-agent "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0" -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' -H 'DNT: 1' [urlhere]
#### Method 2: Torsocks
Using [Torsocks](https://trac.torproject.org/projects/tor/wiki/doc/torsocks).