On Tue, 2014-07-15 at 16:29 -0400, Hans-Christoph Steiner wrote: > apt already supports SOCKS proxies, I use one for forcing all my apt traffic > over Tor in /etc/apt/apt.conf: > > Acquire::socks::Proxy "socks://127.0.0.1:9050";
Unfortunately I do not believe this will work - there are various references to this apt config setting on the internet, but none in the source code for apt. Worse still, apt will just silently ignore it and route your requests over HTTP, ignoring Tor. Please see: https://bugs.debian.org/744934 Even if SOCKS support were added to apt, you would have to be quite careful not to leak DNS requests - you need the right sort of SOCKS. apt-transport-tor tries to make this harder to get wrong, but the tradeoff is that you need to put "tor" or something similar at the front of the URLs. > I like your URL scheme idea. I think the ideal would be to support it with > all of these URLs: > > http://asdfasdfasdfadfadf.onion > https://asdfasdfasdfadfadf.onion > tor+http://mirrors.kernel.org > tor+https://mirrors.kernel.org > tor+ftp://mirrors.kernel.org I can probably support the last three, but not the first two, under the current design of apt. Hope that helps, -- Tim Retout <dioc...@debian.org>
signature.asc
Description: This is a digitally signed message part
