{ "post": { "html": "

There are many reasons you might want to browse anonymously which can be accomplished by using Tor. The setup instructions on Tor’s website are quite scattered and outdated so here are some steps to setup Tor on macOS with a simple automated script at the end.

\n

I’m using macOS Catalina (10.15) for the following instructions but it should work on almost any macOS version.

\n

#Tor Browser

\n

\n \n \n \n \n
Tor Browser
\n

\n

The most simple way to surf anonymously with Tor is to just grab Tor Browser. It’s a modified version of Firefox Extended Support Release (ESR) with Tor and some extensions (Torbutton, TorLauncher, NoScript, and HTTPS-Everywhere) built right in. Upon start, Tor Browser automatically starts the required Tor background processes and routes traffic through the Tor network. That’s the way to go if you want the highest level of protection without much further configuration.

\n

But it’s based on an older version of Firefox and there might be more you want to do anonymously on your machine than just browsing the web, like accessing resources via the Terminal or any other app. Or just use the browser you’re used to.

\n

For this you need to have Tor installed on your system and additionally set specific proxy values in your network preferences after you’ve started Tor.

\n
\n

Be aware that the instructions and the script mentioned below will not make whatever you do on the web anonymous. Much depends on your browsing habits, what apps you're using, and none of the methods below will offer the same level of protection than Tor Browser out of the box. You have been warned.

\n
\n

#Install Tor

\n

Contrary to the weirdly outdated install instructions on Tor’s website (hey, remember Macports?), installing Tor on macOS is super simple with Homebrew.

\n

In your Terminal execute:

\n
brew install tor
\n

Then you can start it up by running:

\n
tor
\n

Congratulations, you now have Tor running on your system. But none of your network traffic is routed through it yet.

\n

In order for all your system traffic being routed through Tor you need to adjust your system’s network proxy settings which you can either do visually in the System Preferences or programmatically via macOS’s builtin networksetup.

\n

#Set network proxy settings via System Preferences

\n

You can do this under System Preferences > Network by creating a specific Tor network location for it:

\n
    \n
  1. From Location dropdown at the top, select Edit Locations…
    2. \n
  2. Create a new location by hitting the plus button and name it Tor. Hitting Done will select the new location which is now ready to be configured.
    3. \n
  3. Go to Advanced > Proxies and activate SOCKS Proxy and add those values:
    4. \n
  4. SOCKS proxy server: localhost
    5. \n
  5. Port: 9050
    6. \n
\n

\n \n \n \n \n
Network Settings
\n

\n

After hitting OK & Apply at the initial network screen, you can easily switch to this newly created location from your menu bar under  > Location whenever you start up Tor.

\n

Switching to the Tor location routes all network traffic on your system through Tor. Note that you have to repeat those steps for every other network interface if you use, say, Wi-Fi and Ethernet interchangeably.

\n

#All in one go: start Tor & set network proxy settings automatically

\n

When you’re already in the Terminal to start up Tor, additionally setting the network settings involves a lot of fiddling around. Ain’t nobody got time for that.

\n

Thankfully macOS provides a way to programmatically set those proxy values via the networksetup utility. I’ve found a nice script for this but running it opened multiple admin password prompts. So I extended it a bit to make it more user friendly.

\n

In a nutshell, this shell script asks you for your admin password upfront, starts up Tor, and sets all required proxy network settings automatically:

\n
#!/usr/bin/env bash\n\n# 'Wi-Fi' or 'Ethernet' or 'Display Ethernet'\nINTERFACE=Wi-Fi\n\n# Ask for the administrator password upfront\nsudo -v\n\n# Keep-alive: update existing `sudo` time stamp until finished\nwhile true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &\n\n# trap ctrl-c and call disable_proxy()\nfunction disable_proxy() {\n    sudo networksetup -setsocksfirewallproxystate $INTERFACE off\n    echo "$(tput setaf 64)" #green\n    echo "SOCKS proxy disabled."\n    echo "$(tput sgr0)" # color reset\n}\ntrap disable_proxy INT\n\n# Let's roll\nsudo networksetup -setsocksfirewallproxy $INTERFACE 127.0.0.1 9050 off\nsudo networksetup -setsocksfirewallproxystate $INTERFACE on\n\necho "$(tput setaf 64)" # green\necho "SOCKS proxy 127.0.0.1:9050 enabled."\necho "$(tput setaf 136)" # orange\necho "Starting Tor..."\necho "$(tput sgr0)" # color reset\n\ntor
\n

Save this script under something like tor.sh in one of your sourced bin folders, make it executable with chmod + x and use it as a replacement for the general tor command. So you can just run

\n
tor.sh
\n

and Tor should run smoothly on your system without additional configuration:

\n

\n \n \n \n \n
Tor running in Terminal
\n

\n

Verify you’re indeed browsing over the Tor network by going to check.torproject.org.

\n

When you’re done, just exit the script with ctrl + c and the network settings will be reverted to their previous configuration.

\n

#Non-standard apps

\n

Some apps are just not good Mac citizens and use their own network settings, ignoring macOS system network proxy settings. E.g. older versions of Google Chrome were using their own custom network settings and therefore were not routing their web traffic through the proxy configured in System Preferences.

\n

But the most recent Chrome version automatically picks up macOS’s native proxy settings, as does the most recent version of Firefox.

\n

Always check your Tor connection with whatever app you’re using and if needed set the proxy preferences manually in the respective app with:

\n\n", "excerpt": "There are many reasons you might want to browse anonymously which can be accomplished by using Tor. The setup instructions on Tor’s website…", "frontmatter": { "type": "post", "title": "Simple Tor setup on macOS", "image": { "childImageSharp": { "fluid": { "aspectRatio": 3.2, "src": "/static/c87c817b4191fb48e9ca4419c0c70bb8/3995d/teaser-tor.png", "srcSet": "/static/c87c817b4191fb48e9ca4419c0c70bb8/f0031/teaser-tor.png 200w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/cad89/teaser-tor.png 400w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/3995d/teaser-tor.png 800w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/32ce4/teaser-tor.png 1200w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/1ed7e/teaser-tor.png 1600w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/19dc3/teaser-tor.png 1920w", "srcWebp": "/static/c87c817b4191fb48e9ca4419c0c70bb8/240ac/teaser-tor.webp", "srcSetWebp": "/static/c87c817b4191fb48e9ca4419c0c70bb8/04c4c/teaser-tor.webp 200w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/ebea1/teaser-tor.webp 400w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/240ac/teaser-tor.webp 800w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/823f0/teaser-tor.webp 1200w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/9e49e/teaser-tor.webp 1600w,\n/static/c87c817b4191fb48e9ca4419c0c70bb8/68ae1/teaser-tor.webp 1920w", "sizes": "(max-width: 800px) 100vw, 800px", "originalImg": "/static/c87c817b4191fb48e9ca4419c0c70bb8/19dc3/teaser-tor.png", "originalName": "teaser-tor.png", "presentationWidth": 800, "presentationHeight": 250 } }, "fields": null }, "toc": true, "author": "Matthias Kretschmann", "updated": "2019-11-07T22:52:46.000Z", "tags": ["tutorial", "tor", "macos", "goodies", "apple"], "linkurl": null, "style": null, "changelog": null }, "fields": { "slug": "/simple-tor-setup-on-mac-os-x", "date": "2015-08-02T19:57:30.912Z", "githubLink": "https://github.com/kremalicious/blog/tree/master/content/posts/2015-08-02-simple-tor-setup-on-mac-os-x/index.md" }, "rawMarkdownBody": "\nThere are many reasons you might want to browse anonymously which can be accomplished by using [Tor](https://www.torproject.org). The setup instructions on Tor's website are quite scattered and outdated so here are some steps to setup Tor on macOS with a simple automated script at the end.\n\nI'm using macOS Catalina (10.15) for the following instructions but it should work on almost any macOS version.\n\n## Tor Browser\n\n![Tor Browser](tor-browser.png)\n\nThe most simple way to surf anonymously with Tor is to just grab [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en). It's a modified version of [Firefox Extended Support Release (ESR)](https://www.mozilla.org/en-US/firefox/organizations/) with Tor and some extensions (Torbutton, TorLauncher, NoScript, and HTTPS-Everywhere) built right in. Upon start, Tor Browser automatically starts the required Tor background processes and routes traffic through the Tor network. That's the way to go if you want the highest level of protection without much further configuration.\n\nBut it's based on an older version of Firefox and there might be more you want to do anonymously on your machine than just browsing the web, like accessing resources via the Terminal or any other app. Or just use the browser you're used to.\n\nFor this you need to have Tor installed on your system and additionally set specific proxy values in your network preferences after you've started Tor.\n\n
\n

Be aware that the instructions and the script mentioned below will not make whatever you do on the web anonymous. Much depends on your browsing habits, what apps you're using, and none of the methods below will offer the same level of protection than Tor Browser out of the box. You have been warned.

\n
\n\n## Install Tor\n\nContrary to the weirdly outdated [install instructions on Tor's website](https://www.torproject.org/docs/tor-doc-osx.html.en) (hey, remember Macports?), installing Tor on macOS is super simple with [Homebrew](http://brew.sh).\n\nIn your Terminal execute:\n\n```bash\nbrew install tor\n```\n\nThen you can start it up by running:\n\n```bash\ntor\n```\n\nCongratulations, you now have Tor running on your system. But none of your network traffic is routed through it yet.\n\nIn order for all your system traffic being routed through Tor you need to adjust your system's network proxy settings which you can either do visually in the System Preferences or programmatically via macOS's builtin `networksetup`.\n\n## Set network proxy settings via System Preferences\n\nYou can do this under _System Preferences > Network_ by creating a specific Tor network location for it:\n\n1. From Location dropdown at the top, select _Edit Locations..._\n2. Create a new location by hitting the plus button and name it _Tor_. Hitting Done will select the new location which is now ready to be configured.\n3. Go to _Advanced > Proxies_ and activate _SOCKS Proxy_ and add those values:\n\n- _SOCKS proxy server_: `localhost`\n- _Port_: `9050`\n\n![Network Settings](tor-osx-proxy.png)\n\nAfter hitting _OK_ & _Apply_ at the initial network screen, you can easily switch to this newly created location from your menu bar under _ > Location_ whenever you start up Tor.\n\nSwitching to the Tor location routes all network traffic on your system through Tor. Note that you have to repeat those steps for every other network interface if you use, say, Wi-Fi and Ethernet interchangeably.\n\n## All in one go: start Tor & set network proxy settings automatically\n\nWhen you're already in the Terminal to start up Tor, additionally setting the network settings involves a lot of fiddling around. Ain't nobody got time for that.\n\nThankfully macOS provides a way to programmatically set those proxy values via the `networksetup` utility. I've found a [nice script](http://leonid.shevtsov.me/en/an-easy-way-to-use-tor-on-os-x) for this but running it opened multiple admin password prompts. So I extended it a bit to make it more user friendly.\n\nIn a nutshell, this shell script asks you for your admin password upfront, starts up Tor, and sets all required proxy network settings automatically:\n\n```bash\n#!/usr/bin/env bash\n\n# 'Wi-Fi' or 'Ethernet' or 'Display Ethernet'\nINTERFACE=Wi-Fi\n\n# Ask for the administrator password upfront\nsudo -v\n\n# Keep-alive: update existing `sudo` time stamp until finished\nwhile true; do sudo -n true; sleep 60; kill -0 \"$$\" || exit; done 2>/dev/null &\n\n# trap ctrl-c and call disable_proxy()\nfunction disable_proxy() {\n sudo networksetup -setsocksfirewallproxystate $INTERFACE off\n echo \"$(tput setaf 64)\" #green\n echo \"SOCKS proxy disabled.\"\n echo \"$(tput sgr0)\" # color reset\n}\ntrap disable_proxy INT\n\n# Let's roll\nsudo networksetup -setsocksfirewallproxy $INTERFACE 127.0.0.1 9050 off\nsudo networksetup -setsocksfirewallproxystate $INTERFACE on\n\necho \"$(tput setaf 64)\" # green\necho \"SOCKS proxy 127.0.0.1:9050 enabled.\"\necho \"$(tput setaf 136)\" # orange\necho \"Starting Tor...\"\necho \"$(tput sgr0)\" # color reset\n\ntor\n```\n\nSave this script under something like `tor.sh` in one of your sourced `bin` folders, make it executable with `chmod + x` and use it as a replacement for the general `tor` command. So you can just run\n\n```bash\ntor.sh\n```\n\nand Tor should run smoothly on your system without additional configuration:\n\n![Tor running in Terminal](tor-osx-terminal.png)\n\nVerify you're indeed browsing over the Tor network by going to [check.torproject.org](https://check.torproject.org).\n\nWhen you're done, just exit the script with ctrl + c and the network settings will be reverted to their previous configuration.\n\n## Non-standard apps\n\nSome apps are just not good Mac citizens and use their own network settings, ignoring macOS system network proxy settings. E.g. older versions of Google Chrome were using their own custom network settings and therefore were not routing their web traffic through the proxy configured in System Preferences.\n\nBut the most recent Chrome version automatically picks up macOS's native proxy settings, as does the most recent version of Firefox.\n\nAlways [check](https://check.torproject.org) your Tor connection with whatever app you're using and if needed set the proxy preferences manually in the respective app with:\n\n- _SOCKS proxy server_: `localhost`\n- _Port_: `9050`\n", "tableOfContents": "" } }