TorBox is an easy to use, anonymizing router based on a Raspberry Pi. TorBox creates a separate WiFi that routes the encrypted network data over the Tor network. The type of client (desktop, laptop, tablet, mobile, etc.) and operating system on the client don’t matter.
Tor, on which TorBox is based, encrypts your network data from your client to the Tor exit node, overcomes censorship, and anonymizes your data stream. Commonly, Tor is used by the Tor Browser, which facilitates surfing the web or accessing hidden services (.onion – Websites). However, there are also other programs using Tor, like the Tor Messenger, TorBirdy (an extension for Mozilla Thunderbird) and OnionShare. Though wouldn’t it convenient to route all your data through the Tor network, independently from the client, the service, and the program be used?
TorBox can be connected to an Internet router through cable, but it can also be used in connection with another (unsecured) WiFi, even if it has a captive portal.
A word of warning!
Use it at your own risk!
Where to go from here?
- Download the latest TorBox image file (TorBox v.0.4.1 based on Raspberry Pi OS “Buster” Lite with the Linux Kernel 5.10.17 and Tor version 0.4.5.8; 940 MB) and verify the integrity of the downloaded file.
- Transfer the downloaded image file on an SD Card; for example, with Etcher. TorBox needs at least a 4 GB SD Card, but at least 8 GB are recommended.
- Put the SD Card into your Raspberry Pi, link it with an Internet router using an Ethernet cable, or place a USB WiFi adapter in one of the USB ports to use an already existing WiFi. Afterward, start the Raspberry Pi. During the start, the system on the SD card automatically expands over the entire free partition – user interaction, screen, and peripherals are not required.
- After 2-3 minutes, when the green LED stops to flicker, connect your client to the new WiFi “TorBox041” (password: CHANGE-IT). Then use an SSH-client to access 192.168.42.1 (username: torbox / password: CHANGE-IT) or a web browser (for details see here). Now, you should see the TorBox main menu. Choose the preferred connection setup and change the default passwords as soon as possible (the associated entries are placed in the configuration sub-menu). For a connection via cable, see here.
- TorBox routes all your network data through the Tor network. At the same time, TorBox acts as an external firewall and prevents IP leakage. If wanted, all HTTP plain traffic can be blocked additionally.
- With the SSH-accessible menu, TorBox provides you with a user-friendly interface.
- TorBox supports Internet access via cable (Ethernet), WiFi, tethering devices, cellular links, USB dongles (wlan1/eth1/ppp0/usb0), and and VPN connections (tun0).
- Clients can connect TorBox via WiFi (in most cases, an additional USB WiFi adapter is necessary) and cable (simultaneously; see here).
- It easily overcomes captive portals and offers, if necessary, measures against “disconnect when idle features” (sometimes seen with WiFis in airports, hotels, coffee houses).
- TorBox supports OBFS4, Meek-Azure and Snowflake bridges, which help to overcome censorship (with an easy to use interface).
- If you have a public IP address, 24/7 Internet connectivity over a long time, and a bandwidth of at least 1 Mbps, TorBox can provide a bridge relay, easily configurable via a user-friendly interface to allow censored users access to the open Internet.
- It provides SOCKS v5 proxy functionality on the ports 9050 (standard) and 9052 (with destination address stream isolation).
- It allows easy access to .onion websites without client configuration (Chrome) or via SOCKS v5 proxy (Firefox).
Alternative installation method with the TorBox installation script
Alternatively, you can download the latest version of Raspberry Pi OS Lite, ensure stable Internet connectivity, localize your installation with raspi-config (optional), download and execute our installation script (option –select-torbox let you select the tor version to be installed):
cd wget https://raw.githubusercontent.com/radio24/TorBox/master/install/run_install.sh chmod a+x run_install.sh ./run_install.sh
The installation script may not work correctly in a censored network, and using the image file may be the better choice. If this also doesn’t work, please get in touch with us.
We offer also installation scripts for other systems, which might run on other hardware platforms. However, TorBox’s implementation on other systems and hardware is experimental because we do not have the resources to check all details on all different installations. You can help us to with reporting errors back to us.
Building from scratch
All you need to run TorBox on your Raspberry Pi is the image file. However, if you want to build it from scratch, whether you like to implement it to an existing system, to another hardware, respectively another operating system or you don’t trust an image file, which you didn’t bundle of your own, then check out our detailed manuals for a Raspberry Pi with Raspberry Pi OS Lite.
I want to help…
GREAT! There is a lot to improve and to fix (security of the entire system, graphical menu, cool logos …). We are searching for people who want to help, and we need especially your feedback to improve the system. You can start to contribute to our GitHub page or contact us. You can also donate to the Tor Project — without them, TorBox would not exist.
For secure email communication, we are using for the TorBox email Protonmail. All messages between Protonmail users are automatically end-to-end encrypted. Additionally, all messages in Protonmail inboxes are protected with PGP encryption to prevent Protonmail (or anyone else) from reading or sharing emails, a concept known as zero-access encryption. Creating a Protonmail email address is free and takes less than a minute. With Protonmail, anyone can use PGP regardless of their technical knowledge. However, technically versed, can also use our public PGP key to communicate with us:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: OpenPGP.js v4.10.10 Comment: https://openpgpjs.org xjMEXemNYRYJKwYBBAHaRw8BAQdAH22RKj/kZRqZds03njk7tSFEgrYkbeFo PRC3CwA2JwPNI2Fub255bUB0b3Jib3guY2ggPGFub255bUB0b3Jib3guY2g+ wncEEBYKAB8FAl3pjWEGCwkHCAMCBBUICgIDFgIBAhkBAhsDAh4BAAoJEOhJ KVODQehAkY8A/A7vPC+6nPaGBiv7P6wryQ+THA97uEwRK0Rsx3TYlKHuAQDN M4XH5G++eqqptaEv1daJEofwOnYxahJoHzYvdfZUBM44BF3pjWESCisGAQQB l1UBBQEBB0Cp+yT4Ec5kmGaGWneulB/KSgXLkkMSVaD++dC9mrcTfQMBCAfC YQQYFggACQUCXemNYQIbDAAKCRDoSSlTg0HoQArZAQD94cT2csOWOsqqx7+q Ps0P1Udn2/jXRbO+XbfzBzjM6wEAq4Z4g0w03KkHC3aU8/fATEnbN2+TInLV gNKTldrMtAg= =eGoI -----END PGP PUBLIC KEY BLOCK-----