TorBox is an easy to use, anonymizing router based on a Raspberry Pi. TorBox creates a separate WiFi that routes the encrypted network data over the Tor network. Additionally, TorBox helps to publish data easily and safely through Onion Services. The type of client (desktop, laptop, tablet, mobile, etc.) and operating system on the client don’t matter.
Tor, on which TorBox is based, encrypts your network data from your client to the Tor exit node, overcomes censorship, and anonymizes your data stream. Commonly, Tor is used by the Tor Browser, which facilitates surfing the web or accessing onion services (.onion – Websites). However, there are also other programs using Tor, like the peer-to-peer messenger app Ricochet Refresh, TorBirdy (an extension for Mozilla Thunderbird) and OnionShare. Though wouldn’t it convenient to route all your data through the Tor network, independently from the client, the service, and the program be used?
TorBox accomplishes this by creating a separate WiFi and routing all network data over the Tor network. Also, clients can be connected to a TorBox using an Ethernet cable. The TorBox image file, available here (~1 GB), can be run on a low-priced Raspberry Pi.
TorBox can be connected to an Internet router through an Ethernet cable, but it can also be used in connection with another (unsecured) WiFi, even if it has a captive portal.
A word of warning!
Use it at your own risk!
Where to go from here?
- Download the latest TorBox image file (TorBox v.0.5.1 based on Raspberry Pi OS “Bullseye” Lite with the Linux Kernel 5.15.32 and Tor version 0.4.7.8; ~1 GB) and verify the integrity of the downloaded file.
- Transfer the downloaded image file on an SD Card, for example, with Etcher. TorBox needs at least a 8 GB SD Card.
- Put the SD Card into your Raspberry Pi, link it with an Internet router using an Ethernet cable, or place an USB WiFi adapter in one of the USB ports to use an existing WiFi. Afterwards, start the Raspberry Pi. During the start, the system on the SD card automatically expands over the entire free partition – user interaction, screen, and peripherals are not required yet.
- After 2-3 minutes, when the green LED stops to flicker, connect your client to the new WiFi “TorBox051” (password: CHANGE-IT).
- Login to the TorBox by using a SSH client (192.168.42.1 on a WiFi client or 192.168.43.1 on a cable client) or a web browser (http://192.168.42.1 on a WiFi client or http://192.168.43.1 on a cable client; for a connection via cable, see here; username: torbox / password: CHANGE-IT).
- After seeing a welcome screen and answering some initial questions during the first start-up, you should see the TorBox Main Menu. Choose the preferred connection setup and change the default passwords as soon as possible (the associated entries are placed in the configuration sub-menu).
- TorBox routes all your network data through the Tor network. At the same time, TorBox acts as an external firewall and prevents IP leakage.
- With a menu system that can be accessed by a SSH client or a web browser, TorBox provides a user-friendly interface.
- TorBox supports Internet access via cable (Ethernet), WiFi, tethering devices, cellular links, USB dongles (
usb0), and and VPN connections (
- Clients can connect TorBox via WiFi (in most cases, an additional USB WiFi adapter is necessary) and cable (simultaneously; see here).
- It easily overcomes captive portals and offers, if necessary, measures against “disconnect when idle features” (sometimes seen with WiFis in airports, hotels, coffee houses).
- TorBox supports OBFS4, Meek-Azure and Snowflake bridges, which help to overcome censorship (with an easy to use interface).
- Also, TorBox supports Onion Services which allow easily and securely sharing of data through Tor, even if TorBox is located behind firewalls, network address translators or placed in a censoring country while preserving the security and anonymity of both parties.
- If you have a public IP address, 24/7 Internet connectivity over a long time, and a bandwidth of at least 1 Mbps, TorBox can provide a bridge relay, easily configurable via a user-friendly interface to allow censored users access to the open Internet.
- It provides SOCKS v5 proxy functionality on the ports 9050 (standard) and 9052 (with destination address stream isolation).
- It allows easy access to .onion websites without client configuration (Chrome) or via SOCKS v5 proxy (Firefox).
Alternative installation method with the TorBox installation script
Alternatively, you can download the latest version of Raspberry Pi OS Lite, ensure stable Internet connectivity, localize your installation with raspi-config (optional), download and execute our installation script (option –
-select-tor let you select the tor version to be installed; for more options, use
cd wget https://raw.githubusercontent.com/radio24/TorBox/master/install/run_install.sh chmod a+x run_install.sh ./run_install.sh
See here for more detailed information and installation scripts for other systems, which might run on different hardware platforms.
Building from scratch
All you need to run TorBox on your Raspberry Pi is the image file. However, if you want to build it from scratch, whether you like to implement it to an existing system, to another hardware, respectively another operating system or you don’t trust an image file, which you didn’t bundle of your own, then check out our detailed manuals for a Raspberry Pi with Raspberry Pi OS Lite.
I want to help…
GREAT! There is a lot to improve and to fix (security of the entire system, graphical menu, cool logos …). We are searching for people who want to help, and we need especially your feedback to improve the system. You can start to contribute to our GitHub page or contact us. Also, look for our Job Postings. You can also donate to the Tor Project — without them, TorBox would not exist.
For secure email communication, we are using for the TorBox email Protonmail. All messages between Protonmail users are automatically end-to-end encrypted. Additionally, all messages in Protonmail inboxes are protected with PGP encryption to prevent Protonmail (or anyone else) from reading or sharing emails, a concept known as zero-access encryption. Creating a Protonmail email address is free and takes less than a minute. With Protonmail, anyone can use PGP regardless of their technical knowledge. However, technically versed, can also use our public PGP key to communicate with us:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: OpenPGP.js v4.10.10 Comment: https://openpgpjs.org xjMEXemNYRYJKwYBBAHaRw8BAQdAH22RKj/kZRqZds03njk7tSFEgrYkbeFo PRC3CwA2JwPNI2Fub255bUB0b3Jib3guY2ggPGFub255bUB0b3Jib3guY2g+ wncEEBYKAB8FAl3pjWEGCwkHCAMCBBUICgIDFgIBAhkBAhsDAh4BAAoJEOhJ KVODQehAkY8A/A7vPC+6nPaGBiv7P6wryQ+THA97uEwRK0Rsx3TYlKHuAQDN M4XH5G++eqqptaEv1daJEofwOnYxahJoHzYvdfZUBM44BF3pjWESCisGAQQB l1UBBQEBB0Cp+yT4Ec5kmGaGWneulB/KSgXLkkMSVaD++dC9mrcTfQMBCAfC YQQYFggACQUCXemNYQIbDAAKCRDoSSlTg0HoQArZAQD94cT2csOWOsqqx7+q Ps0P1Udn2/jXRbO+XbfzBzjM6wEAq4Z4g0w03KkHC3aU8/fATEnbN2+TInLV gNKTldrMtAg= =eGoI -----END PGP PUBLIC KEY BLOCK-----
OpenPGP key file: [email protected]840.asc