Main Menu

Main Menu TorBox v.0.5.3
Main Menu TorBox v.0.5.3

After installing TorBox either by using the image file and the corresponding start-up instruction or by running our installation script or manually according to our detailed manual, TorBox can be accessed with an SSH-client either by the TorBox’s WLAN (password: CHANGE-IT) and/or by an ethernet connection. If a client is connected via ethernet cable to the TorBox, whether using the onboard or external ethernet adapter, then the TorBox functionality is automagically enabled for that client. To establish a connection between the SSH-client and TorBox, use 192.168.42.1 (username: torbox / password: CHANGE-IT); with an Ethernet connection, use 192.168.43.1 (username: torbox / password: CHANGE-IT). TorBox Menu can also be accessed with a web browser using http://192.168.42.1 on a WiFi client and http://192.168.43.1 on a cable client.

In the following, we look at all menu entries one by one:

Nyx - Tor statistics
Nyx – Tor statistics
  • Menu entry 1: Tor statistics: This menu entry starts Nyx, a very informative statistic tool. Besides showing the actual data transfer rate and the last log messages, you can also get a new identity or reset Tor. Press “h” to display a brief help window, “m” to activate a simple pull-down menu, and use twice “q” to quit the statistics.

    Important: Nyx, which shows the Tor statistics, uses the control port of the local Tor installation. Unfortunately, it shows you only a black screen with a blinking cursor if Tor gets stuck in its boot process (possible due to network problems or censorship). In this case, take menu entry 4 “Show the Tor log file – quick and dirty”. The screen updates automatically when a new entry is written to the log file. Press CTRL-C to leave the log.

Quote published during Tor Project's Bridge Relay Campaign.
Quote published during Tor Project’s Bridge Relay Campaign.
  • Menu entry 2: Enforce a new exit node with a new IP: The title of this menu entry is, without doubt, self-explanatory. By default, Tor changes all 10 minutes its circuit, which results in a change of the external IP address. This menu entry forces an immediate change, which can solve problems with unresponsive or slow circuits, or blocked IPs from known exit nodes. Notice: Even if the middle and exit nodes change, the entry guard remains the same. That’s intentional: a fast and stable relay remains as an entry guard in your circuit for 2-3 months to protect against a known anonymity-breaking attack (for more information, see here). However, you have more reset possibilities in the update and maintenance sub-menu (menu entry 10).

  • Menu entry 3: Restart Tor – check if it is working: Troubleshooter – could be necessary, i.e., if Tor doesn’t work as expected and therefore you want to restart it. Please be patient! Depending on your configuration restarting Tor can take up to 5 minutes. Usually, any error messages can be ignored, just wait! You should see “Bootstrapped 100%: Done” at the end. Press q to leave the log.

  • Menu entry 4: Display the Tor log file – quick and dirty: As the name says, the Tor log file is displayed and automatically refreshed when new entries are added. This is useful when connection errors occur and Nyx (menu entry 1) cannot be started. Press q to leave the log.

  • Menu entries 5-10: With these menu entries, you can choose and change from where you get the Internet.

    Currently, TorBox supports the following connections (listed as in the main menu):
  INTERNET     CLIENT           Remarks
  --------------------------------------------------------------------------------------------
  ETH0         WLAN0(+ETH1)     Cable-internet (onboard ethernet adapter) - STANDARD
  WLAN1        WLAN0(+ETH0)     Wireless-internet (USB wireless adapter, usually 2.4 GHz only)
  WLAN0        WLAN1(+ETH0)     Wireless-internet (onboard chip, with >RPi3B+: 2.4/5 GHz)
  USB0         WLAN0(+ETH0)     USB dongle or Tethering (Android) (ppp0; usb0)
  PPP0         WLAN0(+ETH0)     Cellular-internet
  ETH1         WLAN0(+ETH0)     USB ethernet adapter or Tethering (iOS)
  TUN0         WLAN0(+ETH0)     Over a VPN connection

Important

  • For menu entries 6 and 7, an additional USB-WiFi adapter is required in most cases.
  • You can only use one Internet connection. Especially if you don’t get the Internet via Ethernet cable (eth0), you have to remove the cable. Otherwise, TorBox thinks you have a client on that cable, which is not the case and probably will block loading Tor (this is the case if the menu entry 3 shows you just a blank screen).
  • TorBox is configured as a DHCP client, which means that the router has to give TorBox all necessary network information (usually, the router is configured like that). If that doesn’t work, check out this FAQ entry.

VPN
There are two possibilities of how TorBox handles VPN connections:

  1. The VPN connection is already established, and the interface tun0 is configured (manually or by using menu entry 18 in the countermeasure sub-menu).
  2. The VPN connection is not established yet, but one or more *.ovpn – files are in the ~/openvpn directory so that TorBox can execute OpenVPN with that file.

To completely disconnect from a VPN, please, use the countermeasure sub-menu entry 18. Using in the main menu entries 5-9 will only change the route of Tor’s network traffic to the Internet, but local network traffic from the command prompt will still be routed through the VPN.

For more information about “VPN over Tor” and “Tor over VPN“, see the FAQ.

TorBox’s different connection modes
TorBox’s different connection modes

“Open access” or “captive portal”
All connection setting menu entries support “open access” or “captive portal”. “Open access” means that you already have entered a password to access the provided network, and you don’t have to fill out an additional login/authentication page. Contrarily, captive portals have additional login pages for which you must register. See here for more information on how to pass through a captive portal.

  • Menu entry 11: Go to the Countermeasure sub-menu…: This sub-menu deals with the circumvention of censorship by using bridges. It allows you to enable, disable or/and configure the bridge mode easily. Furthermore, it gives some more tools to deal with obstacles from the Internet provider, for example, measures against a tightly configured firewall, the possibility to randomize the hostname of the TorBox, avoid disconnection when idle, the possibility to connect/disconnect TorBox to/from a VPN, etc. For more information, see here.

An example of what a captive portal looks like.
An example of what a captive portal looks like.
  • Menu entry 12: Go to the Configuration sub-menu…: This sub-menu gives you the ability to change some basic configurations like passwords, network, security, tor and logging settings. From that sub-menu, additional software can be installed to support currently three hardware accessories (Adafruit’s PiTFT displaysSixfab Shields/HATs for cellular connections, and 3.5″ no-name TFT displays). For more information, see here.

  • Menu entry 13: Go to run an OBFS4 Bridge Relay…: This sub-menu offers you a simple way to set up a bridge relay. However, to do so, you need a public IP address, 24/7 Internet connectivity over a long time, and a bandwidth of at least 1 Mbps. By setting up an OBSF4 bridge relay, you can help censored users connect to the open Internet through Tor. For more information, see here.

  • Menu entry 14: Go to run an Onion Service…: With this sub-menu, sharing a folder with a static webpage, files, etc. on a .onion domain with or without client access control is easy, even if the TorBox is located behind a firewall, a network translator, or in a censoring country. With TorBox File Sharing (TFS), upload and/or download files can be allowed to the public or specific clients, and with TorBox Chat Secure (TCS), a secure chat environment can be established. For more information, see here.

  • Menu entry 15: Go to the Danger Zone…: This sub-menu comprises features that are considered risky or could compromise the user’s security and anonymity. Therefore, these features should only be used if the user knows the potential risks and consequences. You will find in this sub-menu a feature to exclude domains from tor protection. A “forwarding only” mode for client data traffic will function as a router without tor protection. This feature was a request, but most of the time, it makes only sense in connection with developing and debugging. For more information, see here.

  • Menu entry 16: Go to the update and maintenance sub-menu…: This sub-menu allows to backup and restore TorBox ‘s configuration (including OBFS4 Bridge Relay and Onion Service), update or even reset your TorBox, and fix some inconveniences, if necessary. For more information, see here.

  • Menu entry 17: HOW CAN I SUPPORT THE TOR PROJECT!: This sub-menu displays a text file on how the Tor project can be supported.

  • Menu entry 18: HOW CAN I HELP WITH TORBOX?: This sub-menu displays a text file on how you can help to develop TorBox further.

  • Menu entries 19: Reboot / Shutdown TorBox: Here, you can choose to reboot or shut down the TorBox.

• • •

Pressing the ESC key exits the TorBox main menu, and you are taken to the command line. This gives you full access to your entire system. You can reload the menu with the command ./menu in ~/torbox. The menu is reloaded each time when you open a new console. If you like to avoid that, then use the following procedures:

cd 
sudo nano .profile

Remove the following lines at the end of .profile:

cd torbox 
./menu

Important: Network transfers from the command line do not pass through Tor and are, therefore, by default, not secured or anonymized.

• • •

“TOR is working”
A little message (“TOR is working”, “VPN is up & TOR working” or “VPN is up”) in the right corner of the main menu shows you immediately if you are connected with the Tor network (meaning https://check.torproject.org returns a positive result) and/or if the TorBox is connected to a VPN. Since a missing “TOR is working” does not automatically mean that there is no connection to the Tor network, no error message is displayed. In other words, if this message is missing, there may or may not be a connection problem.

Using Torbox’s Wireless Manager (TWM)
TWM is very easy to use and self-explaining. You chose the Wireless Network with which you like to connect the TorBox and press ENTER. If TWM needs a password, it will ask for it; otherwise, it will simply connect with the network. Next time, when you start TorBox and have a USB WiFi adapter plugged in, TWM will automatically try to connect with the wireless network again. The same applies when TWM is started from the main menu. In the update and maintenance sub-menu, these remembered wireless networks can be reset with entry 9.

An example of what the Torbox Wireless Manager looks like.

• • •

Problems and questions

  • Can I use TorBox and VPN together? –> see here.
  • Can Tor protect me against tracking and/or fingerprinting in web browser to guaranty my anonymity accessing a website? –> see here.
  • How can I access the TorBox Menu? –> see here.
  • How can I be sure that my devices are using the Tor network? –> see here.
  • How severe is the risk of a traffic correlation analysis? –> see here.
  • I can’t get tethering to work. What’s wrong with it? –> see here.
  • I can’t get TorBox to work and need more detailed help! What should I do? –> here.
  • I have problems with the wifi network from/to TorBox/Internet router/clients connected to the TorBox. Please fix it for me! –> see here.
  • I heard that transparent Tor proxies are dangerous! I shouldn’t use TorBox, right? –> see here.
  • I’m connected to TorBox with an ethernet cable, and all is working as expected. However, when I change my Internet to “Wireless network”, I’m not able to connect to the Internet anymore. –> see here.
  • My client, which is connected to the TorBox, doesn’t receive an IP address. –> see here.
  • Is the use of a TorBox (or tor in general) considered secure? –> see here.
  • My TorBox doesn’t receive an IP address from the network router. –> see here.
  • My TorBox is connected to a captive portal (used in airports, hotels, coffee houses, etc.) and cannot connect to bridges. What’s wrong? –> here.
  • My TorBox is connected with the Internet via ethernet. I’m using onboard WiFi for my client devices. How can I additionally connect a cable client? –> see here.
  • My TorBox receives an IP address (192.168.42.* or 192.168.43.*) from the network router, but it doesn’t work. –> see here.
  • Tor did work without a problem. The Internet is reachable. Nevertheless, after a restart of TorBox, Tor doesn’t load anymore. It has been stuck at “Bootstrapped 0%” for more than 5 minutes! How can I fix that? –> see here.
  • My wireless network has non-latin characters. How can I connect to such a wireless network using TorBox’s wireless manager? –> see here.
  • Tor statistics don’t show up — the screen stays black. What can I do? –> see here.
  • TorBox’s wireless manager doesn’t show me none or not all wireless networks (2,5 GHz and/or 5 GHz)! What can I do? –> see here.
  • What are the main differences between TorBox and Whonix? –> see here.
  • When I boot up my TorBox, I can see the following error: “Failed to start Raise network interfaces” – what does it mean? –> see here.
  • When I start the Tor Bowser or when I open a window with Tor on Brave (both running on a client device of the TorBox), they cannot connect to the tor network. The same happens if I’m using Tails behind a TorBox. –> see here.
  • Why do I receive a grey onion on the Tor Project’s check-site? –> see here.
  • Why is the local TorBox traffic not routed through tor? Why is by default Google’s and/or Cloudflare’s service used to circumvent cheap censorship measures or to test the connectivity? Can I change Google and/or Cloudflare services with something else? –> see here.
  • Why is tor so slow – is the tor network broken? –> see here.