The primary purpose of the configuration sub-menu is to offer a simple way to configure your TorBox. In this sub-menu, you also find all the necessary entries to change the default passwords. You should do that as soon as possible — check the red coloured menu entries below. Additionally, this menu gives you the ability to change basic configurations like network, security, and logging settings and install additional software for specific hardware support.
In the following, we look at all menu entries one by one:
- Menu entry 1: Change admin (user torbox) password: That’s the first thing you should do!
- Menu entry 2: Change the password of TorBox’s WLAN: That’s the second thing you should do! A reboot is required to take effect.
Important: Only letters (upper and lower case) and numbers are allowed. The length must be between 8 and 63 characters.
- Menu entry 3: Change the password of your Tor control port: The control port is used for controlling Tor, usually through other software. To change that password is generally not necessary. If you, nevertheless, change the password, Tor restarts automatically.
- Menu entry 4: Change the name of TorBox’s WLAN: Depending on your environment, it could be a good idea to camouflage your wireless network with an appropriate name.
- Menu entry 5: Set TorBox’s WLAN regulatory domain for the 5 GHz band: By default, TorBox WLAN regulatory domain is set to the United States, which works in most cases. Depending on the location, however, it may be necessary to adjust the WLAN regulatory domain to use all bands, channels and frequencies and not get in trouble.
- Menu entry 6: Change TorBox’s WLAN from the xx GHz to the xx GHz band: This menu entry changes the TorBox’s WLAN — the one, which the SSH client connects — from 2,5 GHz to 5 GHz or back. If you are in an area with many devices transmitting on 2.5 GHz, a change on the 5 GHz band could solve some problems and provide higher throughput. This is only supported by a Raspberry Pi 3 Model B+ or a Raspberry Pi 4 Model B.
- Menu entry 7: Change TorBox’s WLAN channel and the MHz: This menu entry changes the channel and the frequency of TorBox’s WLAN. If you are in an area with many devices communicating on the same channel you’re using for TorBox’s WLAN, changing channels can solve some problems and increase throughput. It is also true that higher frequencies are associated with higher throughput. However, this also means that more power is required and thus a reliable power supply. Frequencies above 20 MHz are only supported by a Raspberry Pi 3 Model B+ or a Raspberry Pi 4 Model B.
Important: 40 MHz is only activated if there is no overlap with other devices. For this purpose, hostapd performs a background scan. This can also be checked with the following command:
hostapd -dd /etc/hostapd/hostapd.conf
- Menu entry 8: Hide / Unhide TorBox’s WLAN: If you choose “hide”, TorBox sends empty SSID in beacons and ignores probe request frames that do not specify full SSID. In other words: to connect with your wireless network, the full name of that network must be known. “Unhide” will reverse this behaviour.
- Menu entry 9: Disable / Enable TorBox’s WLAN: If at least one client device is connected to the TorBox with a cable, this menu entry gives the possibility to disable the TorBox WLAN. It can be chosen between a temporary disabling, which lasts only until the next restart of the TorBox, and a permanent disabling. To disable TorBox’s WLAN involves the risk of locking you out.
- Menu entry 10: Enable / Disable SSH access from the Internet: Does what t says – the default is disabled.
- Menu entry 11: Enable / Disable HTTP plain text traffic block: This option blocks all HTTP plain text traffic through Tor by blocking port 80. This should avoid unencrypted data traffic at the Exit Node, which could break your anonymity (see here). However, it is only a very superficial block, which could help if, for example, a browser requests an unencrypted Webpage (http://). Currently, it does not block plain text traffic in general (for example, Telnet). Also, HTTP plain text traffic from clients using TorBox’s SOCKS 5 functionality or the Tor Browser cannot be blocked. Another downside is that not only unencrypted web pages but also other traffic on port 80 are blocked so that probably some application will not work correctly anymore. For example, in Chrom and Chromium .onion addresses using “http://” will be blocked too. For that reason, HTTP plain text traffic blocking is by default disabled, and we recommend installing HTTPS Everywhere in the Browser.
- Menu entry 12: Changing the extent of logging: By default, TorBox reduces logging to a minimum. However, the protocol function for Tor remains activated so that the correct operation be determined. Tor ensures that no sensitive information is leaked into the log files. For detailed troubleshooting, the log function can be set to “High”, which effectively means that the normal log function of the operating system is activated.
- Menu entry 13: Erase all log files: It does what it says.
- Menu entry 14: Support for Adafruit’s PiTFT displays: A nice way to display the real-time statistics (main menu entry 1) of TorBox is to combine a Raspberry Pi with a PiTFT 3.5″ resistive touch 320×480 from Adafruit (for more information, see here). With this menu entry, the necessary drivers are installed. TorBox has to be connected to the internet and a reboot is required to take effect. Supported are following Adafruit’s PiTFT displays: PiTFT 3.5″ resistive touch 320×480, PiTFT 2.8“ capacitive touch 240×320, PiTFT 2.4″, 2.8″ or 3.2″ resistive 240×320, PiTFT 2.2″ no touch 240×320, Braincraft 1.54″ display 240×240.
- Menu entry 15: Support for 3,5″ no-name TFT displays: Instead of an Adafruit TFT display, it is also possible to use a 3,5″ no-name TFT (for more information, see here). With this menu entry, the necessary drivers are installed. TorBox has to be connected to the internet, and a reboot is required to take effect.
- Menu entry 14: Support for Sixfab Shields/HATs for cellular connections: This menu entry installs the necessary drivers for Sixfab Cellular Shields/HATs for cellular connections (for more information, see here). Supported are the following Sixfab Shields/HATs: Raspberry Pi GSM/GPRS Shield, Raspberry Pi 3G-4G/LTE Base Shield V2, Raspberry Pi 3G/4G<E Base HAT, Raspberry Pi Cellular IoT Application Shield, Raspberry Pi Cellular IoT HAT, Raspberry Pi Tracker HAT.
• • •
Regarding the use of TFT displays
TorBox’s menus and dialogue boxes have only been adapted for TFTs with a minimal resolution of 320×480. Adafruit’s and 3,5″ no-name TFTs are widely used and are therefore included in the configuration menu. On request, we are happy to support other widespread small screens for the Raspberry Pi.
• • •
Problems and questions
- Should I change the default passwords? How can I change my passwords? –> see here.
- Should I change the name of the wireless network (SSID) of my TorBox? How can I change it? –> see here.
- Can I hide the name of the wireless network (SSID) of my TorBox? –> see here.
- TorBox’s Wireless manager doesn’t show me all wireless networks! It seems that the ones on the 5 GHz band are missing. What can I do? –> see here.
- I’m connected to TorBox, and all is working as expected, but Firefox, Safari and any iOS device don’t display .onion sites. What’s wrong? –> see here.
- Is there a way to force/block TorBox to use an exit node in a specific country? –> see here.