Hi,
this is a suggestion for improving page :
https://community.torproject.org/relay/setup/bridge/post-install/
where the page states :
See the file |obfs4_bridgeline.txt|, which is found inside Tor Data Directory, for example, in Debian/Ubuntu |/var/lib/tor/pt_state/obfs4_bridgeline.txt| or FreeBSD |/var/db/tor/pt_state/obfs4_bridgeline.txt|.
I believe this is now time to keep a standard with the pattern of respect that the recipe has had for the diversity of OS-communities and push this to state in hard:
See the file |obfs4_bridgeline.txt|, which is found inside Tor Data Directory: in Debian / Ubuntu / Fedora |/var/lib/tor/pt_state/obfs4_bridgeline.txt|
in FreeBSD |/var/db/tor/pt_state/obfs4_bridgeline.txt|.
(My personal experience is that under DEBIAN BOOKWORM (12) at least, the directory |/var/lib/tor/pt_state/ |DOES NOT EXIST this is infuriating when having set up the entire Bridge in deep study of the torproject recipe, the fatal outcome is that the Bridge is running yet the Bridge line is uncomposable for publication: Debian 12 is a standard, and Debian 11 becomes a dangerous OS to rely on: the bridge-line pt_state folder-issue must be urgently resolved!).
also the page :
source url : https://bridges.torproject.org/info
does not give clean examples of the exact torrc statement with the present double-quote (eg. "Settings") and this is very confusing for those who capitalize the first letter when the standard on pages I visit are often all in small letters:
|BridgeDistribution moat
|
would illustrate the standard to adopt and avoid potentially wasting time at every new Bridge being attempted by operators.
Perhaps keeping this good habit of looking what else is, to secure a basic tor server (after all the actual recipe mentions Unbound, ufw, firewalld, ... ) the torproject could push a step further and remind a concise, minimal yet expected standard (for every OS) - in changing openssh ssh port 22 for any other port TODO,
- in setting up ed25519 only,
- in setting up fail2ban to jail any TOR EXIT IPs, ... .
Truely, with little experience of mine, INFLATION BOMBS and local infrastructure hacking attacks have repeatedly used Tor to (dDOS-) attack Tor Relays from EXIT nodes.
Carlos.