Alright, problem solved although I don't understand why. Hope someone can educate me:
What I did.
(1) Turned on Log debug stderr in torrc, and I could see obfs4 loading correctly.
(2) Then I realized obfs4 writes to a file to help people construct the bridgeline for tow browser in pt_state/obfs4_bridgeline.txt
The format is like:
Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=[scrubbed] iat-mode=[scrubbed]
Which is different from the bridge line I used by hand, i.e. has FINGERPRINT, has cert=? and iat-mode=?.
These extra bits made all the difference, but why?
Jack
30. Mar 2018 15:02 by jackoreamnos@tutanota.com:
Am a novice compiling Tor (0.3.2.9) and been successful using this from a Tor Browser as a private bridge by entering "a.b.c.d:9001" into Tor Browser. However, pointing my Tor Browser to the obfs4 on the same machine fails with something like General SOCKS failure in the log. Below is my torrc:
SOCKSPort 0
CookieAuthentication 1
ControlPort 9051
ORPort 9001
ExtORPort auto
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
# ServerTransportListenAddr obfs4 [::]:60443
ServerTransportListenAddr obfs4 0.0.0.0:60443
ExitRelay 0
BridgeRelay 1
PublishServerDescriptor 0
Tests I have done:
(1) using obfs4 compiled from git repository, as well as the OS package.
(2) opening port 60443, as well as dropping all firewalls - does not make a difference; meanwhile, pointing telnet at a.b.c.d 60443 connects successfully
(3) using Tor Browser with default supplied obfs4 bridges works well (log shows I was able to download a list of bridges and their fingerprints).
So I think I have ruled out problems with my Tor client (Tor Browser), and I have ruled out firewall configurations on the server, and ruled out obfs4 being blocked on my ISP. Since Tor itself works, and I have tried obfs4 from source as well as from the OS package, the only thing I can think of is something wrong with the config above.
Any hints would be appreciated, as well as any steps I can do to further diagnose would be helpful.
Thanks,
Jack