first of all thank you for donating spare (web)server power to keeping the privacy of activists safe.

this seems to be a bug and the only current solution seems to downgrade tor?

this problem was discovered on:

Linux dwaves.de 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64 GNU/Linux

and upgrade could not resolve the problem.

# you can try to debug the problem by looking at
journalctl -xe

# and

less /var/log/tor/log
cat /var/log/syslog|grep tor;

# i found that
Failed to start Anonymizing overlay network for TCP

Aug 22 06:36:09 dwaves systemd[1]: Failed to start Anonymizing overlay network for TCP.
Aug 22 06:36:09 dwaves systemd[1]: Unit tor@default.service entered failed state.
Aug 22 06:36:09 dwaves systemd[1]: tor@default.service holdoff time over, scheduling restart.
Aug 22 06:36:09 dwaves systemd[1]: Stopping Anonymizing overlay network for TCP...
Aug 22 06:36:09 dwaves systemd[1]: Starting Anonymizing overlay network for TCP...
Aug 22 06:36:09 dwaves tor[2921]: Aug 22 06:36:09.657 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.
Aug 22 06:36:09 dwaves tor[2921]: Aug 22 06:36:09.658 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Aug 22 06:36:09 dwaves tor[2921]: Aug 22 06:36:09.659 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Aug 22 06:36:09 dwaves tor[2921]: Aug 22 06:36:09.659 [notice] Read configuration file "/etc/tor/torrc".
Aug 22 06:36:09 dwaves tor[2921]: Aug 22 06:36:09.663 [notice] Based on detected system memory, MaxMemInQueues is set to 750 MB. You can override this by setting MaxMemInQueues by hand.
Aug 22 06:36:09 dwaves tor[2921]: Configuration was valid
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.728 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.729 [notice] Tor can'
t help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.729 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.730 [notice] Read configuration file "/etc/tor/torrc".
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.733 [notice] Based on detected system memory, MaxMemInQueues is set to 750 MB. You can override this by setting MaxMemInQueues by hand.
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.734 [notice] Opening Socks listener on 127.0.0.1:9050
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.735 [notice] Opening Control listener on /var/run/tor/control
Aug 22 06:36:09 dwaves tor[2924]: Aug 22 06:36:09.735 [notice] Opening OR listener on 0.0.0.0:9001
Aug 22 06:38:09 dwaves systemd[1]: tor@default.service start operation timed out. Terminating.
Aug 22 06:38:39 dwaves systemd[1]: Failed to start Anonymizing overlay network for TCP.
Aug 22 06:38:39 dwaves systemd[1]: Unit tor@default.service entered failed state.


systemctl -l status tor.service; # does not really help

● tor.service - LSB: Starts The Onion Router daemon processes
   Loaded: loaded (/etc/init.d/tor)
   Active: active (running) since Mon 2016-08-22 13:40:03 CEST; 10min ago
  Process: 706 ExecStart=/etc/init.d/tor start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/tor.service
           └─854 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc --hush

Aug 22 13:40:03 dwaves.de tor[706]: Starting tor daemon...done.
Aug 22 13:40:03 dwaves.de systemd[1]: Started LSB: Starts The Onion Router daemon processes.

# you can test if the tor port is reachable from outside with telnet
telnet 78.46.249.71 9001

it keeps repeating…

Failed to start Anonymizing overlay network for TCP

here you can also check if your tor network works:

https://atlas.torproject.org/#details/C31FD7DE847F6488CF4D08E57FD1937E87E5CF30

it seems to works if you start it manually

systemctl -l restart tor.service; # give ctrl+c if it takes too long (it has 30sec timeout closing connections)

i hope it continues to work gonna test restart the server soon to find out.

all i did changed

#HiddenServiceDir /var/lib/tor/hidden_service/
# to
HiddenServiceDir /var/lib/tor

restarted tor

systemctl -l restart tor.service; # give ctrl+c if it takes too long (it has 30sec timeout closing connections)

than commented it out.

#HiddenServiceDir /var/lib/tor

another look at the logs:

journalctl -xe

Aug 23 06:30:53 dwaves.de sshd[23621]: Address 212.83.135.171 maps to 212-83-135-171.rev.poneytelecom.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Aug 23 06:30:53 dwaves.de sshd[23621]: error: Received disconnect from 212.83.135.171: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]

… no errors from tor atleast 😀 everything „normal“ 😀

Related Links:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792187

https://github.com/systemd/systemd/issues/567

admin