It depends on how you are using tor
.
If you use tor
as client, then you need only the output rules.
If your setup is a relay or bridge, you need both the output and the input rules.
Since you didn’t change torrc
, I assume you are using tor
as client.
Yes, this or this one should do it:
sudo -u debian-tor tor
But if you installed tor
from the Debian/Ubuntu or Tor Project’s repositories,
it’s better to let systemd
start tor
.
systemctl enable tor --now
This will ensure tor
will start automatically on system start up.
As already mentioned the user of the default instance of tor
is debian-tor
in this case and you don’t need to change anything related to user.
You can check the user of all running tor instances by running this command:
sh -c 'ps -o pid,uid,uname -q $(pidof tor -d,)'
The process ID, the user ID and the user name will be shown.
If you want to see, what command started a tor
process, use this:
sh -c 'ps -o pid,cmd -q $(pidof tor -d,)'
To see what ports tor
processes are listening on:
sudo netstat -tulpn | grep tor | tr -s ' ' | cut -s -d' ' -f4,6,7
You’ll get something like this as output:
127.0.0.1:9150 LISTEN 2685/tor
127.0.0.1:9151 LISTEN 2685/tor
127.0.0.1:9050 LISTEN 1385/tor
127.0.0.1:9051 LISTEN 1385/tor
If tor
is listening on loopback addresses only (127.0.0.0/8
), you don’t need any input rules that allow connections from outside.