How do you run Tor on a container that uses VPN?

Rather than subject my entire system to a VPN, I would like to restrict the VPN to a container and run Tor on it. But so far it’s been impossible. I’ve tried lxc/lxd, but apparently it’s fallen into disuse. I’ve tried Docker but apparently Docker’s no good for this. I figured if anyone would be experienced in this it would be Tor users,
I’m running Ubuntu 22.04. I could use VirtualBox but I’d prefer a lightweight solution to virtualization.

1 Like

Are you referring to using the Tor Browser in a container using a VPN?

Exactly. With only the container using the VPN

1 Like

Do you want to run Tor and VPN at the same time? Am I understanding this correctly in an LXC?

If so, I strongly advise against it!
Otherwise you’ll be doxxing yourself faster than you can watch.

1 Like

How does that work? I thought that would increase security. I read somewhere that one should never use Tor alone without a VPN as that is dangerous.
Although, I understand LXC isn’t a very good example, because it’s not used anymore.

1 Like

Why does Mullvad have bridge mode? NEVER Tor + VPN the leaking is far too big. Depending on the threat model, you can be caught more quickly.

Unfortunately I couldn’t find the original text anymore… I think the author has taken the page offline. But saved it in my notes:

VPN + Tor: Not necessarily a net gain
So many people share the advice to use a VPN in conjunction with Tor, usually by the way the VPN is placed between the user and their guardian node (connecting to Tor via a VPN). Less commonly, the advice is given to place the VPN between its exit and its destination (connecting to a VPN via Tor). On the surface, these ideas sound good, or at least not bad. The first one sounds particularly good, as if it should help. More encryption is always better, right?

In this post I’ll discuss my reasoning as to why using a VPN with Tor isn’t the way to go, given the obvious security gain people get from it. Users may not sacrifice any security by adding a VPN, but they probably don’t gain any.

First I want to create trust. A VPN is 100% a single point/entity that you must trust. With Tor, you don’t have to trust a single entity or every single point. Users don’t have to trust every Tor relay they use to stay secure with Tor. As long as the right ones are not compromised, the collaboration or otherwise the user remains protected.

VPN users completely trust their VPN. They trust their VPN provider

  • Do not retain payment information
  • do not keep logs
  • not to pass on any information to your opponent
  • be able to keep their network and machines secure

Should VPN-provider-X be completely trusted? Perhaps. Are they completely trustworthy? from their users? Yes, whether users realize how much trust they have in the placement with the provider or not.

Let’s assume for a moment that using only Tor Alice is the same as “protection” since it only uses a VPN. If she just uses Tor, she doesn’t have to trust every single entity. If she uses a VPN, she must completely trust her VPN provider.

So why use a tool that requires the user’s trust when they have a tool that doesn’t?

This begs the question: If Alice decides she trusts her VPN provider 100% and wants to use Tor with a VPN, does the VPN add value? I’ll address this question in two parts, depending on whether the VPN comes “before” or “after” Tor.

Connect to Tor using a VPN
Now I’ll start with what is actually the easiest to achieve and recommended most of the time. I prefer to discuss this as a set of reasons why someone might even consider using a VPN in this way.

Gate is blocked
For whatever reason, Tor is closed to Alice. Maybe your company has a really strict firewall or your country has a super strict firewall. But apparently the firewall wouldn’t block a VPN.

Alice should try using a Tor bridge first. A bridge is simply an unlisted gate guardian relay. If she was blocked because she tried to connect to an IP known to be a Tor relay that would help.

If that doesn’t work, maybe your traffic is being blocked because it looks like Tor traffic. After all, it’s a fingerprint. If this appears to be the case, then Alice should try using a bridge with a pluggable transport. Pluggable transports make Tor traffic look different so that it (hopefully) isn’t fingerprinted and then blocked. obfs4 is a popular PT that makes Tor traffic between Alice and her bridge look like encrypted garbage. meek is another PT that makes it look like Alice is talking to a website in the Amazon or Microsoft cloud.

Hide Tor usage from ISP
First, Alice should consider whether her adversary has the ability to extract information from her ISP. Is what she’s doing even illegal where she lives? Is it embarrassing? How far will her opponent go (or can she go) to find out who she is? If Alice is just trying to hide an embarrassing habit of her spouse or circumvent her incompetent country’s censorship regulations, it may not even be necessary to hide her Tor usage.

Additionally, unless Alice is truly up to no harm, using her Tor not covertly helps reduce Tor’s bad stigma. Many people use Tor for a wide variety of reasons. And if Alice thinks using Tor is enough to land her on a list of potentially bad ones, she should be proud. It’s not bad, and it lowers the quality of this list. If everyone used Tor, everyone would be on the list and the list would be worthless.

If Alice finds that she really needs to hide her Tor usage, she should first consider using bridges or bridges with pluggable transports. For more information, see the previous section for information on these.

Hide your true IP address from a global passive attacker
Let me preface this by saying that a global passive adversary (GPA) is not something that everyone should just assume they have to deal with.

A GPA can observe and record Internet traffic “anywhere”, where “everywhere” is such a large number of locations that in the context of Tor they can observe/record traffic entering the Tor network as well as observe/record traffic to leave the Tor network. One way to achieve this would be to have the GPA running Tor forward itself, but that is not a necessity. They could work with/hack/compromise ISPs and ASes “anywhere” until they get a good overview of Tor’s edge traffic.

A VPN between Alice and her entry point into the Tor network sounds like it would help, right? The GPA that observes and correlates traffic will correlate traffic to their VPN’s IP address, not theirs.

My rebuttal is best summarized with rhetorical questions: powerful enough to monitor inbound and outbound traffic, aren’t they also capable of monitoring inbound and outbound traffic, VPN providers?

Since VPNs are so popular, isn’t it likely that the GPA has already done something to compromise the most popular ones?

Why would anyone ever assume that the GPA they are protecting themselves from would be stopped by a VPN? If they can watch traffic depart “enough” from the nearly 1,000 gate exits and “enough” from the approximately 2,500 gate exits guards, then why should all of the following be impossible?

  • Extract information from VPN provider about legal system
  • Extracting information from ISPs/ASes on both sides of the VPN provider
  • get permission to monitor traffic on the VPN network
  • Monitoring traffic on the VPN network (via compromise)

If Alice thinks she has a GPA to worry about, then I think she’s a fool. assuming the GPA can’t find them behind a VPN.

Hide your IP address from browser-based malware
In the past, these heroic deeds seemed to be very valuable. They were only ever to be used in the wilderness against people who do terrible things. They only have Windows users (probably because that was the largest demographic and the one that required the least amount of work for the most reward).

If you don’t do terrible things, you probably won’t fall into one of these exploits. If you don’t use Windows, they probably won’t work on you. Either by not being a shitty person or by not using the most popular operating system you will avoid these exploits.

But you might not think that these exploits are rare and targeted. OK…

If you assume that your opponent can break the Tor browser enough to create web requests that don’t go through Tor (or otherwise collect identifying information about you or your computer), they’re probably too much more capable.

If you believe they can break out of the Tor browser completely and run arbitrary commands as a non-root user, then something like Tails is probably more effective against this attacker than a VPN.

If you think they’ll break out of the Tor browser as well as root your computer, then you’re screwed and Tails won’t help, a VPN won’t help, and Whonix probably won’t help either. Get off the internet.

Connect to a VPN via Tor
I’m now going to switch gears and talk about connecting to a VPN over the Tor network. People usually consider this because they want to appear to have an IP address that doesn’t change and isn’t associated with Tor. This approach throws away the vast majority of the security gains that Tor brings you. It ruins Tor so much, and you have to trust the VPN company so much, that, well, you don’t even use Tor at all.

Traffic patterns
When you use Tor Browser normally, it does a lot of smart things to ensure your security. The Tor browser is much more than Firefox with some pre-configured security settings and some addons.

When you visit Facebook in some tabs (perhaps even with your real daily account) and in some other tabs on Wikipedia, you research an accurate history of your abusive government, traffic, and local state of the Facebook tabs do not touch the traffic or status the Wikipedia tabs. Facebook tab traffic, regardless of the destination domain, does not follow the same circuits (paths) through the Tor network as Wikipedia tab traffic, even if they use the same advertising network or content delivery network. You can never repeat this behavior in another browser without changing the source code and recompiling it. This goes beyond simple configuration options.

When you connect to a VPN via Tor, this traffic separation disappears completely. You establish a single connection through the Tor network, and through this circuit you connect to your VPN. All your Facebook and Wikipedia traffic will be transferred in the same path right next to each other. If you have other things tunneling through this VPN connection, those things are right there too. Any SSH traffic, IRC traffic, IMAP, SMTP, or OS update traffic you generate over this tunnel will be properly side by side. Worse, depending on how you managed to get this VPN-over-Tor setup to work, you may have even broken the local state separation of the Tor browser. If any of this traffic data identifies you, you may have corrupted all your traffic.

I should preface this: I’ve never tried this before, but I have a good enough understanding of how this stuff works that I’m confident I can make some claims.

As far as I know, the most common way to connect to a VPN is OpenVPN. OpenVPN works best when it uses UDP, but it technically supports using TCP. Tor cannot transport UDP, so when using OpenVPN, the user must use it in TCP mode.

What’s so bad about TCP mode? Unfortunately the details get rather technical, but I’ll try to summarize it.

TCP guarantees reliable in-order delivery of data. Among other things, it achieves this by retransmitting lost packets.

When Alice uses Tor, she has a TCP stream between her output and her destination. If your destination (from an output perspective) is an OpenVPN server running TCP, then there is a TCP stream within a TCP stream. If what Alice ends up doing is using TCP (like surfing the Internet), then the Tor TCP stream contains an OpenVPN TCP stream, which contains Alice’s actual TCP stream. If any of these streams detect packet loss, they will all notice it affecting their transmission rates and retransmit the packets they believe were lost. This is absolutely terrible for performance.

Tor isn’t all that slow these days…unless you do something crazy like that.

So if Alice decides she doesn’t care about the big drop in performance, what happens? Understood? She definitely gets the non-Tor IP address she wanted. Does she win? everything I discussed in the previous section about connecting to Tor via a VPN?

Alice’s ISP will see her talking to a gate guard. You could use a bridge (or even a bridge with pluggable transport) to prevent this. Check this out again for information about bridges.

Will she hide her true IP address from a global passive adversary? I’ve already explained why an attacker can’t get information from a VPN provider but conducting traffic analysis attacks on Tor users is silly. So no, if she’s trying to protect herself from a GPA, she shouldn’t consider using Tor to connect with a VPN, in my opinion, more securely than just using Tor.

Last but not least, there is the question of trust, which needs to be considered again. Alice must be She is sure that her VPN provider is worth the trust she has placed in them. She must have paid her VPN provider in a way that cannot be traced back to her. You must ensure that the VPN provider does not keep traffic or connection logs. She has to trust herself to never mess up and connect to her VPN without gate. And in order to be of any use at all, it must convince itself that its attacker cannot somehow work with the VPN provider, compromise the VPN provider, or work with ISPs and ASes close to the VPN provider/ compromise these.

Final Thoughts
I’m usually one of the first to remind people that everyone’s security needs are different. I generally hate it when people immediately assume that users asking for advice need protection from a super powerful opponent. Not everything I have said may apply to you, the reader. And perhaps in my limited experience I missed something that you have a question about. I’ve seen a lot of discussions about using a VPN with Tor and I hope that a very long-winded post will help you make an informed decision.

Update June 2019:

  • Remember that you must trust the VPN company to protect yourself. Why add more points of failure? This VPN company fooled some and tried to sue when it was responsibly disclosed to them (archive). I would consider VPN companies as much juicer targets for hackers who want to expose lots of people doing illegal/embarrassing things compared to a random private ISP.
  • Some wording

Update April 2019:

  • An post I like. She contends that the benefits of adding a VPN to Tor are “tenuous at best.”
  • Rephrase the sentence in the “Trust” section.

Update December 2018:
Added some better reasons not to use a VPN Tor that should have been added a long time ago.

Update April 2018: Here are some additional things I think everyone should read or consider.

  • VPNs lie about their geolocation, and it’s easy to do (archive). See also How to Catch When Proxies Lie, which appeared at IMC 2018.
  • Avoiding relays in certain countries is not effective (PDF) in preventing your traffic from flowing through those countries. If you think that some countries are truly part of your realistic adversary model, you should probably consider them as network-level adversaries that are not limited to running Tor relays in the first place.
  • Random Paste but I don’t Agree that you should set up your own VPN box. This is basically a perfect fingerprint that identifies you the way to your defense and network adversaries. (Archive)
  • VPN providers do bad lazy things to attract more customers, so they probably shouldn’t be trusted that any of the hard technical details are correct. (Archive)

I’ve added a section about hiding your IP address from browser malware. I’ve also added some more thoughts/information in the body of this post without mentioning what’s new. I have corrected some spelling errors.

1 Like

I hate to poo poo anybodies input, but I honestly and truly must point out that 99% of that github article is pure FUD.

Look at Mullvad, you have no account name, no email, paid in cash, audited multiple times, across a diverse network of no log servers as proven within audit.

Using JUST tor puts all your hope, trust and freedom in one network.

Having read through it 3 times over it actually feels like something designed to push people away from the cover VPN provides thereby encouraging people to take part in behaviour which might actually be harmful to their safety, what type of person would do that? Someone who glows in the dark.

I can see why they took it down (after remaining outdated for half a decade).


“Look at Mullvad, you have no account name, no email address, paid in cash, audited multiple times, on a diverse network with no log servers as the audit proved.”

Then why does Mullvad offer “split tunneling”?
Tor + VPN are just not healthy. If you use both, a leak is known. It’s not the only article about it. A search on the Internet will confirm many of the same statements.

Found the original article:

Although I also read this:

I’m confused.
Do you want to understand it and do it right?
I found out and received it through the Bitcoin Privacy Groups. Apparently my knowledge could also be wrong. At least that’s what Ronin Dojo’s Samurai users have said many times, that VPN and Tor are not healthy.

1 Like

Your knowledge of VPN + tor creating a leak is indeed wrong and just further FUD.

My group has been using cash paid VPN + tor since 2017, we’re all still here.

1 Like

So you can choose which apps will use VPN and which won’t? I know lots of people who use VPN for all apps but exclude their bank app and PayPal to avoid wrongly setting off any alerts with them.

Orbot allows split tunneling too, its not a VPN specific feature.

I can only assume you misunderstood what split tunneling means.

The privacy provided by a currency that depends upon public blockchain which anybody can map and has lead to countless arrests? Bitcoin and privacy don’t go together.

I’ve also no idea who “Ronin Dojo’s Samurai” is and DDG just brings up actual samurai swords when searched.

1 Like