Obfs4proxy package on debian


I have seen multiple persons saying that the obfs4proxy package in the debian official repository isn’t the latest version available. Should I delete the package that I installed from the debian repository ? Do you have a step-by-step tutorial how to build it from source ?

Actual version of the package Im using :
obfs4proxy/stable,now 0.0.8-1+b6 amd64 [installed]
pluggable transport proxy for Tor, implementing obfs4

I don’t know what are the risks about using an old version of this package from the official repository of debian on my bridges. If I need to build it from source, I will do it. Like I did with the tor package.

You can also tell me if I need to build other packages from source instead of using apt to install them. It would be nice to improve the security of my bridges.

Thanks for your help !

Hi, I was about to point you to the Tor Debian repo, but noticed that there is no package named obfs4proxy in it.

apt list obfs4proxy -a
Listing... Done
obfs4proxy/stable 0.0.8-1+b6 amd64

And on my bridge:

apt list --installed obfs4proxy -a
Listing... Done
obfs4proxy/stable,now 0.0.8-1+b6 amd64 [installed]

Cross check at the tor repo itself: Index of /torproject.org/pool/main/o

So there is only the package from the Debian repos. I use Bullseye and have the same as you. So I assume that you also use Bullseye.

lsb_release -d
Description:	Debian GNU/Linux 11 (bullseye)

apt list --installed obfs4proxy -a
Listing... Done
obfs4proxy/stable,now 0.0.8-1+b6 amd64 [installed]
1 Like

Yes im using Debian Bullseye mainly and I have also one bridge on Debian Buster

Then you are up to date with the OS. Index of /debian/pool/main/o/obfs4proxy

Only in Bookworm you get the version 0.0.13 Debian -- Details of package obfs4proxy in bookworm

If you absolutely want to use the more current version, then do the following:

sudo cp /etc/apt/sources.list /etc/sources.list.d/testing.list
sudo sed -i 's/bullseye/bookworm/g' /etc/apt/sources.list.d/testing.list

Then as root:

cat << EOF > /etc/apt/preferences.d/stable.pref
Package: *
Pin: release a=stable
Pin priority: 900
cat << EOF > /etc/apt/preferences.d/testing.pref
Package: *
Pin: release a=testing
Pin priority: 400

And finally:

sudo apt update
sudo apt -t bookworm install obfs4proxy

Thanks for the details how to get the newest package :+1:

I am surprised that this package is still considered to be in the test phase after several months and several versions released. And more for knowledge, what is more secure and recommended between choosing the official OS package or the last package released by the developer directly ?

It could refer to the package of tor which must be built from source, but for other packages the best is those of the OS. Each one has a different situation and I never know which method to use that is best.

If the developer releases a package as stable, then one may trust him so far that it can be used also without large risk.

You can be divided on that.

I have been an enthusiast of the “debian way” for decades. But this package is different from the rest of the Tor project.

I install tor via the official debian repository from the tor project. This is also part of the “debian-way”. But I only do this because it is officially recommended. If this recommendation was not, I would use the packages from the debian repository that are packaged and provided by debian itself.

If I now have the choice to compile a current package myself or to use it from the debian repo of debian, then I choose the repo.

It saves a lot of work to keep it up to date and I get support from both torproject and debian project.

So concretely: obfs4proxy I will get from debian repository until torproject provides a package in their own repository.


Everything seems clear to me with your explanations. I just noticed that I bother too much to build from source the tor package when I can simply install it with apt from the beginning … well, a beginner’s mistake happens. :sweat_smile:

Is there an open way to propose to add the obfs4proxy package in the official tor repo? Do you think it would be useful to have them officially support the package ? so that we can benefit from a possible better compatibility and more frequent updates. Maybe I’m talking too fast, I’m new in the project

if they decide to leave it like that, I’ll just rely on what Debian offers for this package, that’s good enough.

Since the obfs4 upstream is independent of the torproject, I don’t think it is necessary or even wanted.

This is where the development takes place: Yawning Angel / obfs4 · GitLab Cooperation with the various distributions also seems to be excellent, so there will be no need to change the current state.

1 Like

Alright sounds good. Thanks for your time and your answers. :100:

I understand better how it works. If anyone wants to talk about this topic I can leave it open or I’ll put it in solved.

The new version of obfs4proxy is in its way to get into debian backports, so in few days we expect to be possible to install it from there without needing to use testing. Actually it includes some security fixes, so it will be great if people updates by then. The related issue: