Jump to: navigation, search



YaCy is a p2p, censorship resistant libre search engine. It can be configured to crawl the internet and private intranets.[1]



1. Before adding the repo[2][3], fetch the key and verify[4] fingerprints. Always check the fingerprint for yourself. The output at the moment is:

pub  2048R/0x1F968B3903D886E7 2012-01-07 Michael Peter Christen <mc@yacy.net>
      Key fingerprint = 8BD7 5250 1CB6 2448 A30E  A3EA 1F96 8B39 03D8 86E7

Download key with curl to home folder.

curl -o yacy-pubkey.asc http://debian.yacy.net/yacy_orbiter_key.asc

Check fingerprints/owners without importing anything.

gpg --with-fingerprint yacy-pubkey.asc

If it looks good import into trusted.gpg.d.

gpg --no-default-keyring --keyring ./yacy-pubkey.gpg --import yacy-pubkey.asc
sudo cp yacy-pubkey.gpg /etc/apt/trusted.gpg.d/yacy-pubkey.gpg
echo 'deb http://debian.yacy.net ./' > /etc/apt/sources.list.d/yacy.list 
sudo apt-get update -qq
sudo apt-get install openjdk-7-jre-headless 
sudo apt-get install yacy

To read more on managing YaCy, consult the official documentation.

2. A proxy exception in TBB must be configured to interact with YaCy. TBB blocks communication with localhost to mitigate some fingerprinting attacks[5]. Note that this exception has fingerprinting implications in event of a website actively abusing JavaScript, but its still much safer than using another browser [6]. To mitigate the risks completely, you are advised to disable scripts globally in NoScript and permit them only when really necessary - a good practice anyhow.

To reconfigure Tor Browser so you can access the local web interface, apply the following six steps.

Step one) Terminate Tor Browser if currently running.

Step two) Disable add-on signature check. [7] [8]

echo 'pref("xpinstall.signatures.required", false);' > /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/preferences/50_addons_unsigned_allow.js

Step three) Install FoxyProxy:

sudo apt-get install xul-ext-foxyproxy-standard

Step four) To access the proxy/local WebUI of the desired application, the FoxyProxy add-on and its configuration need to be made available to Tor Browser. Run:

ln -s /usr/share/xul-ext/foxyproxy-standard/ /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/extensions/foxyproxy@eric.h.jung

Step five) Make the tbb-foxyprox config file available to Tor Browser. [9] [10]

cp /usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/

Step six) Restart Tor Browser.

To find out how to reverse this Tor Browser configuration and to restore Tor Browser's default fingerprint, please press expand on the right side.

Step undo)

rm /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/extensions/foxyproxy@eric.h.jung

rm /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/preferences/50_addons_unsigned_allow.js

And restart Tor Browser.

Note: Tor Browser will soon ship with sandboxing as opt-in, unfortunately this feature's initial versions are incompatible with such configurations and must not be enabled.[11]

3. To access the WebUI open in Tor Browser.


To integrate YaCy with Tor Browser you can install the official YaCyBar add-on from Mozilla. N.B. This option is not possible right now because the add-on code needs a revamp.


Looks like socks proxy support is not coming anytime soon:

Random News:

Do you know our Documentation, Technical Design and Developer Portal already?

Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.
  1. https://www.digitalocean.com/community/tutorials/how-to-configure-yacy-as-an-alternative-search-engine-or-site-search-tool
  2. http://debian.yacy.net/
  3. http://www.yacy-websuche.de/wiki/index.php/En:DebianInstall
  4. http://debian.yacy.net/yacy_orbiter_key.asc
  5. https://phabricator.whonix.org/T291#5252
  6. https://trac.torproject.org/projects/tor/ticket/10419#comment:37
  7. This doesn't lower security too much - unless you install add-ons from unsafe sources. It is required because Tor Browser is based on a newer version of Firefox while the add-ons in Debian are "unsigned". They are signed and verified when apt-get downloads them, so this is safe, but they do not have the signature that Firefox's code is expecting. (It wouldn't make them safer anyhow.)
  8. https://support.mozilla.org/en-US/kb/add-on-signing-in-firefox?as=u&utm_source=inproduct
  9. https://github.com/Whonix/usability-misc
  10. https://github.com/Whonix/usability-misc/blob/master/usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml
  11. https://lists.torproject.org/pipermail/tor-dev/2016-December/011733.html