'''Written:''' 2018-05-23 (Jaruga)

= Torifying DNF =
Dandified YUM (or 'DNF') is a package manager for rpm-based distributions that is utilises core libraries (or 'repositories') to facilitate the installation and removal of software. DNF is a modernised version of YUM that was introduced in Fedora 18, and has been the default package manager since Fedora 22.  While it already includes mechanisms for guaranteeing the authenticity of the packages you download, an adversary sniffing your network traffic can still see what software you are installing. This is where Tor comes in. 

== Torifying all repositories ==

Like lots of open-source software, DNF is controlled by a configuration file. Adding Tor as a Socks5 proxy will allow the system to safely fetch packages over the network.

1. First and foremost, make sure you have Tor installed and currently running.
2. Open up {{{/etc/dnf/dnf.conf}}} in your favourite text editor. (must be root or have sudo privileges)
3. Add the following line {{{proxy=socks5://127.0.0.1:9050}}} to the bottom. Save and exit.
4. Run the command {{{sudo dnf update}}} to ensure DNF is able to connect.

You should now be successfully fetching packages and updates from your distributions repositories via the Tor network.

== Torifying individual repositories ==

You can also add individual connection profiles for each repository in your source file. To perform this, simply add the following lines to {{{/etc/dnf/dnf.conf}}}:
{{{
name=my-repository
baseurl=https://github.com/myrepository
enabled=1
gpgcheck=1
gpgkey=https://mysite.com/public_signing_key.pub
proxy=socks5://127.0.0.1:9050
}}}

Please note it is '''very important''' to ensure {{{gpgcheck}}} is always present and set to '1'. Failing to do this will permit your system to download packages from unauthenticated sources, and be left wide open to [https://en.wikipedia.org/wiki/Man-in-the-middle_attack MitM] attacks!