[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Relays vulnerable to OpenSSL bug: Please upgrade



On Debian or Ubuntu:

service tor stop && rm /var/lib/tor/keys/* && apt-get update && apt-get -y upgrade

Cheers
Luke


On 04/08/2014 05:55 PM, Dennis Crawford wrote:
> Where is the instructions for this?
>
> Thanks!
> Dennis
>
> -----Original Message-----
> From: tor-relays [mailto:tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf
> Of mick
> Sent: Tuesday, April 8, 2014 11:36 AM
> To: tor-relays@xxxxxxxxxxxxxxxxxxxx
> Subject: Re: [tor-relays] Relays vulnerable to OpenSSL bug: Please upgrade
>
> On Tue, 08 Apr 2014 17:01:18 +0200
> Moritz Bartl <moritz@xxxxxxxxxxxxxx> allegedly wrote:
>
>> On 04/08/2014 04:58 PM, ecarter9@xxxxxxxxxx wrote:
>>> Greetings all.  I follwed the above instructions on my relay.  Upon 
>>> restarting Tor I have lost all of my flags and I have a new 
>>> fingerprint. Previously I had the Fast, Guard, Named, Running, 
>>> Stable, and Valid flags. Is this expected?  Did I miss a step 
>>> somewhere?  Thanks for any help.
>> Yes. You made it generate new keys, so it is a "new relay" as far as 
>> Tor is concerned. This is why not everybody should generate new keys 
>> immediately, especially larger relays. But don't worry too much, 
>> you'll get your flags back eventually. :)
>>
> But Roger's blog post makes no mention of the advisability (or
> otherwise) of a mass re-generation of keys. All it says is that best
> practice states this would be a good idea.
>
> (I have regenerated mine and restarted so I too now have a shiny a new
> relay).
>
> Mick 
>
> ---------------------------------------------------------------------
>
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
> http://baldric.net
>
> ---------------------------------------------------------------------
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays