Re: [tor-dev] Experimenting with private tor setup

To: "tor-dev@xxxxxxxxxxxxxxxxxxxx" <tor-dev@xxxxxxxxxxxxxxxxxxxx>

Subject: Re: [tor-dev] Experimenting with private tor setup

Date: Thu, 23 Apr 2015 21:27:40 +1000

Delivery-date: Thu, 23 Apr 2015 07:27:58 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:from:content-type:in-reply-to:message-id:date:to :content-transfer-encoding:mime-version; bh=hn+4sJ13Z6Ts4AbmGURP9sFFegFIE4Z84JmqURb+hEc=; b=mKtJcDpqzTeKn5KOLHYFc0FdywQDO19Q8mgUxEwc7TcRSsk+W0hqRTVFl0SM6ZBQVz XoQ9K3NK6yQanE9UbW+dAXeDEdZ4ZVGELfeAgursmi+sZ8KyQXp+8KvFH10ciyv0M5G1 DqulDhCazngm+ebAmCiLbcxOwL+3o3pV+QiOXaAE7nQf1VtGPxTsfwBhGGt0ofSFfdCN gow+FOpkLouJXK1HgGsmVs/i5xGhDbHOCZ6pa01DFQ5b6kX2nRLtlQcOW0IdEMsKG01d vEpHGuFlNI3NHMgLvVDbSOTrhj4/ARSQGBqFr6wSlbtSBJl143QUhqSctXjnHPAJYMXl NQ8A==

In-reply-to: <mailman.1653.1429758851.6921.tor-dev@xxxxxxxxxxxxxxxxxxxx>

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

References: <mailman.1653.1429758851.6921.tor-dev@xxxxxxxxxxxxxxxxxxxx>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Date: Wed, 22 Apr 2015 23:14:07 -0400

From: CJ Ess <zxcvbn4038@xxxxxxxxx>

I think that just leaves a couple questions for now:

- I know the directory authority's certificate needs to be
renewed periodically (looks like 12 months default). Since it asked for a
password that is something I need to do manually then send a HUP, correct?
Later on I'll try to hack generating a cert with days or hours of time just
to see what happens, but would like to know what the correct way to handle
it is.

Yes, you will need to generate new authority certificates when they expire.

Look at "man tor-gencert" for more details - you may be able to enter a blank password, or generate a new certificate and send a HUP on a cron job. Alternately, look at the chutney source code for how it's done there. (This isn't my area of expertise.)

- All of my routers have done the bandwidth tests, but I see this warning
on the DAs with each vote:

Apr 22 22:39:41.000 [warn] Consensus with empty bandwidth: G=0 M=5 E=0
D=243 T=248

Is this something that will fill out as the uptime of the instances
increase? Or is this something I should look into?

I think you need to run a separate bandwidth authority to get bandwidths in your consensus. This probably isn't necessary for your purposes, as your instances are all on the same host.

It's also not something that chutney does, and chutney networks function fine.

teor

teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5

teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev