>> I copy/expose the following files to the relay: >> > >> > [ 'ed25519_master_id_public_key', 'ed25519_signing_cert', >> > 'ed25519_signing_secret_key', 'secret_id_key', 'secret_onion_key', >> > 'secret_onion_key_ntor'] >> > >> > > When first setting up (new relay) or restoring the relay, yes. But > when only renewing the ed25519 medium term signing key (if > ansible-relayor will support this) you only need to copy/expose the > following files to the relay: > > ed25519_signing_cert, ed25519_signing_secret_key > > If you also move secret_onion_key and secret_onion_key_ntor, it could > mess Tor's internal automated key rotation, and the descriptors > available to clients might become invalid, making it impossible for > clients to extend circuits through this relay. That's why Tor keeps a > .old version of these keys when rotating, so clients with older > descriptors won't experience circuit failures when using this relay. > > To detect this, either the user will let ansible-relayor know if he is > setting up a new relay / restoring a relay or just renewing the > ed25519 keys for a running relay, either read Tor's > $datadirectory/keys folder and if secret_id_key exists, assume the latter. thanks for the feedback! Are secret_onion_* files required at all when restoring a relay? (it doesn't look like it) If you confirm that I would simply remove them from the list and never copy them over. remaining with these files: ed25519_master_id_public_key ed25519_signing_cert ed25519_signing_secret_key secret_id_key (tor's manual page FILES section is not very verbose in that regard - unfortunately)
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev