[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] OfflineMasterKey / ansible-relayor

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] OfflineMasterKey / ansible-relayor
From: nusenu <nusenu@xxxxxxxxxxxxxxx>
Date: Thu, 19 Nov 2015 19:44:30 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 19 Nov 2015 14:44:51 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1447962278; bh=WM6DNU8KxMiNW+XshTEKjvgGSJIOy5R+80YCkCJyoCw=; h=Subject:To:References:From:Date:In-Reply-To:From; b=bUd06tVdP7yDH8Qie3kkE9AOgK3DBbepTg2n8pVhiVEo4yQC5Ttate/wtvPgANs6R C8i3udje9+idPoiY9E7W0Ez/FbClCUZSFKc1z1xrIg/nrGG5/+hNTjQFnYfNawmqxc WIGR715woUkkHOlBoMmyD80+jZfJawCixTyE9PxM=
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1447962275; bh=WM6DNU8KxMiNW+XshTEKjvgGSJIOy5R+80YCkCJyoCw=; h=Subject:To:References:From:Date:In-Reply-To:From; b=aJRu2NWCrzDEu85SLyivM5THXHgL+hznGYpMU8iMt/F7ggE1aKtY0KtmL3r9UHJQu kiBbTjdWeM3BpQCkIR8QJ9kQ5iy0XKjZrx/POEmQasgvykYbaghq5Pb1Ja47Vs35LV 0T0QRTsckITbfuIoa/FMDxRwbCCU/dFT7iPmdFE8=
In-reply-to: <564E0632.2080806@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <5646EE54.7030206@xxxxxxxxxxxxxxx> <564CF960.10408@xxxxxxxxxxxxxxx> <564DEA60.3090806@xxxxxxxxxx> <564DF283.4080403@xxxxxxxxxxxxxxx> <564E0632.2080806@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

> Some suggestions:
> 
> - don't copy the ed25519_master_id_public_key file. If it is missing,
> Tor will just compute it from the certificate and save it to disk.
> But, if by accident an user copies the medium term signing keys
> related to another relay, Tor will detect they don't match the
> ed25519_master_id_public_key file and exit.

I'm copying ed25519_master_id_public_key to the relay to get rid of the
following [warn] level log entries:


[warn] No key found in .../keys/ed25519_master_id_secret_key or
.../keys/ed25519_master_id_public_key.
[warn] Master public key was absent; inferring from public key in
signing certificate and saving to disk.

The goal was to reduce the noise at the warn log level.

> - when you run tor --orport [...] just to generate the keys in a
> non-interactive way, include a PublishServerDescriptor 0 in the
> command as well

added

>, send the log to /dev/null 

done [1]

> and terminate the process
> immediately. 

I'm using
--list-fingerprint
for that.

The descriptor will have to be published by the Tor
> process actually running the relay. If the master id private key is
> not encrypted, --keygen should be able to renew the medium term
> signing key in a non-interactive way. But it's not a big deal if you
> decide to do it with tor --orport [...] if it's easier for you this way.

I can switch to --keygen
if it generates RSA keys (as long as they are a requirement for a relay)
as well and --no-pass is implemented,
but I'm also fine with the current way to generate keys.

> - make it as hard as you can for users to accidentally mix keys
> belonging to different relays. This will be a tough one.

I'm aiming to add a check that aborts if a key is found more than once
in ~/.tor/offlinemasterkeys.


thanks,
nusenu

[1]
https://github.com/nusenu/ansible-relayor/commit/43d52e995abf6b3a311984bd54a4e9c5e4a5410f

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] possible to run --keygen non-interactively?
  - From: nusenu
- Re: [tor-dev] OfflineMasterKey / ansible-relayor
  - From: nusenu
- Re: [tor-dev] OfflineMasterKey / ansible-relayor
  - From: s7r
- Re: [tor-dev] OfflineMasterKey / ansible-relayor
  - From: nusenu
- Re: [tor-dev] OfflineMasterKey / ansible-relayor
  - From: s7r

Prev by Author: Re: [tor-dev] OfflineMasterKey / ansible-relayor
Next by Author: [tor-dev] tor ignores --SigningKeyLifetime when keys exist
Previous by thread: Re: [tor-dev] OfflineMasterKey / ansible-relayor
Next by thread: [tor-dev] Starting on an Easy Bug #16846
Index(es):
- Author
- Thread