[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image




On 03/03/2018 04:27 AM, Moritz Bartl wrote:
> On 03.03.2018 07:11, Roger Dingledine wrote:
>> Apparently the link from my blog post, to
>> https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
>> no longer has any mention pro or con disk encryption. I wonder if that
>> was intentionally removed by the torservers.net folks (maybe they have
>> even changed their mind on the advice?), or if it just fell out because
>> it's a wiki.
> I added the recommendation for "no disk encryption" back then, and it
> wasn't me who removed it.
>
> My own opinion has changed slightly: My general advice would still be to
> not do disk encryption, to reduce the amount of hassle and allow easier
> 'audits'. For additional protection, you better move the relay keys to a
> RAM disk.
>
> However, in our case, we don't really care how long they keep the
> machines for analysis, and we do not reuse hardware that was seized (it
> goes back into the provider pool, so some other customer might be in for
> a surprise...). In that case, a relay operator may decide to use disk
> encryption for integrity reasons: They at least have to ask you for the
> decryption key and cannot silently copy content or easily manipulate the
> file system.
>
Personally, I think entire disk encryption just to protect the keys is
way too much of a hassle. I completely agree with your solution - place
the keys in a ramdisk, that's actually a great idea. I'll put that into
what I'm building up right now.

Regards,

Conrad Rockenhaus

Attachment: 0x424F4C61.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays