[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor-arm failure

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Tor-arm failure
From: Ralph Seichter <m16+tor@xxxxxxxxxxxxxxx>
Date: Sat, 2 Sep 2017 23:01:41 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 02 Sep 2017 17:02:17 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monksofcool.net; h=content-transfer-encoding:content-language:content-type :content-type:in-reply-to:mime-version:user-agent:date:date :message-id:from:from:references:subject:subject; s=alpha; t= 1504386103; x=1506978104; bh=hPlwl5Uw8SQ0kZYhOyMJntvEhN2JPqzaAUk g59AQSuY=; b=MOxKQsSDusD1U5MhQj5YeRGDnT5aBupYxrPpL4yA0i7MjXp2Hqv muw4i56n153l1LntFvrQGKS9V99wo8P4wHxG923nKhRVdTVs1lNMM3/Tp6K6rPfe YigczUfhcmK0HZIFMN+U5JmvpHi+cN5TDMhK5YqJoP4GebapoGfLJtem2XHl8x9X cD+AIADXRDudgrDQxIrsa1ReGGGpqY6XJ8jujESCgUOJMB8tWHjCv5LxC750hNC2 4fOk+soLrX8M6Kttu2cXR1+s/H9FUQpHqRoob9kVLzbXb+JnoK3xek3fU9UCMkiy prOOB0alvE5Soa4vwzBIsXV6/4HCykYIGFw==
In-reply-to: <CAJdkzEOiSCdd5fb6kCCL+Wfd2T5DEdDMpULvvZASQhgV73KuzQ@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <df28964d-4b89-c4dd-613e-b24cb7eabd64@cni.net> <CAJdkzEM9Hc2FL3ZABVGAyu3LKXeUSCELz=JmsH3=NQMNEGthyw@mail.gmail.com> <30bf8165-f1c1-a11a-b55b-c0ceeaa8167b@monksofcool.net> <CAJdkzEOiSCdd5fb6kCCL+Wfd2T5DEdDMpULvvZASQhgV73KuzQ@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

On 02.09.17 21:26, Damian Johnson wrote:

> I dropped that since it posed a security issue.

Sigh... That seems a bit overzealous to me.

> I'd suggest cookie authentication if you'd care to rely on file
> permissions rather than something you know. That'll work transparently.

I don't think I understand what exactly you are suggesting. Could you
provide an example? I can currently do the following with 'arm', and
want to it with 'nyx' as well:

  me@mynotebook $ ssh foo@tornode
  foo@tornode $ sudo -u tor /usr/bin/arm

I have to enter SSH keyfile password(*) and SUDO password already, and
don't want to enter yet another password for the Tor controller. Since
I am the only human who can SSH to my Tor nodes, having a password in
~/.nyx/config would be a "risk" (grin) I'm perfectly willing to take.

-Ralph

(*) I'm aware of ssh-agent.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Tor-arm failure
  - From: Damian Johnson
- Re: [tor-relays] ControlPort Authentication Options (was: Tor-arm failure)
  - From: nusenu

References:
- [tor-relays] Tor-arm failure
  - From: Arisbe
- Re: [tor-relays] Tor-arm failure
  - From: Damian Johnson
- Re: [tor-relays] Tor-arm failure
  - From: Ralph Seichter
- Re: [tor-relays] Tor-arm failure
  - From: Damian Johnson

Prev by Author: Re: [tor-relays] ControlPort Authentication Options
Next by Author: Re: [tor-relays] Fwd: Your TOR [sic] node
Previous by thread: Re: [tor-relays] Tor-arm failure
Next by thread: Re: [tor-relays] ControlPort Authentication Options (was: Tor-arm failure)
Index(es):
- Author
- Thread