On Tue, Jun 20, 2017 at 11:04:31PM +0100, Alexander Nasonov wrote:
I tried moving a tor relay with offline master key to a new host but something went wrong and it printed several warnings:
http status 400 ("Looks like your keypair does not match its older value.") response from dirserver
This complaint happens when in the past you ran the relay with a given RSA identity key and ED identity key, and now one of them has changed.
What did I screw up and how to fix this problem if it happends again?
Either move back to both of the original identity keys, or discard both identity keys and start fresh.
I suspect it will happen again because I generate a new signing key more frequently than necessary. I create '15 days' key every week and upload it (over onion ssh connection). This scheme should be resistant to occasional upload failures but it's not clear which of the last three signing keys to use on restart. If passing the wrong key can bring down the relay I need to switch to a different scheme.
In theory (i.e. assuming no surprising bugs), updating your signing key should not be relevant here.
(Thanks for running a relay!)
--Roger