Hi,
On 18/05/2017 10:45, nusenu wrote:>> Currently, my server hosting kitten1 and kitten2 (tor guard and fallback
directory) is under seizure since 14/05 11h.
butplease revoke
immediatly kitten1 & kitten2 tor node. Those nodes are also fallback directory.
I don't know any context or background but if you fear this could happen
end to use tor's OfflineMasterKey feature (without
copying the master key to the server) with a short keylifetime (i.e. 7 days), especially if it is a fallback dir (which requires a tor source code change to remove it).
This feature is interesting and I did not know about it. However, I have been reading the documentation page[1] and I have the impression that the more I read the less I understand how it works.
If I look inside the DataDir of one of my relays - a standard Debian install - see this: ``` ed25519_master_id_public_key ed25519_master_id_secret_key ed25519_signing_cert ed25519_signing_secret_key secret_id_key secret_onion_key secret_onion_key_ntor secret_onion_key_ntor.old secret_onion_key.old ```
So, here some of the things I think I have understood: * Tor uses a ed25519 key to generate the other keys need to decrypt incoming traffic and route it to its next destination on the network. I don't know how this works in practice, but probably it is too much detail at the moment. * In the standard install the master key is the `ed25519_master_id_secret_key` above, which has no passphrase. * If in `torrc` we declare `OfflineMasterKey 1` then the `ed25519_master_id_secret_key` will not reside anymore on the relay but on a separate machine. * In the process of generating the master key (with the command `tor --keygen`, all the files above will be generated. * To run the node with `OfflineMasterKey 1` you need to copy all the files generated in the previous step *with the exception of the master key*.
I had also a few questions: * is the above correct? * if I use the offline master key protected with a passphrase will I need to input the passphrase every time I restart Tor (I have in mind what Apache does when you restart it and have certificates protected with a passphrase)? * Assuming that I am going to use a separate machine to generate the master key I need to make sure that the version of Tor on the machine that I use to generate the key and the relay?
Thanks for your help.
Cristian
[1]: https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKe...