[tor-relays] Help with FreeBSD relays
Shawn Webb
shawn.webb at hardenedbsd.org
Wed Mar 31 23:55:35 UTC 2021
Sounds good. If you still can't get your relay to have an uptime
longer than eighteen hours, feel free to reach out directly to me and
I can help address that. The non-exit relay I'm running from home has
an uptime greater than eighteen, so we at least have a "reference
implementation" to work with.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
On Wed, Mar 31, 2021 at 08:49:38PM +0000, xplato wrote:
> Hi Shawn,
>
> I looked at HardenedBSD and have actually moved to a different VPS so that can I use HBSD. FreeBSD was the only option I had at the time but both instances crashed repeatedly and it got so frustrating that I gave up on FreeBSD. I will give HardenedBSD a go.
>
> Cheers,
> Dan
>
> Sent from ProtonMail for iOS
>
> On Wed, Mar 31, 2021 at 10:12 AM, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
>
> > On Wed, Mar 31, 2021 at 01:09:45PM +0200, René Ladan wrote:
> >> On 30-03-2021 15:47, Shawn Webb wrote:
> >> > On Tue, Mar 30, 2021 at 02:36:36AM +0000, xplato wrote:
> >> > > Greetings,
> >> > >
> >> > > I am a bit of a noob here so please bear with me. I ran a relay using Ubuntu with very few issues however I decide to add an additional relay and decided to use FreeBSD. They will only run for around 18 hours and then they shut down. I have adjust the torrc file every way I know how and increased the Max vnodes thinking this may have been my issue. I can post the sysrc and torrc if needed. Anyone that might help me figure this out I would be grateful otherwise I am going to reluctantly move them both back to Ubuntu.
> >> > Emerald Onion runs over twenty Tor exit nodes on HardenedBSD 12 and
> >> > 13. Given Tor's need for security, you might want to consider using
> >> > HardenedBSD, a derivative of FreeBSD that implements exploit
> >> > mitigations and security hardening technologies. FreeBSD's state of
> >> > security leaves much to be desired. Tor's relay operators and users
> >> > really should at least have exploit mitigations like ASLR and W^X
> >> > applied.
> >> But it won't fix the problem at hand, unless memory management in
> >> HardenedBSD is different than in FreeBSD.
> >
> > Memory management is indeed different in HardenedBSD than in FreeBSD.
> > HardenedBSD implemented a clean-room version of grsecurity's PaX ASLR.
> > FreeBSD's version of ASLR, more appropriately called ASR, has known
> > issues. HardenedBSD's does not.
> >
> > Thanks,
> >
> > --
> > Shawn Webb
> > Cofounder / Security Engineer
> > HardenedBSD
> >
> > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210331/5b17bcb7/attachment.sig>
More information about the tor-relays
mailing list