-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi,
I have actually tried this in practice to see what happens.
If you replace the ed25519 medium term singing key and certificate in $datadirectory/keys, Tor will re-read keys from disk even if you don't send a SIGHUP when it outputs:
[notice] It looks like I should try to generate and sign a new medium-term signing key, because the one I have is going to expire soon. To do that, I'm going to have to try to load the permanent master identity key.
This message is repeated once every 30 seconds or so. When you send a SIGHUP, the reload happens instantly.
So, if an user correctly generates and provides the new medium term signing key and certificate and forgets to SIGHUP (reload), when the old key expires Tor won't exit. This is good.
On 11/19/2015 2:06 PM, nusenu wrote:
Does a tor operator has to SIGHUP a running tor instance after copying the new signing keys to the appropriate folder or will tor attempt to reload that file as soon as this signing key expires?
Yes.
Yes, HUP?
reference: https://gitweb.torproject.org/tor.git/tree/ReleaseNotes?h=release-0.2.7#n86