Hi nusenu,
thanks for your reply.
On 27/05/2017 00:08, nusenu wrote:
If I look inside the DataDir of one of my relays - a standard Debian install - see this:
ed25519_master_id_public_key ed25519_master_id_secret_key ed25519_signing_cert ed25519_signing_secret_key secret_id_key secret_onion_key secret_onion_key_ntor secret_onion_key_ntor.old secret_onion_key.old
- In the process of generating the master key (with the command `tor
--keygen`, all the files above will be generated.
--keygen will generate the following files in the "keys" subfolder of DataDir:
ed25519_master_id_public_key ed25519_master_id_secret_key ed25519_signing_cert ed25519_signing_secret_key
(RSA keys will be generated on a relay's first start if there are none) Due to its interactive requirement I do not use --keygen to generate keys. https://trac.torproject.org/projects/tor/ticket/17603
Which one are the RSA keys and which one the ED25519 ones? I'm assuming the RSA keys are the ones generated in the standard install (the one above without ED25519 in the name), instead the command tor --keygen generates only ED25519 keys?
- To run the node with `OfflineMasterKey 1` you need to copy all the
files generated in the previous step *with the exception of the master key*.
more precisely: a relay in "OfflineMasterKey 1" mode requires 3 files: (this is the absolute minimum):
ed25519_signing_cert ed25519_signing_secret_key
Here you list only 2 files, which one is the third?
Reminder: When you play around with this feature: always make sure to keep your Ed25519 + RSA keys. If your Ed25519 key changes while the RSA key remains, your relay will be rejected since these keys are pinned (for security).
I should keep the files: ``` secret_id_key secret_onion_key secret_onion_key_ntor secret_onion_key_ntor.old secret_onion_key.old ``` should be kept of the relay, do they matter?
Cristian