-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As a due note, anything above say 16 characters offers only theoretical protection really and making it too difficult to remember (ie making you write it down or store it elsewhere) can decrease the security. Also, too much "hardening" can be a bad thing. Me and my partner in running our services (s7r) take care not to go overboard on security and matters. Get the ssh to disable root, allow for a specific non-generic user only, use pub-key authentication, non-standard ports and basic hardening on things like webservers and you're golden. We have never had real problems with this simple approach and if we have ever suspected a breach we would simply reinstall the whole system. Regarding OVH: I have a very good relationship with OVH and have a partner agreement in place with them at the moment (my company launches in the coming weeks). Generally the agreement I have is that they will host whatever is legal - nothing more nothing less, so I am quite surprised at this hair trigger sensitivity. I'll bring the matter up with them if that's ok with you, and see if I can get the senior support people to look into it since they generally have much more power than retail support staff. Of course still proceed with the chargeback even if you are happy for me to do this, but for what it's worth extracting a definitive statement from them regarding Tor can't hurt. T On 26/02/2015 15:41, Speak Freely wrote:
justaguy,
Seriously, who cares?
The relays are gone. I just checked the passwords now. If you'd like, I will email you all the passwords - as it doesn't matter. They have no value as they are protecting nothing.
Oh no, I checked the password strength of a dead relay... the heavens will fall as the ether's protective shield collapses against the weight of my egregious stupidity...
Speak Freely _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- -- Activist, anarchist and a bit of a dreamer. Keybase: https://keybase.io/thomaswhite PGP Keys: https://www.thecthulhu.com/pgp-keys/ Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983 Key-ID: 0CCA4983 Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0 Key-ID: EF1009F0 Twitter: @CthulhuSec XMPP: thecthulhu at jabber.ccc.de XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJU70NYAAoJEFwqjFoMykmDqDcP/2C81QXHukdAt1qFnC/QFvlP hMaCS2I+T5WVBGEIEkAyY6U0e4pOmAa97OGW5U5VrysojLPKlZR4HL3vcxI2Gl9e RvKbzo/PtYww4k1U4fkhD3rLmpoiDYRO68y3nAwib/ZmPEyDZlppzt7134GKQ2Xz d3o9alV+JuCLE8p22V4g4Y7uR9+aTs4YqWk17uCmx7L/IIqWi2hp/EeGxwyi1G8m 53cMKfU0OwXim+HtcDDVu1CUv/NPRK3rmf+VouzgcXaRdu3iDbeHjeLddbJRtmek ncylP3o44MnPODuqLdmXZnC6h5KZN4ww5qJ7AHULITFQvXyBfxy3cigMU9Ytiz1i tPP2VlAj7r1YvuUgighj4s6mNWGhRI1VltBqFrmlJX/r+XBmjrDRpr0hY3WI4/h/ HKZsZdHsoyP//632kcoXJKLAu4EHD9850N6qKCCv18mL9frzgjt+bZfTVHsgZCK0 lo8oG3NyglgKBXRYw3bqC4Bd9OpONLAMKkA1N3zpUwQIUTvlLioic6nq4KZ5u9+I 1ghPpchIpboPTl4mcshWXkHDrowxrHRJP6KP5RVWD1y2WyV5TuQgOj4dp/AeU+H6 Ng3Cd9JBV4uw0qf9Cx/6i+EZOQoj3CqhyhmdsR19TXJaQogXMtB3PyQGIDBCaJGE umqkwU9EzMxDndV6QLSX =J2fe -----END PGP SIGNATURE-----