-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
As a due note, anything above say 16 characters offers only theoretical protection really and making it too difficult to remember (ie making you write it down or store it elsewhere) can decrease the security.
Also, too much "hardening" can be a bad thing. Me and my partner in running our services (s7r) take care not to go overboard on security and matters. Get the ssh to disable root, allow for a specific non-generic user only, use pub-key authentication, non-standard ports and basic hardening on things like webservers and you're golden. We have never had real problems with this simple approach and if we have ever suspected a breach we would simply reinstall the whole system.
Regarding OVH: I have a very good relationship with OVH and have a partner agreement in place with them at the moment (my company launches in the coming weeks). Generally the agreement I have is that they will host whatever is legal - nothing more nothing less, so I am quite surprised at this hair trigger sensitivity. I'll bring the matter up with them if that's ok with you, and see if I can get the senior support people to look into it since they generally have much more power than retail support staff. Of course still proceed with the chargeback even if you are happy for me to do this, but for what it's worth extracting a definitive statement from them regarding Tor can't hurt.
T
On 26/02/2015 15:41, Speak Freely wrote:
justaguy,
Seriously, who cares?
The relays are gone. I just checked the passwords now. If you'd like, I will email you all the passwords - as it doesn't matter. They have no value as they are protecting nothing.
Oh no, I checked the password strength of a dead relay... the heavens will fall as the ether's protective shield collapses against the weight of my egregious stupidity...
Speak Freely _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- -- Activist, anarchist and a bit of a dreamer. Keybase: https://keybase.io/thomaswhite
PGP Keys: https://www.thecthulhu.com/pgp-keys/ Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983 Key-ID: 0CCA4983 Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0 Key-ID: EF1009F0
Twitter: @CthulhuSec XMPP: thecthulhu at jabber.ccc.de XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966