Am 22.03.2014 um 21:04 schrieb tor-relays-request@lists.torproject.org:
Send tor-relays mailing list submissions to tor-relays@lists.torproject.org
To subscribe or unsubscribe via the World Wide Web, visit https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays or, via email, send a message with subject or body 'help' to tor-relays-request@lists.torproject.org
You can reach the person managing the list at tor-relays-owner@lists.torproject.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of tor-relays digest..." Today's Topics:
- new fingerprint after update (Oliver Sch?nefeld)
- Re: new fingerprint after update (Alexander Dietrich)
- Re: new fingerprint after update (I)
- Re: Relay configuration for FreedomBox (James Valleroy)
- Re: new fingerprint after update (Roger Dingledine)
- Re: Relay configuration for FreedomBox (Lunar)
- Re: Relay configuration for FreedomBox (Lance Hathaway)
Von: Oliver Schönefeld oliver.schoenefeld@me.com Betreff: [tor-relays] new fingerprint after update Datum: 22 .März 2014 15:26:07 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
Hi guys,
i updated from Tor 0.2.3.25 (relay 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday and the relay fingerprint changed to 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD.
Is there any way to get the new version working with the old fingerprint? I looked in the manual and tried adding a DirAuthority line in the torrc file, which looks as the following: DirAuthority 123tor *:9030 FINGERPRINT
But then Tor doesn't start.
I also tried writing the old fingerprint in the fingerprint file, but it's changed to the new one everytime i start Tor.
So thanks for your help in advance and have a nice weekend everybody!
Oli
Von: Alexander Dietrich alexander@dietrich.cx Betreff: Aw: [tor-relays] new fingerprint after update Datum: 22 .März 2014 15:47:29 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
Is it possible that either the "DataDirectory" setting changed due to the update or the directory content?
yes, because vidalia isn't part of the game anymore - yes i'm a little late with the update :(
Best regards, Alexander
PGP Key: 0xC55A356B | https://dietrich.cx/pgp
On 2014-03-22 15:26, Oliver Schönefeld wrote:
Hi guys, i updated from Tor 0.2.3.25 (relay 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday and the relay fingerprint changed to 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD. Is there any way to get the new version working with the old fingerprint? I looked in the manual and tried adding a DirAuthority line in the torrc file, which looks as the following: DirAuthority 123tor *:9030 FINGERPRINT But then Tor doesn't start. I also tried writing the old fingerprint in the fingerprint file, but it's changed to the new one everytime i start Tor. So thanks for your help in advance and have a nice weekend everybody! Oli _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Von: I beatthebastards@inbox.com Betreff: Aw: [tor-relays] new fingerprint after update Datum: 22 .März 2014 17:58:58 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
...and the t-shirt counter at Atlas.torproject.org resets
there are worse things than that - but thanks for the reminder to claim it ;)
Von: James Valleroy james.valleroy@gmail.com Betreff: Aw: [tor-relays] Relay configuration for FreedomBox Datum: 22 .März 2014 19:56:12 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
On Wed, Mar 19, 2014 at 9:25 AM, Lance Hathaway qhltx@yahoo.com wrote:
If you're going to be running these as bridges, it seems to make sense to include obfsproxy support, probably with obfs3 and scramblesuit [0] enabled right off the bat.
Thanks for the information. Is it likely that obfs3 and scramblesuit will be usable in the long-term? Or will they need to be deprecated at some point like obfs2?
Also, if obfs3 or scramblesuit were deprecated, but some FreedomBoxes continued to run those transports, what would be the result? Would the worst case be that the bridge is no longer usable by some, as in [0]?
The reason that I'm asking is that FreedomBox is currently working within Debian "testing" but our target is Debian "stable". Once our packaged configuration is frozen for the next stable release, it will be more difficult for us to push changes other than security fixes.
[0] https://trac.torproject.org/projects/tor/ticket/10314
Von: Roger Dingledine arma@mit.edu Betreff: Aw: [tor-relays] new fingerprint after update Datum: 22 .März 2014 19:57:50 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
On Sat, Mar 22, 2014 at 03:26:07PM +0100, Oliver Schönefeld wrote:
i updated from Tor 0.2.3.25 (relay 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday and the relay fingerprint changed to 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD.
https://www.torproject.org/docs/faq#UpgradeOrMove
I looked in the manual and tried adding a DirAuthority line in the torrc file, which looks as the following: DirAuthority 123tor *:9030 FINGERPRINT
But then Tor doesn't start.
Yeah, that's not at all what DirAuthority is for. Can you help us understand what made you think this was a good idea to try, so we can fix it in the man page? :)
I also tried writing the old fingerprint in the fingerprint file, but it's changed to the new one everytime i start Tor.
Hopefully the above faq entry helps.
Thanks for running a relay! --Roger
thank you so much, roger! i copied the old /keys folder and it's working like a charm.
i basically ctrl+f'ed "fingerprint" in the stable manual and the DirAuthority property was the only one that made sense, since i don't run a bridge. but i have to admit that i didn't read the NOTE section... shame on my head.
thank y'all!
Von: Lunar lunar@torproject.org Betreff: Aw: [tor-relays] Relay configuration for FreedomBox Datum: 22 .März 2014 20:23:49 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
James Valleroy:
The reason that I'm asking is that FreedomBox is currently working within Debian "testing" but our target is Debian "stable". Once our packaged configuration is frozen for the next stable release, it will be more difficult for us to push changes other than security fixes.
(Debian hat on:) I try to keep Debian backports as up-to-date as possible. Are official backports out of your set of allowed packages as well?
-- Lunar lunar@torproject.org
Von: Lance Hathaway qhltx@yahoo.com Betreff: Aw: [tor-relays] Relay configuration for FreedomBox Datum: 22 .März 2014 21:03:43 MEZ An: tor-relays@lists.torproject.org Antwort an: tor-relays@lists.torproject.org
Signierter PGP Teil On 22/03/2014 11:56 AM, James Valleroy wrote:
Thanks for the information. Is it likely that obfs3 and scramblesuit will be usable in the long-term? Or will they need to be deprecated at some point like obfs2?
Also, if obfs3 or scramblesuit were deprecated, but some FreedomBoxes continued to run those transports, what would be the result? Would the worst case be that the bridge is no longer usable by some, as in [0]?
The reason that I'm asking is that FreedomBox is currently working within Debian "testing" but our target is Debian "stable". Once our packaged configuration is frozen for the next stable release, it will be more difficult for us to push changes other than security fixes.
I can't speak to whether more pluggable transports will be deprecated in future, but I'll go out on a limb here and say "probably." The nature of things ensures that the capabilities of censors continue to advance. And as they do, new approaches will be found and deployed to bypass those advancing attempts to block the network.
When bridges were first deployed, the fact that they weren't all openly listed in a public directory made them more difficult to block. Now, most plain bridges are very easy to block. When obfs2 was first deployed, it was a solid protocol (I have no doubt). These days, China is actively hunting down and blocking obfs2. There is very little point to deploying either a plain bridge or an obfs2 pluggable transport these days, especially on a mass scale.
On the plus side, obfs3 is still pretty strong, and it's one of the common pluggable transports right now. Scramblesuit is not live in the official bundles yet (AFAIK), but it just released and has some pretty robust-looking defenses against active probing and other attacks. If you're working on something new to deploy, these should be included, without a doubt. They may indeed be deprecated in future, and in the worst case may become unusable or make the bridge more susceptible to being blocked. But if you go with a plain bridge or obfs2, you're already in your worst-case scenario. You have nothing to lose and everything to gain by enabling the newest pluggable transports.
I would highly recommend adding the Tor package repository to the FreedomBoxes. As explained in [0], this won't always give you the latest version of tor, but it will provide security fixes. My hunch is that it will almost always also be a little fresher than Debian stable. And given that network censors and network developers are always going to be in an escalating arms race, enabling new releases of Tor (and obfsproxy) directly from the project is going to make the FreedomBox much more useful in the long term.
-Lance
[0] https://www.torproject.org/docs/debian
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays