On 08/13/2013 09:04 AM, Sindhudweep Sarkar wrote:
Hi,
Over the past month I've been running a tor exit relay in a spare VPS machine that I am not using.
It occurs to me know that this was probably a very poor idea, as I can't control the physical access to the machine or encrypt private key.
Running an exit node in a VM is better than not running an exit node at all.
That said, not all virtualization is created equally. An OpenVZ container (which is really not virtualization at all) leaves all your files being just files on the host disk.
Anyone on the host console can just do a "locate fingerprint" to see those files in all containers and can list the processes running to see your relay.
At least with Xen/KVM/VMware you're running on your own virtual disk, and are running all processes in a self-contained environment. The traffic can still be sniffed by the host, of course, but you get more privacy than you would in an OpenVZ container.