13 Aug
2013
13 Aug
'13
6:20 p.m.
On 13.08.2013 18:52, Tom Ritter wrote:
In my case, I keep all the keys and [other sensitive data] on a partition that's created with a random key at boot time. If the machine dies, the keys and messages are lost but, such is the reliability of Debian, this hasn't happened yet. I probably reboot about once a year on average and have to remember to take copies of these files prior to doing it.
For Tor specifically, you can shred/delete the keys from disk completely, and only retain the copy in memory.
For further hardening and details on this, see https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity
--
Moritz Bartl
https://www.torservers.net/