On Fri, 21 Nov 2014 09:10:11 -0800, David Stainton <dstainton415@gmail.com> wrote:
I am also very interested in hearing from people who have built tor with LibreSSL...
If you want to try building a FreeBSD port using LibreSSL instead of OpenSSL add this to /etc/make.conf OPENSSL_PORT=security/libressl WITH_OPENSSL_PORT=yes
specifically I'd love it if someone worked out all the details to do this as a static build in OpenBSD.
Not sure about static builds, what's the benefit? I do know OpenBSD 5.6 has LibreSSL baked in and it works with Tor. Just install the tor package, edit /etc/tor/torrc and you're up and running. Next time I stand up another relay or exit node on OpenBSD I think I'll kick it up a notch with some chroot and/or systrace sauce. https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity#RunTor... Am also interested in hearing any tips for minimizing data retention. I thought about making a hardlink or symlink from /var/log to /dev/null, but I have a feeling there's more to it than that.