Hi,

Over the past month I've been running a tor exit relay in a spare VPS machine that I am not using.

It occurs to me know that this was probably a very poor idea, as I can't control the physical access to the machine or encrypt private key.

In the good bad ISPs page, I see that some cloud providers are listed (aws, etc). This implies that such a practice is okay, but If linode or a malicious party wanted to read the contents of /var/lib/tor/keys I don't think they'd have any difficulty whatsoever. How do folks secure their relay's keys on a vps environment? Or should I shutdown this relay and run a relay only when I am sure the keys are secured?


-JB