-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On 08/17/2014 01:08 AM, Nusenu wrote:
since you haven't updated most of your relays to address [1] released on 2014-07-28 yet, I was wondering if everything is ok? collective vacation?
Indeed. This is terrible and we will add some more trusted people's ssh keys to the relays, but then again we really want to limit the number of keys that can access our relays for security reasons...
Please consider unattended automated updates. Maybe start with a few relays first. Even in your environment (I guess you do custom builds) I consider this to be the option that results in the fasted response times and safest network. Worst case would be that the upgrade fails and all your relays go down. Depending on the actual vulnerability that is being fixed, an offline relay can be preferred over a vulnerable relay. Most of the time it will probably work just fine and safe you some time doing boring updates.
I am returning from vacation tomorrow and will update all relays. Sorry for the delay.
Thanks. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJT8Ko6AAoJEDcK3SCCSvoeEscP/02nN0YwyX4cJzXnDuLMzYaC MxMwmp2boVVlslv/CQUcH/IOD9S2aK1xLgR89YG9vvnaiiC5Fcbf7z0LqZwu6rGz Jzxr/D5SV+6sF3tnB1oomgASfET1BibrpetGBiY8j747QxEwQ2/yhuxfQUBUv8Pc CGYOpu1kcKGB3fV/wk2k8sSLlXuNjOtoHoPa/Ud1YVQAGj6730I7VWt7L+pXwZSk INWTfbe4bn8jvqHUxE/YvGAGMKmiE6OHjcTDOQ57B0jatiXPsj02p8vVHJA4EZ0F 5tzyD739JK5B9uIPHWOydwbIwg0SGjjO0xONawmkTKlF6xekVplDa1C/8GMUtanj YKzXnYNirKZalWM3c2+5rgX1lwtvzgizadjnQ2xYNNrnpEunOcEml4FuwWOokPbN a8pKwBNxJeV8tklIsN4TEsJIXbDLGdDqc67NXnkXsYGNaCTGYuXzszRQ3l5qPI8f PUTx7zG/ZU0CF8bE3AZ0fLgHtp0QxW1dfpaagLE1orikecCY0F6tzFWyY1SJ4Qmr XPmadyIGcxJ9QH0oasZOoaSBMaimF4zR+z/L3vVVHD15XbDj27/lDDCTfyi3bguZ 2qiSgbqcyuwyIl6eiSbOgSoLqgRaARXxwzsxmxPNSkNFcBPhuDx++dTCfkotJ93D yDa2YsWTer18rb1Cv9Yf =tViE -----END PGP SIGNATURE-----