Hi Pierre. Nope, no need to change your torrc - the control port is only available on localhost by default (not sure why Josef said that).
I'd suggest using just password auth *or* an cookie auth. Using both doesn't make you more secure, it simply allows controllers to authenticate with either. Cookie auth is the easiest to work with. For a little more information on this see...
https://stem.torproject.org/tutorials/the_little_relay_that_could.html
Using a ControlSocket rather than a ControlPort wouldn't hurt, but I'd say the config you have is just fine.
On Wed, Jan 27, 2016 at 1:45 AM, Pierre L. petrus@miosweb.mooo.com wrote:
Thx Josef for your answer. ( IPv4 only here...) So if I've understood, to limit online attacks, the torrc config will be changed from
ControlPort 9051 HashedControlPassword xxxxxxxxxxx CookieAuthentication 0
to:
ControlPort 127.0.0.1:9051 HashedControlPassword xxxxxxxxxxx CookieAuthentication 0
Thx.
Le 27/01/2016 10:14, Josef 'veloc1ty' Stautner a écrit :
Hi,
the control port should bind to 127.0.0.1 or ::1. If so it's ok.
~Josef
Am 27.01.2016 um 10:05 schrieb Pierre L.:
Hi all,
Some noob questions about controlling/monitoring my Tor relay on a Linux box... hosted in an ISP datacenter, so WAN IP and ports are showed to the www. I got SSH access. I've found tor-arm console UI, useful to show real-time bandwidth used, and other stuff.
- If possible, I need to know if my current config is secure and
useful, torrc contains ControlPort 9051 HashedControlPassword xxxxxxxxxxx CookieAuthentication 0
- On some websites, I see screenshots with something like this on
control config : /var/run/tor/control May be it's more secure on an online server ? No need to have another listening port like 9051 Sry I haven't found any information about this config... and how to make it possible...
Thx for your help !
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays