On 21.08.2013 11:56, Tony Xue wrote:
Is that those key files are only loaded when the Tor start and reload? So could it be possible to decrypt the file before the start-up and encrypt them again after the Tor start-up process is complete?
The files are required only on startup of the relay, so you can keep them stored wherever (offsite, in an encrypted container, ...), and remove them from the live system after you start Tor.
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity