On Wednesday, June 1, 2022 7:25:44 PM CEST Keifer Bly wrote:
sources.list.debian.temp I would not change the template from the provider.
Dir '/etc/apt/sources.list.d/' is empty by default. I would delete all files there. $ sudo rm -i /etc/apt/sources.list.d/*
You have to configure it in either the Debian buster way or the new way since Debian bullseye.
Old buster way + (apt-key add) in file: /etc/apt/sources.list deb https://deb.torproject.org/torproject.org buster main
New bullseye way + (tor-archive-keyring) create a file in the directory: '/etc/apt/sources.list.d/' with the name 'tor.list' with just one line: deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https:// deb.torproject.org/torproject.org buster main
For Buster, you just have to delete the penultimate line: deb http://ftp.de.debian.org/debian stretch main and [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] in the last line in /etc/apt/sources.list.
Other consideration: (You must upgrade buster to bullseye, your certificates may still be out of date, your tor daemon is running as root!?, etc.) nusenu gave tips on relay migration a few days ago. - stop tor, save tor config and the entire datadir Reinstall bullseye from the provider customer menu - then copy over tor config and datadir, set the right permissions and let the relay run again.
Tomorrow is a workshop from Torproject
Well, after deleting those files, etc, here is the terminal output when running apt-get update.
root@vps-3e661acc:/home/debian# root@vps-3e661acc:/home/debian# apt-get update Hit:1 http://security.debian.org buster/updates InRelease Hit:2 http://deb.debian.org/debian buster InRelease Hit:3 http://deb.debian.org/debian buster-backports InRelease Ign:4 https://deb.torproject.org/torproject.org buster InRelease Ign:5 https://deb.torproject.org/torproject.org buster Release Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Ign:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Ign:6 https://deb.torproject.org/torproject.org buster/main all Packages Err:7 https://deb.torproject.org/torproject.org buster/main amd64 Packages Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 95.216.163.36 443] Ign:8 https://deb.torproject.org/torproject.org buster/main Translation-en Ign:9 https://deb.torproject.org/torproject.org buster/main Translation-en_US Reading package lists... Done E: Failed to fetch https://deb.torproject.org/torproject.org/dists/buster/main/binary-amd64/Pac... Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 95.216.163.36 443]
So, that appears to have fixed the updating from a respiratory issue. But I am wondering what is the terminal command to update the SSL certificate? Thanks. --Keifer
On Fri, Jun 3, 2022 at 9:48 AM lists@for-privacy.net wrote:
Nevermind, I got it.
Now there are two other things I wanted to ask about, is there a way I can set tor to automatically update over time? Also, my bridge at https://metrics.torproject.org/rs.html#details/4D6E3CA2110FC36D3106C86940A1D... says it's blocked in Russia. Is there a way to set a bridge to get a new IP address automatically every once in a while so it will have a new, unblocked IP address? I think this would be a good idea. --Keifer
On Wed, Jun 1, 2022 at 10:25 AM Keifer Bly keifer.bly@gmail.com wrote:
Hey,
yes: https://wiki.debian.org/UnattendedUpgrades
Greetings
On 03/06/2022 22:51, Keifer Bly wrote:
On Friday, June 3, 2022 10:51:07 PM CEST Keifer Bly wrote:
Yes, that's how it should be. ;-) Meskio did this especially so that your bridge would not be found by the Russian government.
New IP's are available from the provider or entire blocks from the RIR.
tor-relays@lists.torproject.org
-
Jonas Friedli -
Keifer Bly -
lists@for-privacy.net -
Sebastian Elisa Pfeifer