Hello everyone. I have to move somewhere else a a (middle) relay I have been running for a few years. It will be down for 2-4 weeks, then be back online in a different location, with different ISP, at better speed. But it will run on the same hardware and software. Should I keep the same keys, or start from scratch?
-- Eldalië My private key is attached. Please, use it and provide me yours!
Keep the same Tor identity keys.
Frank
Jun 4, 2024, 9:56 AM by tor-relays@lists.torproject.org:
Hello everyone. I have to move somewhere else a a (middle) relay I have been running for a few years. It will be down for 2-4 weeks, then be back online in a different location, with different ISP, at better speed. But it will run on the same hardware and software. Should I keep the same keys, or start from scratch?
-- Eldalië My private key is attached. Please, use it and provide me yours! _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Tue, Jun 04, 2024 at 04:42:50PM +0000, Eldalië via tor-relays wrote:
Hello everyone. I have to move somewhere else a a (middle) relay I have been running for a few years. It will be down for 2-4 weeks, then be back online in a different location, with different ISP, at better speed. But it will run on the same hardware and software. Should I keep the same keys, or start from scratch?
Thanks for running relays!
I would say that either choice is reasonable. So if there is one that makes you feel happier about your contribution, go with that one. :)
Having a relay downtime of 2-4 weeks though could really increase the time until you get flags like Guard back, due to some design flaws in how the directory authorities track stability. (The simple version of the issue is: we treat downtime as much more serious than not-existing-yet.)
So for that reason I would probably pick 'start from scratch' if I were doing it. Making a new set of keys is easy and simple and doesn't really hurt anything.
--Roger
On Dienstag, 4. Juni 2024 23:24:50 CEST Roger Dingledine wrote:
On Tue, Jun 04, 2024 at 04:42:50PM +0000, Eldalië via tor-relays wrote:
I have to move somewhere else a a (middle) relay I have been running for a few years. It will be down for 2-4 weeks, then be back online in a different location, with different ISP, at better speed. But it will run on the same hardware and software. Should I keep the same keys, or start from scratch?
Having a relay downtime of 2-4 weeks though could really increase the time until you get flags like Guard back, due to some design flaws in how the directory authorities track stability. (The simple version of the issue is: we treat downtime as much more serious than not-existing-yet.)
Thanks for the info, Roger.
@Eldalië If you want to keep your history on Tor metrics, go with the old keys. If you generate new keys and have a new IP, you can let your relay run as a bridge for a few weeks or months and then reconfigure it later. That would be very helpful, especially if the IP is accessible from Turkmenistan. It's been a year, but internet censorship is still there: https://forum.torproject.org/t/tor-relays-help-turkmens-to-bypass-internet-c...
On Tue, Jun 04, 2024 at 05:24:50PM GMT, Roger Dingledine wrote:
Having a relay downtime of 2-4 weeks though could really increase the time until you get flags like Guard back, due to some design flaws in how the directory authorities track stability.
I don't mind about the Guard flag, the relay seldom had it because the connection was not very stable (had the flag every now and then for maybe 2 month in total spanning >2 years). But does using the same keys after a long downtime cause significantly worse performance (meaning being underused) than going through all the lifecycle of a new relay [1] with new keys?
(The simple version of the issue is: we treat downtime as much more serious than not-existing-yet.)
Is there any resource with the difficult version? I don't really need it but it would be nice to know. :)
[1]: Just for reference in case someone else reads this thread: https://blog.torproject.org/lifecycle-of-a-new-relay/
-- Eldalië My public key is attached. Please, use it and provide me yours!
On Freitag, 14. Juni 2024 21:08:14 CEST Eldalië via tor-relays wrote:
But it will run on the same hardware and software.
Do you have your own server in colocation?
I don't mind about the Guard flag, the relay seldom had it because the connection was not very stable (had the flag every now and then for maybe 2 month in total spanning >2 years). But does using the same keys after a long downtime cause significantly worse performance (meaning being underused) than going through all the lifecycle of a new relay [1] with new keys?
Without guard or exit flags it doesn't matter at all. So I have repeatedly moved relays from data center A to B and then to C. The DirAuth or Bw Scanner notices that your IP and bandwidth have changed and re- measures your relay. If your relay has enough bandwidth at the new location and is running stable, you will usually get a guard flag on day 15.
With your keys you also keep the fingerprint, which saves you work if you have a relay family. With new keys all relays and possibly the config for OrNetStats must be adjusted.
tor-relays@lists.torproject.org
-
boldsuck -
Eldalië -
Frank Lý -
lists@for-privacy.net
-
Roger Dingledine