Hi, I am running a couple of relay nodes and now I would like to set a bridge relay. The `torrc` file says the following: --- ## Uncomment this if you run more than one Tor relay, and add the identity ## key fingerprint of each Tor relay you control, even if they're on ## different networks. You declare it here so Tor clients can avoid ## using more than one of your relays in a single circuit. See ## https://www.torproject.org/docs/faq#MultipleRelays ## However, you should never include a bridge's fingerprint here, as it would ## break its concealability and potentially reveal its IP/TCP address. #MyFamily $keyid,$keyid,... --- I understand that I should not add the bridge fingerprint to the MyFamily setting of my other relays, but should I set MyFamily on my bridge (with the fingerprints of my other nodes)? I suppose that the logic of avoiding to have the same circuit through multiple relay controlled by the same operator is still valid, but I don't know if this could be a problem. C
what do you mean by "other nodes"? other bridges? generally speaking: - please don't run bridges and exits at the same time - don't add MyFamily lines to your bridge's torrc file - don't put bridge fingerprints or hashed fingerprints into your relays' torrc files -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
On 22/07/2018 18:57, nusenu wrote:
No, middle nodes. I am running two middle relays (i.e. not exits) and I would like to run another node as a bridge from home. I should also point out that the new node I want to run in principle has a dynamic IP. I understand I should not put the fingerprint of the bridge in the torrc of the two middle relays, but I was wondering about the vice-versa.
generally speaking: - please don't run bridges and exits at the same time
Ok, that's news (I have not read this advice anywhere else)
- don't add MyFamily lines to your bridge's torrc file
Ok, then the torrc file could be clearer about this.
- don't put bridge fingerprints or hashed fingerprints into your relays' torrc files
This is what is currently explained in the comment in the torrc template. Thanks for your help. C
it would allow end-to-end correlation and we had this before on this list, I'll ask Moritz about his bridges again
- don't add MyFamily lines to your bridge's torrc file
Ok, then the torrc file could be clearer about this.
https://trac.torproject.org/projects/tor/ticket/26908 -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
participants (2)
-
Cristian Consonni -
nusenu