Moving multiple instances to another VPS
I have to move a multiple instances Exit from one VPS to another. Apart from creating the same instances on the new machine with **tor-instance-create** I would then just copy the whole directory /var/lib/tor/keys to the new VPS - or should I copy all /var/lib/tor/ to not miss anything from the original one? Am I miss anything else? Thanks Paul
Hello, Thanks for running exits! Pay attention that each instance has its own datadirectory, this means you need to have multiple 'keys' subdirectories depending on the number of your instances. Usually /var/lib/tor should contain some subfolders like 1, 2 or instance1, instance2, whatever and each containing another subfolder with the related keys for each instance. So you need to make sure you backup and move the keys for all instances. There's no problem if you copy the entire directory, as long as the keys are there, Tor will just overwrite the expired cached/consensus data. On 9/11/2016 4:08 PM, pa011 wrote:
I have to move a multiple instances Exit from one VPS to another.
Apart from creating the same instances on the new machine with **tor-instance-create** I would then just copy the whole directory /var/lib/tor/keys to the new VPS - or should I copy all /var/lib/tor/ to not miss anything from the original one?
Am I miss anything else?
Thanks
Paul
On 12 Sep 2016, at 06:06, s7r <s7r@sky-ip.org> wrote:
Hello,
Thanks for running exits!
Pay attention that each instance has its own datadirectory, this means you need to have multiple 'keys' subdirectories depending on the number of your instances. Usually /var/lib/tor should contain some subfolders like 1, 2 or instance1, instance2, whatever and each containing another subfolder with the related keys for each instance.
In Debian, using tor-instance-create and systemd, there is a separate directory, /var/lib/tor-instances You'll need to copy both /var/lib/tor and /var/lib/tor-instances to preserve the keys, and /etc/tor to preserve the configs. That said, please consider rotating keys when you move (that is, only copying /etc/tor). If your old relay or those keys were ever compromised, you'll have a fresh start. And even if it wasn't, some of your network reputation will be reset when you move IP addresses anyway. Tim
So you need to make sure you backup and move the keys for all instances. There's no problem if you copy the entire directory, as long as the keys are there, Tor will just overwrite the expired cached/consensus data.
On 9/11/2016 4:08 PM, pa011 wrote:
I have to move a multiple instances Exit from one VPS to another.
Apart from creating the same instances on the new machine with **tor-instance-create** I would then just copy the whole directory /var/lib/tor/keys to the new VPS - or should I copy all /var/lib/tor/ to not miss anything from the original one?
Am I miss anything else?
Thanks
Paul
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
Thank you both. @Tim: You would kind of argue, that the advantage of carrying the old keys to the new machine is not that important (to keep old level of traffic from start) and that it might be even better to start from scratch? Paul Am 12.09.2016 um 03:53 schrieb teor:
In Debian, using tor-instance-create and systemd, there is a separate directory, /var/lib/tor-instances You'll need to copy both /var/lib/tor and /var/lib/tor-instances to preserve the keys, and /etc/tor to preserve the configs.
That said, please consider rotating keys when you move (that is, only copying /etc/tor).
If your old relay or those keys were ever compromised, you'll have a fresh start. And even if it wasn't, some of your network reputation will be reset when you move IP addresses anyway.
Tim
On 12 Sep 2016, at 22:41, pa011 <pa011@web.de> wrote:
Thank you both.
@Tim: You would kind of argue, that the advantage of carrying the old keys to the new machine is not that important (to keep old level of traffic from start) and that it might be even better to start from scratch?
There is some value in maintaining the same level of traffic. But there will be an adjustment to your consensus weight anyway. In fact, if your new provider is too different (particularly less connected or slower), keeping your old weight would be a disadvantage for the network. There is also significant value to making a fresh start: new SSH keys and new relay keys mean that even if your old provider has a backup, or your old relay was compromised, or you have a backup of your keys, it's not much use to anyone. Particularly on an exit, your traffic will recover fairly quickly. It's completely up to you - I just wanted to describe the security advantages of a fresh start, versus the traffic advantages (or disadvantages) of keeping the same relay keys. Tim
Paul
Am 12.09.2016 um 03:53 schrieb teor:
In Debian, using tor-instance-create and systemd, there is a separate directory, /var/lib/tor-instances You'll need to copy both /var/lib/tor and /var/lib/tor-instances to preserve the keys, and /etc/tor to preserve the configs.
That said, please consider rotating keys when you move (that is, only copying /etc/tor).
If your old relay or those keys were ever compromised, you'll have a fresh start. And even if it wasn't, some of your network reputation will be reset when you move IP addresses anyway.
Tim
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
There is also significant value to making a fresh start: new SSH keys and new relay keys mean that even if your old provider has a backup, or your old relay was compromised, or you have a backup of your keys, it's not much use to anyone. Particularly on an exit, your traffic will recover fairly quickly.
It's completely up to you - I just wanted to describe the security advantages of a fresh start, versus the traffic advantages (or disadvantages) of keeping the same relay keys.
I just wanted to add that if you run in "OfflineMasterKey 1" mode (and your master key never touched your VPS) you can move to a new VPS (keeping your keys) without big second thoughts about the key secrecy, since the old ISP will loose key access as soon as they expire (30 by default). ansible-relayor sets your relays up in OfflineMasterKey mode. https://github.com/nusenu/ansible-relayor also: Moving (multiple) tor instances to a new server is a matter of four steps with ansible-relayor: 1) ansible-relayor your-playbook.yml -t createdir -l newserver 2) mv -T ~/.tor/offlinemasterkeys/old-instance-name ~/.tor/offlinemasterkeys/new-instance-name 3) -> destroy your old VPS 4) ansible-relayor your-playbook.yml -l newserver Since temporary keys will not be migrated, your relay will require a few hours to As long as tor requires (online) RSA keys (not protected by "OfflineMasterKey 1") - that will be a long time - you can at least protect the Ed25519 master key.
participants (4)
-
nusenu -
pa011 -
s7r -
teor