Re-installed Tor relay node as exit node with same name, different OS.
I recently re-installed the operating system for a VPS that was running Parabola GNU/Linux and acting as a Tor relay. The new OS is OpenBSD 5.6 running tor-0.2.5.10. Instead of running as a relay I modified torrc so it runs a ReducedExitPolicy policy. Initially there were several problems with Tor exit node traffic being blocked by the firewall which has since been resolved. The Tor status page however still does not list this router as an exit node. http://jlve2y45zacpbz6s.onion/router_detail.php?FP=e1e1059d8c41fc48b823c6f09... Any ideas why? -- Seth I <3 nicely trimmed email replies
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Did you restore the relay's secret identity key when reinstalling? The secret identity key, stored in DATA_DIR/keys/secret_id_key,* and its corresponding fingerprint is what identifies your relay, not the nickname. So, if you make a new relay without migrating this key, it will be recognized by the network as a new relay. If you backed up your Linux system, you can restore the key from there. If not, that's fine, you'll just have to wait a little while for your new relay to build up consensus weight. This might even be a good thing, as you have forward secrecy (in terms of identity) if your Linux install was compromised. * More specifically, this is /var/lib/tor in Linux and /usr/local/lib/tor in OpenBSD by default, IIRC. On 11/19/2014 02:59 PM, Seth wrote:
I recently re-installed the operating system for a VPS that was running Parabola GNU/Linux and acting as a Tor relay.
The new OS is OpenBSD 5.6 running tor-0.2.5.10. Instead of running as a relay I modified torrc so it runs a ReducedExitPolicy policy.
Initially there were several problems with Tor exit node traffic being blocked by the firewall which has since been resolved.
The Tor status page however still does not list this router as an exit node.
http://jlve2y45zacpbz6s.onion/router_detail.php?FP=e1e1059d8c41fc48b823c6f09...
Any ideas why?
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUbQKIAAoJELxHvGCsI27NGawP/icnlpPnuclsJ572p932o6nx q4kQuIeFA0TkiS138EMafhnRGaoNhl32u2wJgs4V0KkItYyAhI5yV1knlsoTn5uv 9+eSWVENLQdt21v5W6r1PfANuc7mHPNnLQRvldpM8o5hgluUKUcvgwZ8DBnhPH/X fb0BfouHpQ08CYkYI0XLagAlCDDLOldPJDSamNl9TxBZQlIIGdm97+tj96960YiU u0YgTKjfuqyVMqF1AgY192+oDMo04gT4h9rygfMj+6V2+kepxHuO+hWAqhYKcv26 VSg2r36DxiqRxvIxpXvmf4NUPxeb+jarXdtSJq27+xLZAfC6k7dm/8YOfE84z/lF n/oozAh7enDcW3j/fYN1/d+e1lxOfeh2BR8A2bPBQ72DF2ZeEuqS7QhfUhMzHJ21 j820i18HXevJ01tfy79Sa6cdCtKxakKfR3SffnlA1pdGg3EaUtk5mM35jB9hOmaq BfCFzf5vET4oJvDjtYi0ZHKhU6M4PctFdpmvWqctXIxCl4KVJXIFzenYEYx547Od 6HFxm0AIgLgd2r7DVRwcTzCQA66WpAwyobdvR7TMRodqChAx7YOSOhkrPaQYsuzg AycZRsAWDhfMV9EeV9NdhxMvXGeTvSTQqUmiEl9m2JOHS93zt9iTTlXZnYBUavCv 1CFvkL+wsaKzVlU2u9sL =a+Fx -----END PGP SIGNATURE-----
On Wed, 19 Nov 2014 12:50:16 -0800, Libertas <libertas@mykolab.com> wrote:
Did you restore the relay's secret identity key when reinstalling?
No, that's the part I flubbed.
If you backed up your Linux system, you can restore the key from there.
Linux system was buried somewhere in the cloud
If not, that's fine, you'll just have to wait a little while for your new relay to build up consensus weight. This might even be a good thing, as you have forward secrecy (in terms of identity) if your Linux install was compromised.
Interesting bit about consensus weight. I like the 'forward secrecy' aspect of just waiting it out.
* More specifically, this is /var/lib/tor in Linux and /usr/local/lib/tor in OpenBSD by default, IIRC.
Thanks, I'll take note of that for any future migrations.
participants (2)
-
Libertas -
Seth