[tor-bugs] #22348 [Core Tor/Tor]: 16 relays have mismatched rsa/ed keys currently

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue May 23 21:55:07 UTC 2017 

#22348: 16 relays have mismatched rsa/ed keys currently
------------------------------+-----------------
     Reporter:  arma          |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+-----------------
 Looking at lines from moria1's log for mismatched ed/rsa keys like this:
 {{{
 May 19 18:00:10.942 [info] dirserv_router_get_status(): Descriptor from
 router $BB119A5A4D5DA2BBB7B796ECC50E3C0F1D4FD910~onslaught at
 163.172.228.191 has an Ed25519 key, but the <rsa,ed25519> keys don't match
 what they were before.
 }}}

 There are sixteen relays currently that I'm rejecting the descriptors of:

 {{{
 0F366C2AD5F099204E22090FECBFFA511860F196
 1200782F57E45EC068340E13FD2C1DFF491BDF27
 1C33915BDDE9F1FBF4B8CED25A4D861F2CB8460E
 2F7A826CC5B7E6D834ECA25E236A1351D389D195
 59F16177E3B3D1979DA56642E6044E266473EF2A
 766D10918D238BB96F7CD02C1E2E114110DC32CA
 878413A9DE5AC497A2A5F200DA163F12D503FD8D
 9B97CD09CA7CCD844ADCAF3241736B1823CE5047
 A032473D4A0EC3EE2BF321C31A97158582B4FC94
 B5C45F1FD0DFE044772ED1B34160F6CF49B267EC
 B62A3F23955AF323A03F4ADB355C7D00594CFBD1
 BB119A5A4D5DA2BBB7B796ECC50E3C0F1D4FD910
 D46175487C332CC602F7D1A44D7BA73348C6C49E
 E721D43AF859DC347710E16FC96E0EE68B722EA4
 F01D8D6448C8B883D8ACD08D3AA7789D5EE38B7B
 F94A792CE808F8FE39C80AD17CB2D0802F7B9D90
 }}}

 A) We need to put up some documentation for them so they can know what
 we're enforcing and how to fix it. Right now all they're getting, if they
 look at their logs, is
 {{{
 May 23 17:06:10.976 [warn] http status 400 ("Looks like your keypair does
 not match its older value.") response from dirserver '86.59.21.38:80'.
 Please correct.
 }}}
 which is not enough for them to guess what went wrong and what needs
 fixing.

 B) For anecdotes, we should contact the operators of these 16, to try to
 get them to help us guess what went wrong such that they're in this
 situation now.

 C) We should consider some plan for how to notice and contact future relay
 operators that fall into this trap. Otherwise we throw away relay
 volunteers, which is frustrating for them and bad for the network.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22348>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list