[or-cvs] r19304: {tor} put HashedControlPassword and CookieAuthentication explicitl (tor/trunk/src/config)

arma at seul.org arma at seul.org
Sun Apr 12 06:45:47 UTC 2009 

Author: arma
Date: 2009-04-12 02:45:46 -0400 (Sun, 12 Apr 2009)
New Revision: 19304

Modified:
   tor/trunk/src/config/torrc.sample.in
Log:
put HashedControlPassword and CookieAuthentication explicitly in the
torrc.sample.in, so unix people don't shoot themselves in the foot.


Modified: tor/trunk/src/config/torrc.sample.in
===================================================================
--- tor/trunk/src/config/torrc.sample.in	2009-04-12 05:24:01 UTC (rev 19303)
+++ tor/trunk/src/config/torrc.sample.in	2009-04-12 06:45:46 UTC (rev 19304)
@@ -1,5 +1,5 @@
 ## Configuration file for a typical Tor user
-## Last updated 30 January 2009 for Tor 0.2.1.12-alpha.
+## Last updated 12 April 2009 for Tor 0.2.1.14-rc.
 ## (May or may not work for much older or much newer versions of Tor.)
 ##
 ## Lines that begin with "## " try to explain what's going on. Lines
@@ -53,6 +53,10 @@
 ## The port on which Tor will listen for local connections from Tor
 ## controller applications, as documented in control-spec.txt.
 #ControlPort 9051
+## If you enable the controlport, be sure to enable one of these
+## authentication methods, to prevent attackers from accessing it.
+#HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
+#CookieAuthentication 1
 
 ############### This section is just for location-hidden services ###
 
@@ -76,7 +80,7 @@
 
 ## Required: what port to advertise for incoming Tor connections.
 #ORPort 9001
-## If you need to listen on a port other than the one advertised
+## If you want to listen on a port other than the one advertised
 ## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment the
 ## line below too. You'll need to do ipchains or other port forwarding
 ## yourself to make this work.
@@ -85,7 +89,8 @@
 ## A handle for your relay, so people don't have to refer to it by key.
 #Nickname ididnteditheconfig
 
-## The IP or FQDN for your relay. Leave commented out and Tor will guess.
+## The IP address or full DNS name for your relay. Leave commented out
+## and Tor will guess.
 #Address noname.example.com
 
 ## Define these to limit how much relayed traffic you will allow. Your
@@ -104,14 +109,14 @@
 ## Uncomment this to mirror directory information for others. Please do
 ## if you have enough bandwidth.
 #DirPort 9030 # what port to advertise for directory connections
-## If you need to listen on a port other than the one advertised
+## If you want to listen on a port other than the one advertised
 ## in DirPort (e.g. to advertise 80 but bind to 9091), uncomment the line
 ## below too. You'll need to do ipchains or other port forwarding yourself
 ## to make this work.
 #DirListenAddress 0.0.0.0:9091
 ## Uncomment to return an arbitrary blob of html on your DirPort. Now you
 ## can explain what Tor is if anybody wonders why your IP address is
-## contacting them.
+## contacting them. See contrib/tor-exit-notice.html for a sample.
 #DirPortFrontPage /etc/tor/exit-notice.html
 
 ## Uncomment this if you run more than one Tor relay, and add the identity

More information about the tor-commits mailing list