(FWD) Re: Tor 0.0.9 is out

[Roger Dingledine]

Good catch. We'll have a patch into cvs for that in a bit.

But in the meantime, since the control port stuff is still
preliminary, you can use it even without authenticating. Just leave
CookieAuthentication off, and leave HashedControlPassword undefined;
the controller's first auth message can be empty, and it will work.

This is why the Control Port only binds to localhost, and is off by
default.

Once we have an actual controller program written, we'll have a better
sense of how we want to do authentication, and we'll enable everything
and make sure it works. :)

Want to write one?

--Roger

----- Forwarded message from owner-or-dev at freehaven.net -----

Date: Mon, 13 Dec 2004 11:25:18 +0100
From: Kai Raven <kairaven at arcor.de>
To: or-dev at freehaven.net
Subject: Re: Tor 0.0.9 is out

Hi Roger,

On Sun, 12 Dec 2004 20:51:51 -0500 you wrote:

>   o Features (ui controller):
>     - "tor --hash-password zzyxz" will output a salted password for
>       use in authenticating to the control interface.

$ tor --hash-password anonymity
$ UMArp1oVk35gLpSMYUrMsS702aWGUL20cEmdXSE=

HashedControlPassword UMArp1oVk35gLpSMYUrMsS702aWGUL20cEmdXSE=

service tor start
Dec 13 11:24:15.382 [warn] options_validate(): Bad HashedControlPassword: wrong
length or bad base64

-- 
Ciao
Kai

WWW: http://kai.iks-jena.de/
Blog: http://rabenhorst.blogg.de/
GnuPG-Key: 0xD6E995A0
Jabber: kraven at jabber.ccc.de

----- End forwarded message -----