[tor-dev] obfsproxy getting scramblesuit password from file in unmanaged mode

irregulator at riseup.net irregulator at riseup.net
Tue May 20 15:25:46 UTC 2014

Hey all,

when running obfsproxy with scramblesuit in unmanaged mode (e.g. to
obfuscate non-Tor traffic) the UniformDH password is passed in command
line like this:

obfsproxy scramblesuit --password=W3ECD5GOYU5AAW4G35GSH5QXIHSRBU2X

The problem with this is that the password is visible in the system's
process list.

Do you think it would make sense to add an argument like
"--password-file", so as scramblesuit can fetch the password from a
file? Any caveats?

Although this is not related to the Tor ecosystem, i think it would be


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140520/4b7bd8cd/attachment.sig>

More information about the tor-dev mailing list