[tor-dev] Guardiness: Yet another external dirauth script

Tim t_ebay at icloud.com
Wed Sep 17 12:48:23 UTC 2014

On 17 Sep 2014, at 22:00 , George Kadianakis <desnacked at riseup.net> wrote:

> Sebastian Hahn <sebastian at torproject.org> writes:
>> On 16 Sep 2014, at 16:15, George Kadianakis <desnacked at riseup.net> wrote:
>>> ====How the guardiness script will be deployed====
>>> The idea is that dirauths will add another script to their crontab
>>> that is called every hour (before or after the bwauth scripts).
>> Only 4/9 have such scripts, if at all - it is possible to run a
>> bwauth on a different host, and scp the file over. I don't know
>> if any of the dirauth ops actually do this currently.
> This should also be possible with the guardiness stuff, as long as you
> can arrange fresh consensuses to arrive on the second host.

tor supports consensus downloads without being a router, but it's a bit of a hack:

A tor instance configured with a DirPort and no ORPort will act as a directory cache only.
Directory caches regularly download the latest consensuses.

It's worth binding the DirPort to localhost only, and marking it NoAdvertise.
This hides the cache from the consensus, and disables remote requests.

However, the cache will also download router descriptors unnecessarily.
(Microdescriptors and extra info can be turned off, but I'm not sure if router descriptors can.)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140917/faf5c12e/attachment.html>

More information about the tor-dev mailing list