[tor-dev] OfflineMasterKey / ansible-relayor
nusenu at openmailbox.org
Wed Nov 18 22:19:12 UTC 2015
> I might want to integrate offline master key functionality into
> ansible-relayor .
I added (preliminary) OfflineMasterKey support to ansible-relayor  -
in fact it will become the only option eventually as it make many things
actually simpler, would be great if someone could take a look and let me
know whether it looks reasonable.
The security critical parts are probably
- key generation 
- copying of key material to the relay 
I copy/expose the following files to the relay:
[ 'ed25519_master_id_public_key', 'ed25519_signing_cert',
'ed25519_signing_secret_key', 'secret_id_key', 'secret_onion_key',
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the tor-dev