[tor-dev] OfflineMasterKey / ansible-relayor

s7r s7r at sky-ip.org
Thu Nov 19 17:26:10 UTC 2015

Hash: SHA256

On 11/19/2015 6:02 PM, nusenu wrote:
> thanks for the feedback!
> Are secret_onion_* files required at all when restoring a relay? 
> (it doesn't look like it)
> If you confirm that I would simply remove them from the list and
> never copy them over.
> remaining with these files:
> ed25519_master_id_public_key ed25519_signing_cert 
> ed25519_signing_secret_key secret_id_key
> (tor's manual page FILES section is not very verbose in that regard
> - unfortunately)

The secret_onion_* files are not required when restoring a relay, no.

Some suggestions:

- - don't copy the ed25519_master_id_public_key file. If it is missing,
Tor will just compute it from the certificate and save it to disk.
But, if by accident an user copies the medium term signing keys
related to another relay, Tor will detect they don't match the
ed25519_master_id_public_key file and exit.

- - when you run tor --orport [...] just to generate the keys in a
non-interactive way, include a PublishServerDescriptor 0 in the
command as well, send the log to /dev/null and terminate the process
immediately. The descriptor will have to be published by the Tor
process actually running the relay. If the master id private key is
not encrypted, --keygen should be able to renew the medium term
signing key in a non-interactive way. But it's not a big deal if you
decide to do it with tor --orport [...] if it's easier for you this way.

- - make it as hard as you can for users to accidentally mix keys
belonging to different relays. This will be a tough one.
Version: GnuPG v2.0.22 (MingW32)


More information about the tor-dev mailing list