[tor-relays] Store key files in RAM

tor at t-3.net tor at t-3.net
Tue Aug 27 04:14:36 UTC 2013


IMO cut and paste in the situation you're describing is not the 
perfect way. Better way would be:

Have a secure linux machine running an sshd at your home (or another 
physically-controlled location?).
Close off iptables and ip6tables for inbound sshd except for your 
vserver's IP
(hint: "ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_4096_key -b 4096" 
(don't put a password when it asks))
and edit sshd_config to point it to the new key. Also in the config, 
force your local sshd
server to insist upon only using these 2 ciphers ("Ciphers 
aes256-ctr,aes256-cbc").
Restart the local sshd (maybe "service sshd restart") and verify that 
you can NOT connect
from the vserver to the home box using a different cipher (ssh -l 
someuser -c aes128-ctr your.home.ip.here).
A test ssh connection without the "-c aes128-ctr" should work, the one 
with it should fail.

You would do transfers of important files to and from the vserver via 
an 'sftp' session which you start
from your vserver, and you are connecting into your home machine (sftp 
someuser at your.home.ip.here).
Don't make the connection in the reverse direction, you can push and 
pull files with the one. And don't
let anyone steal your ssh_host_rsa_4096_key off the home box. (could 
even shred/delete/regenerate it
now and then). In general, turn off the home sshd when you aren't 
using it.

The above setup should be pretty good in terms of the network transfer 
if the data hasn't already been
compromised, of course. The certainty that it hasn't been is not 
necessarily guaranteed if it's already
been thrown through a network card in a less-solid way, such as the 
contents having been viewed
via 'cat', 'nano', etc. via a connection in the 'wrong' direction.

If you are deleting files from your vserver's hard drive after copying 
them out for backup, try doing
"shred" on the file first, and then "rm". It may help do the deletion 
better, depending upon how your vserver
hosting is set up.





On Monday 26/08/2013 at 10:53 pm, Tony Xue  wrote:
>
>
>
>
>
>
> Hi,
>
> I have been discovering simple and secure way of protecting the Tor 
> key files recently, in order to achieve the safety of the keys on VPS.
>
> So I created a folder on Linux called /tor and it is stored in the RAM 
> file system. I put my key file into that folder and link it back to 
> the data directory folder of Tor. I also backed up the key files in 
> case my server need to be restarted and the RAM would be cleaned up. I 
> left the key in RAM for some undesired failures, errors or 
> configuration which need to restart the Tor software.
>
> If the server gets down, I would probably do the simple cut and paste 
> in the SSH client to restore my key files. Or in a higher level way if 
> cut&paste is not safe enough.
>
> I am not sure whether this is a good way to  protect my key files on a 
> VPS. Does anyone have any comment on that or a better way?
>
>
> Tony
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20130827/092d3a42/attachment-0001.html>


More information about the tor-relays mailing list