[tor-relays] Recommended reject lines for relays affected by Heartbleed
Roger Dingledine
arma at mit.edu
Fri Apr 18 05:02:49 UTC 2014
On Fri, Apr 18, 2014 at 01:40:17AM +0200, Tobias Markus wrote:
> Tor circuits (a "way" through the Tor network) and thus nodes are
> entirely chosen by clients based on the consensus given by dirauths
> (see my earlier post). The ExcludeNodes statement you use basically
> instructs the Tor *client* part not to use the specified nodes in
> their circuits.
>
> If you run a relay, you don't have to undertake any action because of
> Heartbleed except rotating your keys (deleting all keys in
> DataDir/keys), updating OpenSSL and restarting Tor. (Moritz Bartl sent
> an E-Mail to tor-relays explaining all this in great detail on
> 4/8/2014: "Relays vulnerable to OpenSSL bug: Please upgrade")
Correct.
--Roger
More information about the tor-relays
mailing list