[tor-relays] tor-relays Digest, Vol 38, Issue 27

Oliver Schönefeld oliver.schoenefeld at me.com
Sun Mar 23 10:03:47 UTC 2014


Am 22.03.2014 um 21:04 schrieb tor-relays-request at lists.torproject.org:

> Send tor-relays mailing list submissions to
> 	tor-relays at lists.torproject.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> or, via email, send a message with subject or body 'help' to
> 	tor-relays-request at lists.torproject.org
> 
> You can reach the person managing the list at
> 	tor-relays-owner at lists.torproject.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-relays digest..."
> Today's Topics:
> 
>   1. new fingerprint after update (Oliver Sch?nefeld)
>   2. Re: new fingerprint after update (Alexander Dietrich)
>   3. Re: new fingerprint after update (I)
>   4. Re: Relay configuration for FreedomBox (James Valleroy)
>   5. Re: new fingerprint after update (Roger Dingledine)
>   6. Re: Relay configuration for FreedomBox (Lunar)
>   7. Re: Relay configuration for FreedomBox (Lance Hathaway)
> 
> Von: Oliver Schönefeld <oliver.schoenefeld at me.com>
> Betreff: [tor-relays] new fingerprint after update
> Datum: 22 .März 2014 15:26:07 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> Hi guys,
> 
> i updated from Tor 0.2.3.25 (relay 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday and the relay fingerprint changed to 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD.
> 
> Is there any way to get the new version working with the old fingerprint?
> I looked in the manual and tried adding a DirAuthority line in the torrc file, which looks as the following:
> DirAuthority 123tor *:9030 FINGERPRINT
> 
> But then Tor doesn't start.
> 
> I also tried writing the old fingerprint in the fingerprint file, but it's changed to the new one everytime i start Tor.
> 
> 
> So thanks for your help in advance and have a nice weekend everybody!
> 
> Oli
> 
> 
> 
> Von: Alexander Dietrich <alexander at dietrich.cx>
> Betreff: Aw: [tor-relays] new fingerprint after update
> Datum: 22 .März 2014 15:47:29 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> Is it possible that either the "DataDirectory" setting changed due to the update or the directory content?
> 

yes, because vidalia isn't part of the game anymore - yes i'm a little late with the update :(

> Best regards,
> Alexander
> ---
> PGP Key: 0xC55A356B | https://dietrich.cx/pgp
> 
> On 2014-03-22 15:26, Oliver Schönefeld wrote:
>> Hi guys,
>> i updated from Tor 0.2.3.25 (relay
>> 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday
>> and the relay fingerprint changed to
>> 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD.
>> Is there any way to get the new version working with the old
>> fingerprint?
>> I looked in the manual and tried adding a DirAuthority line in the
>> torrc file, which looks as the following:
>> DirAuthority 123tor *:9030 FINGERPRINT
>> But then Tor doesn't start.
>> I also tried writing the old fingerprint in the fingerprint file, but
>> it's changed to the new one everytime i start Tor.
>> So thanks for your help in advance and have a nice weekend everybody!
>> Oli
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> 
> 
> Von: I <beatthebastards at inbox.com>
> Betreff: Aw: [tor-relays] new fingerprint after update
> Datum: 22 .März 2014 17:58:58 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> ...and the t-shirt counter at Atlas.torproject.org resets
> 

there are worse things than that - but thanks for the reminder to claim it ;)

> 
> Von: James Valleroy <james.valleroy at gmail.com>
> Betreff: Aw: [tor-relays] Relay configuration for FreedomBox
> Datum: 22 .März 2014 19:56:12 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> On Wed, Mar 19, 2014 at 9:25 AM, Lance Hathaway <qhltx at yahoo.com> wrote:
>> If you're going to be running these as bridges, it seems to make sense
>> to include obfsproxy support, probably with obfs3 and scramblesuit [0]
>> enabled right off the bat.
> 
> Thanks for the information. Is it likely that obfs3 and scramblesuit
> will be usable in the long-term? Or will they need to be deprecated at
> some point like obfs2?
> 
> Also, if obfs3 or scramblesuit were deprecated, but some FreedomBoxes
> continued to run those transports, what would be the result? Would the
> worst case be that the bridge is no longer usable by some, as in [0]?
> 
> The reason that I'm asking is that FreedomBox is currently working
> within Debian "testing" but our target is Debian "stable". Once our
> packaged configuration is frozen for the next stable release, it will
> be more difficult for us to push changes other than security fixes.
> 
> [0] https://trac.torproject.org/projects/tor/ticket/10314
> 
> 
> 
> 
> Von: Roger Dingledine <arma at mit.edu>
> Betreff: Aw: [tor-relays] new fingerprint after update
> Datum: 22 .März 2014 19:57:50 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> On Sat, Mar 22, 2014 at 03:26:07PM +0100, Oliver Schönefeld wrote:
>> i updated from Tor 0.2.3.25 (relay 266C0CADC79F802C554019887324A57332A1DA70) to Tor 0.2.4.21 yesterday and the relay fingerprint changed to 07E333A3B979C27739096C5B2EE10D7C8E3D8FFD.
> 
> https://www.torproject.org/docs/faq#UpgradeOrMove
> 
>> I looked in the manual and tried adding a DirAuthority line in the torrc file, which looks as the following:
>> DirAuthority 123tor *:9030 FINGERPRINT
>> 
>> But then Tor doesn't start.
> 
> Yeah, that's not at all what DirAuthority is for. Can you help us
> understand what made you think this was a good idea to try, so we can
> fix it in the man page? :)
> 
>> I also tried writing the old fingerprint in the fingerprint file,
>> but it's changed to the new one everytime i start Tor.
> 
> Hopefully the above faq entry helps.
> 
> Thanks for running a relay!
> --Roger
> 
> 

thank you so much, roger!
i copied the old /keys folder and it's working like a charm.

i basically ctrl+f'ed "fingerprint" in the stable manual and the DirAuthority property was the only one that made sense, since i don't run a bridge.
but i have to admit that i didn't read the NOTE section... shame on my head.

thank y'all!

> 
> 
> 
> Von: Lunar <lunar at torproject.org>
> Betreff: Aw: [tor-relays] Relay configuration for FreedomBox
> Datum: 22 .März 2014 20:23:49 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> James Valleroy:
>> The reason that I'm asking is that FreedomBox is currently working
>> within Debian "testing" but our target is Debian "stable". Once our
>> packaged configuration is frozen for the next stable release, it will
>> be more difficult for us to push changes other than security fixes.
> 
> (Debian hat on:) I try to keep Debian backports as up-to-date as possible.
> Are official backports out of your set of allowed packages as well?
> 
> -- 
> Lunar                                             <lunar at torproject.org>
> 
> 
> 
> Von: Lance Hathaway <qhltx at yahoo.com>
> Betreff: Aw: [tor-relays] Relay configuration for FreedomBox
> Datum: 22 .März 2014 21:03:43 MEZ
> An: tor-relays at lists.torproject.org
> Antwort an: tor-relays at lists.torproject.org
> 
> 
> Signierter PGP Teil
> On 22/03/2014 11:56 AM, James Valleroy wrote:
> > Thanks for the information. Is it likely that obfs3 and
> > scramblesuit will be usable in the long-term? Or will they need to
> > be deprecated at some point like obfs2?
> >
> > Also, if obfs3 or scramblesuit were deprecated, but some
> > FreedomBoxes continued to run those transports, what would be the
> > result? Would the worst case be that the bridge is no longer usable
> > by some, as in [0]?
> >
> > The reason that I'm asking is that FreedomBox is currently working
> > within Debian "testing" but our target is Debian "stable". Once
> > our packaged configuration is frozen for the next stable release,
> > it will be more difficult for us to push changes other than
> > security fixes.
> >
> > [0] https://trac.torproject.org/projects/tor/ticket/10314
> 
> I can't speak to whether more pluggable transports will be deprecated
> in future, but I'll go out on a limb here and say "probably." The
> nature of things ensures that the capabilities of censors continue to
> advance. And as they do, new approaches will be found and deployed to
> bypass those advancing attempts to block the network.
> 
> When bridges were first deployed, the fact that they weren't all
> openly listed in a public directory made them more difficult to block.
> Now, most plain bridges are very easy to block. When obfs2 was first
> deployed, it was a solid protocol (I have no doubt). These days, China
> is actively hunting down and blocking obfs2. There is very little
> point to deploying either a plain bridge or an obfs2 pluggable
> transport these days, especially on a mass scale.
> 
> On the plus side, obfs3 is still pretty strong, and it's one of the
> common pluggable transports right now. Scramblesuit is not live in the
> official bundles yet (AFAIK), but it just released and has some pretty
> robust-looking defenses against active probing and other attacks. If
> you're working on something new to deploy, these should be included,
> without a doubt. They may indeed be deprecated in future, and in the
> worst case may become unusable or make the bridge more susceptible to
> being blocked. But if you go with a plain bridge or obfs2, you're
> already in your worst-case scenario. You have nothing to lose and
> everything to gain by enabling the newest pluggable transports.
> 
> I would highly recommend adding the Tor package repository to the
> FreedomBoxes. As explained in [0], this won't always give you the
> latest version of tor, but it will provide security fixes. My hunch is
> that it will almost always also be a little fresher than Debian
> stable. And given that network censors and network developers are
> always going to be in an escalating arms race, enabling new releases
> of Tor (and obfsproxy) directly from the project is going to make the
> FreedomBox much more useful in the long term.
> 
> -Lance
> 
> [0] https://www.torproject.org/docs/debian
> 
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140323/e251d607/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140323/e251d607/attachment-0001.sig>


More information about the tor-relays mailing list