[tor-relays] Tor Relay Performance
Sebastian Hahn
mail at sebastianhahn.net
Tue Mar 25 02:29:35 UTC 2014
On 24 Mar 2014, at 20:21, tor-admin <tor-admin at torland.me> wrote:
> There a couple of sysctrl parameters that Moritz described here:
> https://www.torservers.net/wiki/setup/server#sysctlconf
That website has at least one glaringly dangerous suggestion, namely
apt-key adv --recv-keys --keyserver keys.gnupg.net 886DDD89
The issue is that he key which is to be fetched from a public, untrusted
keyserver using an unauthenticated protocol is not being verified at
all. This immediately compromises the entire box in case someone is
messing with your upstream traffic.
It would seem advisable to review the remainder of the advice there, and
also fix the above problem.
Cheers
Sebastian
More information about the tor-relays
mailing list