[tor-relays] Tor Relay Performance

Sebastian Hahn mail at sebastianhahn.net
Tue Mar 25 02:29:35 UTC 2014

On 24 Mar 2014, at 20:21, tor-admin <tor-admin at torland.me> wrote:

> There a couple of sysctrl parameters that Moritz described here: 
> https://www.torservers.net/wiki/setup/server#sysctlconf

That website has at least one glaringly dangerous suggestion, namely

apt-key adv --recv-keys --keyserver keys.gnupg.net 886DDD89

The issue is that he key which is to be fetched from a public, untrusted
keyserver using an unauthenticated protocol is not being verified at
all. This immediately compromises the entire box in case someone is
messing with your upstream traffic.

It would seem advisable to review the remainder of the advice there, and
also fix the above problem.


More information about the tor-relays mailing list