[tor-relays] doc/HARDENING Draft
tor-admin at torland.me
tor-admin at torland.me
Tue Nov 25 19:58:04 UTC 2014
On Monday 24 November 2014 18:09:34 Libertas wrote:
> Here's the relevant ticket:
>
> https://trac.torproject.org/projects/tor/ticket/13703
>
> A specific topic of conversation is how much of the advice should be
> in the document itself as opposed to linked sources.
>
> It could also use more OS diversity. After reading it, you can
> probably guess which *nix flavors I'm familiar with.
>
> Enjoy,
> Libertas
I would add the following advice:
Don't store identity keys on the hard disk. Keep them offliner. Use a ramdisk
for /var/lib/tor/keys/ and copy keys to it via scp before starting your tor
instance. Remove it from the ramdisk after startup. So the keys cannot be
easily taken during unexpected downtimes.
Regards,
torland
More information about the tor-relays
mailing list