[tor-relays] HardwareAccel: Current proper use???
Sebastian Urbach
sebastian at urbach.org
Sat Jan 3 14:07:08 UTC 2015
On January 3, 2015 2:42:44 PM usprey <usprey at gmail.com> wrote:
Hi,
> On 3 January 2015 at 13:56, Sebastian Urbach <sebastian at urbach.org> wrote:
> > On January 3, 2015 10:41:42 AM usprey <usprey at gmail.com> wrote:
> >
> > Hi usprey,
> >
> >> Summary:
> >> The documentation is still somewhat vague on the best use of the
> >> "HardwareAccel" option.
> >>
> >> > *HardwareAccel* *0*|*1*
> >
> >
> > The docu is not exactly a high-performance howto :-)
>
> np, would just like to elaborate this option in the manual for people
> not fluent in OpenSSL.
Since the hardware feature became more relevant in the last time i'm really
looking forward to have a fresh set of eyes looking into it. Sometimes i
find myself assuming things that shouldn't be assumed when it comes to new
relays. If you feel the docu lacks something, please provide some input :-)
>
> >
> >> >
> >> > If non-zero, try to use built-in (static) crypto hardware acceleration
> >> > when available. (Default: 0)
> >> >
> >> I could not find a definitive answer in the archives or in
> >>
> >> https://gitweb.torproject.org/tor.git/log/?qt=grep&q=hardwareaccel&showmsg=1
> >> .
> >>
> >> https://www.torservers.net/wiki/setup/server#aes-ni_crypto_acceleration
> >> claims
> >> no intervention is needed in regards of aes-ni accelaration, but I would
> >> like to add an explanation or source to this recommendation.
> >>
> >> Question_1:
> >> If my CPU supports and have loaded aesni_intel on linux with OpenSSL is
> >> 1.0.1.j-1, should I leave HardwareAccel off or explicitly enable it?
> >
> >
> > You don't have to change anything with 1.0.1.j-1, leave the default.
> >
> >>
> >> Question_2:
> >> What does "*built-in (static) crypto hardware acceleration*" refer to?
> >> Dedicated hardware, CPU-support or...?
> >
> >
> > It specifically means that you have the aes_ni cpu capabilities / flag. I
> > have seen this flag on dedicated systems and also on vps systems as well. If
> > the cpu / bios provides the flag and all other requirements are met (as
> > stated in the torservers.net docu) you can use that feature on any system.
>
> k, ty, will venture into OpenSSL docs.
>
> >
> > I would very much appreciate it if you would switch to text mail format,
> > thanks.
>
> k, is that the preferred default on these lists?
All lists i know prefer plain text, just better readable for everybody.
>
> >
> > Thank you very much for running a relay !
> >
> >>
> >> Best regards
> >>
> >>
> >>
> >> ----------
> >> _______________________________________________
> >> tor-relays mailing list
> >> tor-relays at lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >>
> >
> >
> > --
> > Sincerely yours / Sincères salutations
> >
> > Sebastian Urbach
> >
> > -----------------------------------------
> > Definition of Tor:
> > 10% luck, 20% skill, 15% concentrated
> > power of will, 5% pleasure, 50% pain and
> > 100% reason to remember the name!
> > -----------------------------------------
> >
> >
> >
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
--
Sincerely yours / Sincères salutations
Sebastian Urbach
-----------------------------------------
Definition of Tor:
10% luck, 20% skill, 15% concentrated
power of will, 5% pleasure, 50% pain and
100% reason to remember the name!
-----------------------------------------
More information about the tor-relays
mailing list