[tor-relays] relay on a vps not exclusively used for tor?

grarpamp grarpamp at gmail.com
Sun Aug 21 20:27:10 UTC 2016


On 8/21/16, Michael McConville <mmcco at mykolab.com> wrote:
> Anything other than Tor running on the server is a liability. I'd be
> particularly concerned about things like Owncloud (not to mention web
> servers), which has a history of security vulnerabilities. I think it's
> best to restrict Tor relays to dedicated installs.

Not only security of the relay, but of any dependencies
and privacy of any other operations and data you may
have on it should it get seized for whatever reason.
Of course risk of seizure is less with non-exits.

Since anyone can run a relay, and there aren't any
relay police or hardcoded restrictions, it's really up
to you and what you're comfortable with. For example,
many might use their VPS space to store encrypted
backups offsite, or run various small services that
have minimal risk or attack surface.

And to the extent that doing things will make you
a better admin, able to weigh operation security,
there can be a lot of good in that too.


More information about the tor-relays mailing list