[tor-relays] Bridges and MyFamily setting

Cristian Consonni cristian at balist.es
Mon Jul 23 10:21:06 UTC 2018 

On 22/07/2018 18:57, nusenu wrote:
>> I am running a couple of relay nodes and now I would like to set a
>> bridge relay. The `torrc` file says the following:
>> ---
>> ## Uncomment this if you run more than one Tor relay, and add the identity
>> ## key fingerprint of each Tor relay you control, even if they're on
>> ## different networks. You declare it here so Tor clients can avoid
>> ## using more than one of your relays in a single circuit. See
>> ## https://www.torproject.org/docs/faq#MultipleRelays
>> ## However, you should never include a bridge's fingerprint here, as it
>> would
>> ## break its concealability and potentially reveal its IP/TCP address.
>> #MyFamily $keyid,$keyid,...
>> ---
>>
>> I understand that I should not add the bridge fingerprint to the
>> MyFamily setting of my other relays, but should I set MyFamily on my
>> bridge (with the fingerprints of my other nodes)?
> 
> what do you mean by "other nodes"? 
> other bridges?

No, middle nodes. I am running two middle relays (i.e. not exits) and I
would like to run another node as a bridge from home. I should also
point out that the new node I want to run in principle has a dynamic IP.

I understand I should not put the fingerprint of the bridge in the torrc
of the two middle relays, but I was wondering about the vice-versa.

> generally speaking:
> - please don't run bridges and exits at the same time

Ok, that's news (I have not read this advice anywhere else)

> - don't add MyFamily lines to your bridge's torrc file

Ok, then the torrc file could be clearer about this.

> - don't put bridge fingerprints or hashed fingerprints into your relays' torrc files

This is what is currently explained in the comment in the torrc template.

Thanks for your help.

C


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180723/bfdb4fd5/attachment.sig>

More information about the tor-relays mailing list