[tor-relays] key expired and can't renew

torix at protonmail.com torix at protonmail.com
Mon Jun 8 19:22:11 UTC 2020

Dear LIst,

My bridge, tor version stopped this morning with a bunch of lines like this:
"It looks like I should try to generate and sign a new medium-term signing key, because
the one I have is going to expire soon. To do that, I'm going to have to try to load the permanent master identity
key. If the master identity key was not moved or encrypted with a passphrase, this will be done automatically and
no further action is required. Otherwise, provide the necessary data using 'tor --keygen' to do it manually.
[warn] We needed to load a secret key from /var/db/tor/keys/ed25519_master_id_secret_key, but i
t was encrypted. Try 'tor --keygen' instead, so you can enter the passphrase."

I put it up a month ago, so I assume this is the frst time the key needed to be changed.
When I look at the keys directory, it looks the same as my still-running one, put ip 42 days ago.
42day one:
/var/db/tor # ll keys
total 28
-rw-------  1 _tor  _tor   64 Apr 27 01:49 ed25519_master_id_public_key
-rw-------  1 _tor  _tor   96 Apr 27 01:49 ed25519_master_id_secret_key
-rw-------  1 _tor  _tor  172 May 26 02:00 ed25519_signing_cert
-rw-------  1 _tor  _tor   96 May 26 02:00 ed25519_signing_secret_key
-rw-------  1 _tor  _tor  888 Apr 27 01:49 secret_id_key
-rw-------  1 _tor  _tor  888 May 25 02:03 secret_onion_key
-rw-------  1 _tor  _tor   96 May 25 02:03 secret_onion_key_ntor
Expired one:
/var/log/tor # ll /var/db/tor/keys/
total 28
-rw-------  1 _tor  _tor   64 May  9 01:29 ed25519_master_id_public_key
-rw-------  1 _tor  _tor  227 May  9 01:29 ed25519_master_id_secret_key_encrypted
-rw-------  1 _tor  _tor  172 May  9 01:29 ed25519_signing_cert
-rw-------  1 _tor  _tor   96 May  9 01:29 ed25519_signing_secret_key
-rw-------  1 _tor  _tor  888 May  9 02:09 secret_id_key
-rw-------  1 _tor  _tor  888 May 30 21:11 secret_onion_key
-rw-------  1 _tor  _tor   96 May 30 21:11 secret_onion_key_ntor
I have never encrypted any tor keys; I just downloaded and installed it.  Permissions seem the same on both.  I can delete the keys directory and reinstall tor, but that's probably a hammer to kill a gnat.  Hope that this has happened many times before and it's something simple.



Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200608/c5f9ed3e/attachment.htm>

More information about the tor-relays mailing list