[tor-relays] key expired and can't renew

zimmer linux drremmiz at gmail.com
Mon Jun 8 20:20:09 UTC 2020 

Hey Torix,

This is something that seems to come up with offline generated keys, I've
no idea what's happening here though.

I suppose keeping an original key for a bridge doesn't matter in the
slightest, because the bridges don't generate any consensus. I'm presuming
this is one of your bridges that's fallen over.

If it was me, I'd just delete the key folder and start tor again.

Zim


On Mon, 8 Jun 2020 at 20:22, <torix at protonmail.com> wrote:

> Dear LIst,
>
> My bridge, tor version 0.4.2.7 stopped this morning with a bunch of lines
> like this:
> "It looks like I should try to generate and sign a new medium-term signing
> key, because
> the one I have is going to expire soon. To do that, I'm going to have to
> try to load the permanent master identity
> key. If the master identity key was not moved or encrypted with a
> passphrase, this will be done automatically and
> no further action is required. Otherwise, provide the necessary data using
> 'tor --keygen' to do it manually.
> [warn] We needed to load a secret key from
> /var/db/tor/keys/ed25519_master_id_secret_key, but i
> t was encrypted. Try 'tor --keygen' instead, so you can enter the
> passphrase."
>
> I put it up a month ago, so I assume this is the frst time the key needed
> to be changed.
> When I look at the keys directory, it looks the same as my still-running
> one, put ip 42 days ago.
> 42day one:
> /var/db/tor # ll keys
> total 28
> -rw-------  1 _tor  _tor   64 Apr 27 01:49 ed25519_master_id_public_key
> -rw-------  1 _tor  _tor   96 Apr 27 01:49 ed25519_master_id_secret_key
> -rw-------  1 _tor  _tor  172 May 26 02:00 ed25519_signing_cert
> -rw-------  1 _tor  _tor   96 May 26 02:00 ed25519_signing_secret_key
> -rw-------  1 _tor  _tor  888 Apr 27 01:49 secret_id_key
> -rw-------  1 _tor  _tor  888 May 25 02:03 secret_onion_key
> -rw-------  1 _tor  _tor   96 May 25 02:03 secret_onion_key_ntor
> Expired one:
> /var/log/tor # ll /var/db/tor/keys/
> total 28
> -rw-------  1 _tor  _tor   64 May  9 01:29 ed25519_master_id_public_key
> -rw-------  1 _tor  _tor  227 May  9 01:29
> ed25519_master_id_secret_key_encrypted
> -rw-------  1 _tor  _tor  172 May  9 01:29 ed25519_signing_cert
> -rw-------  1 _tor  _tor   96 May  9 01:29 ed25519_signing_secret_key
> -rw-------  1 _tor  _tor  888 May  9 02:09 secret_id_key
> -rw-------  1 _tor  _tor  888 May 30 21:11 secret_onion_key
> -rw-------  1 _tor  _tor   96 May 30 21:11 secret_onion_key_ntor
> I have never encrypted any tor keys; I just downloaded and installed it.
> Permissions seem the same on both.  I can delete the keys directory and
> reinstall tor, but that's probably a hammer to kill a gnat.  Hope that this
> has happened many times before and it's something simple.
>
> TIA,
>
> --Torix
>
>
>
> Sent with ProtonMail <https://protonmail.com> Secure Email.
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200608/70f2c43d/attachment-0001.htm>

More information about the tor-relays mailing list