[tor-relays] VPS w/FDE suggestions?
boldsuck
lists at for-privacy.net
Thu Feb 22 16:08:30 UTC 2024
On Mittwoch, 21. Februar 2024 18:08:32 CET Bartosz Zieba wrote:
> > Don't know what FDE is, but at Frantech/BuyVM you can install everything
> > because you can upload your own ISO.
>
> FDE means Full Disk Encryption.
>
> Remember, running FDE in virtual environment we give access to
> encryption keys to admin of the host machine :)
Any admin can make a full backup of a 24/7/365 running KVM or cloud machine.
Regardless of whether it is encrypted or not. ;-)
Also with dedicated servers or in colocation:
Encrypting a Tor relay hd, especially exits, is NOT recommended!
In the event of a seizure, it could take months or years to get your server back.
We don't host files, we don't have logs. A Tor relay is a dumb router that forwards
encrypted traffic. Other than the master identity key's, there is nothing
interesting on a Tor relay. Therefore, use offline relay identity keys:
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorRelaySecurity/OfflineKeys
--
╰_╯ Ciao Marco!
Debian GNU/Linux
It's free software and it gives you freedom!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 3872 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20240222/c4a737c9/attachment.sig>
More information about the tor-relays
mailing list