s7r gits7r
gits7r
/ ed25519-id-offline-keys-manual.txt
Created
January 17, 2016 13:28
Ed25519 offline router identities manual
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The offline identity keys for relays is an optional feature supported as of Tor 0.2.7, don't use it unless you are willing and able to renew the temporary signing key regularly when it expires. It is an undesired feature if you plan to run the relay unattended and will take the relay offline if you forget or are unable to renew the temporary signing key when it expires. | |
| Read these two {1 - link to "I want to upgrade/move my relay. How do I keep the same key?"} {2 - link to " How do offline ed25519 identity keys work? What do I need to know?" frequently asked questions} FAQ for a fast introduction on ed25519 identities. | |
| 1. Configure Tor not to automatically generate or try to load an existing ed25519 master identity key, since we plan to keep it offline: | |
| Add the following option in your torrc file: | |
| OfflineMasterKey 1 | |
| 2. Generate a new ed25519 master identity key to use with this relay: |
gits7r
/ update-tor-manuals--keygen.txt
Created
January 17, 2016 13:24
Update the manual for Tor stable and Tor alpha
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Update manual for Tor stable and Tor alpha. | |
| 1. Replace OfflineMasterKey 0|1 with a reference to the ed25519 identity key, since it's only related to it and not the old RSA one. | |
| OfflineMasterKey 0|1 | |
| If set to 1, the Tor relay will never automatically generate a new ed25519 identity (ed25519 master identity key) or even try to load an existing one. Instead, you'll have to use "tor --keygen" to manually manage the ed25519 master identity key along with the temporary signing key and certificate. (Default 0) | |
| 2. Add under COMMAND-LINE OPTIONS documentation for --keygen: | |
| --keygen [--DataDirectory <path/to/dir>] [--SigningKeyLifetime <'N days|weeks|months'>] [--newpass] |
gits7r
/ gist:8d58459a12d614cfc190
Last active
August 29, 2015 14:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dear [PARTY WHO BLOCKS ACCESS VIA TOR], | |
| My name is [FIRST NAME, LAST NAME], I am your [CUSTOMER / USER / PROVIDE SOME USERNAME, ACCOUNT INFO OR OTHER WAY TO BE IDENTIFIED IN THEIR SYSTEM *IF APPLICABLE*]. I have troubles in accessing your service from my IP address. I believe this is a result of my IP address being listed as a Tor exit router. | |
| Please take little of your time and read some facts about Tor: | |
| - The Tor Project is a US 501(c)(3) non-profit dedicated to the research, development, and education of online anonymity and privacy. Project's homepage is https://www.torproject.org/. Tor is a research project, funded by the National Science Foundation and previously DARPA (among others). Its primary goal is to provide people from hostile environments with encrypted and uncensored access to the Internet. For more than a third of the worlds population, the Internet is being either filtered or monitored. Every day, activists and bloggers are imprisoned or threatened for what we in the western countries see |