[tor] noisetor recovery

John Menerick omgponies3145 at gmail.com
Mon Jul 4 03:23:16 UTC 2016


Yes to the dead man switch.

John Menerick
https://securesql.info
On Jul 3, 2016 7:14 PM, "Patrick O'Doherty" <p at trickod.com> wrote:

> Final check in here.
>
> After fighting against some configuration specifics noisetor is now back
> online. All relays (bar noiseexit01c for some reason) are now appearing
> in consensus with their old fingerprints. I'm confident that
> noiseexit01c will be in consensus soon.
>
> Given they've been offline for a while they'll have to re-earn some
> flags, specifically exit, fast, and stable. I'll have to read up on
> specifics but I think we should have them in a week-ish, followed by a
> ramp-up of traffic.
>
> cheers,
>
> p
>
> p.s. considering researching an offline-master setup with the existing
> keys such that we'd have a dead-mans-switch requirement to check up on
> the box every N months. would be very much interested in hearing
> people's thoughts on this.
>
> Patrick O'Doherty:
> > Just to follow up,
> >
> > The ddrescue that I ran on the disk overnight appears to have created a
> > good image, at least I believe I have recovered key material for all of
> > the 4 tor instances that we were running.
> >
> > I'll look to get them back up and running with an upgraded tor either
> > tonight or tomorrow time depending.
> >
> > p
> >
> > Patrick O'Doherty:
> >> hey folks,
> >>
> >> as some of you might have noticed the noisetor has been offline due to a
> >> hardware (HDD) failure.
> >>
> >> myself and Andy have gotten the host back online, but unfortunately it
> >> looks as if we've lost the relay key material as the filesystem is
> >> highly corrupted.
> >>
> >> my plan to get noisetor back up and running is as follows:
> >>
> >> 1) image the disk and attempt to recover the key material
> >>
> >> 2) failing that generate new offline master keys (so that HDD recovery
> >> doesn't cause this issue again) and create new 18-month signing keys
> >> such that the relay can live again with minimal upkeep. I'm hoping that
> >> an 18 month dead mans switch encourages somewhat more frequent
> >> maintenance of the node going forward.
> >>
> >> posting here so there's some semblance of a public plan to get noisetor
> >> back on its feet.
> >>
> >> cheers,
> >>
> >> p
> >>
> >
>
>
> _______________________________________________
> tor mailing list
> tor at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/tor
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/tor/attachments/20160703/5793c2ee/attachment-0003.html>


More information about the tor mailing list