[tor] noisetor recovery

aestetix aestetix at aestetix.com
Mon Jul 4 03:29:00 UTC 2016 

+1

Also thanks for all your hard work in keeping the project going. It makes me
happy :)

On Sun, Jul 03, 2016 at 08:23:16PM -0700, John Menerick wrote:
>Yes to the dead man switch.
>
>John Menerick
>https://securesql.info
>
>On Jul 3, 2016 7:14 PM, "Patrick O'Doherty" <p at trickod.com> wrote:
>
>    Final check in here.
>
>    After fighting against some configuration specifics noisetor is now back
>    online. All relays (bar noiseexit01c for some reason) are now appearing
>    in consensus with their old fingerprints. I'm confident that
>    noiseexit01c will be in consensus soon.
>
>    Given they've been offline for a while they'll have to re-earn some
>    flags, specifically exit, fast, and stable. I'll have to read up on
>    specifics but I think we should have them in a week-ish, followed by a
>    ramp-up of traffic.
>
>    cheers,
>
>    p
>
>    p.s. considering researching an offline-master setup with the existing
>    keys such that we'd have a dead-mans-switch requirement to check up on
>    the box every N months. would be very much interested in hearing
>    people's thoughts on this.
>
>    Patrick O'Doherty:
>    > Just to follow up,
>    >
>    > The ddrescue that I ran on the disk overnight appears to have created a
>    > good image, at least I believe I have recovered key material for all of
>    > the 4 tor instances that we were running.
>    >
>    > I'll look to get them back up and running with an upgraded tor either
>    > tonight or tomorrow time depending.
>    >
>    > p
>    >
>    > Patrick O'Doherty:
>    >> hey folks,
>    >>
>    >> as some of you might have noticed the noisetor has been offline due to a
>    >> hardware (HDD) failure.
>    >>
>    >> myself and Andy have gotten the host back online, but unfortunately it
>    >> looks as if we've lost the relay key material as the filesystem is
>    >> highly corrupted.
>    >>
>    >> my plan to get noisetor back up and running is as follows:
>    >>
>    >> 1) image the disk and attempt to recover the key material
>    >>
>    >> 2) failing that generate new offline master keys (so that HDD recovery
>    >> doesn't cause this issue again) and create new 18-month signing keys
>    >> such that the relay can live again with minimal upkeep. I'm hoping that
>    >> an 18 month dead mans switch encourages somewhat more frequent
>    >> maintenance of the node going forward.
>    >>
>    >> posting here so there's some semblance of a public plan to get noisetor
>    >> back on its feet.
>    >>
>    >> cheers,
>    >>
>    >> p
>    >>
>    >
>
>
>    _______________________________________________
>    tor mailing list
>    tor at lists.noisebridge.net
>    https://www.noisebridge.net/mailman/listinfo/tor
>
>

>_______________________________________________
>tor mailing list
>tor at lists.noisebridge.net
>https://www.noisebridge.net/mailman/listinfo/tor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 513 bytes
Desc: Digital signature
URL: <http://lists.noisebridge.net/pipermail/tor/attachments/20160704/b43633f1/attachment-0003.sig>

More information about the tor mailing list