[tor] noisetor recovery
aestetix
aestetix at aestetix.com
Mon Jul 4 03:29:00 UTC 2016
+1
Also thanks for all your hard work in keeping the project going. It makes me
happy :)
On Sun, Jul 03, 2016 at 08:23:16PM -0700, John Menerick wrote:
>Yes to the dead man switch.
>
>John Menerick
>https://securesql.info
>
>On Jul 3, 2016 7:14 PM, "Patrick O'Doherty" <p at trickod.com> wrote:
>
> Final check in here.
>
> After fighting against some configuration specifics noisetor is now back
> online. All relays (bar noiseexit01c for some reason) are now appearing
> in consensus with their old fingerprints. I'm confident that
> noiseexit01c will be in consensus soon.
>
> Given they've been offline for a while they'll have to re-earn some
> flags, specifically exit, fast, and stable. I'll have to read up on
> specifics but I think we should have them in a week-ish, followed by a
> ramp-up of traffic.
>
> cheers,
>
> p
>
> p.s. considering researching an offline-master setup with the existing
> keys such that we'd have a dead-mans-switch requirement to check up on
> the box every N months. would be very much interested in hearing
> people's thoughts on this.
>
> Patrick O'Doherty:
> > Just to follow up,
> >
> > The ddrescue that I ran on the disk overnight appears to have created a
> > good image, at least I believe I have recovered key material for all of
> > the 4 tor instances that we were running.
> >
> > I'll look to get them back up and running with an upgraded tor either
> > tonight or tomorrow time depending.
> >
> > p
> >
> > Patrick O'Doherty:
> >> hey folks,
> >>
> >> as some of you might have noticed the noisetor has been offline due to a
> >> hardware (HDD) failure.
> >>
> >> myself and Andy have gotten the host back online, but unfortunately it
> >> looks as if we've lost the relay key material as the filesystem is
> >> highly corrupted.
> >>
> >> my plan to get noisetor back up and running is as follows:
> >>
> >> 1) image the disk and attempt to recover the key material
> >>
> >> 2) failing that generate new offline master keys (so that HDD recovery
> >> doesn't cause this issue again) and create new 18-month signing keys
> >> such that the relay can live again with minimal upkeep. I'm hoping that
> >> an 18 month dead mans switch encourages somewhat more frequent
> >> maintenance of the node going forward.
> >>
> >> posting here so there's some semblance of a public plan to get noisetor
> >> back on its feet.
> >>
> >> cheers,
> >>
> >> p
> >>
> >
>
>
> _______________________________________________
> tor mailing list
> tor at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/tor
>
>
>_______________________________________________
>tor mailing list
>tor at lists.noisebridge.net
>https://www.noisebridge.net/mailman/listinfo/tor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 513 bytes
Desc: Digital signature
URL: <http://lists.noisebridge.net/pipermail/tor/attachments/20160704/b43633f1/attachment-0003.sig>
More information about the tor
mailing list