[tor-bugs] #3892 [Tor Client]: Controlport behavior changed in 0.2.2.32 - CookieAuthentication now required to access control port
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Sep 1 21:22:00 UTC 2011
#3892: Controlport behavior changed in 0.2.2.32 - CookieAuthentication now
required to access control port
-------------------------+--------------------------------------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: Tor: 0.2.2.32
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Current and previous versions of the torrc file states that either a
HashedControlPassword OR CookieAuthentication may be used to access tor's
controlport.
From torrc
## If you enable the controlport, be sure to enable one of these
## authentication methods, to prevent attackers from accessing it.
#HashedControlPassword
16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
#CookieAuthentication 1
After upgrading from 0.2.1.26 to 0.2.2.32, tor now requires that
CookieAuthentication be enabled to access the ControlPort. Upon starting
Vidalia after the tor upgrade, an error message was received asking for
the location of the authentication cookie even when a HashControlPassword
was specified in the torrc file.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3892>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list