[tor-bugs] #20650 [Core Tor/Tor]: confusing "I need to load the permanent master identity key" line
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 13 14:22:21 UTC 2016
#20650: confusing "I need to load the permanent master identity key" line
--------------------------+---------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.2.7.3-rc
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+---------------------------------
Comment (by s7r):
The bridge in question was not started for the very first time (when Tor
takes care of everything) and it had older temporary signing key and
certificate in $datadirectory/keys - the default lifetime if not set
different is 30 days. I think Tor prints a notice just for information
purpose every time it '''wants''' to load the master identity key
(temporary signing key is about to expire soon) and every time it
'''needs''' to load the master identity key (temporary signing key is
already expired). If the master key is not offline, no further action is
required from the operator and Tor just does everything by itself and
continues normally.
We wanted to print these notices only when `OfflineMasterKey 1` is set,
but this doesn't suite the operators that do not configure this setting,
allow Tor for the first start to generate the master identity key and move
it from $datadirectory/keys immediately after. It also doesn't cover the
operators that leave the master identity key there, but encrypt it with a
passphrase. So `OfflineMasterKey` is more about instructing Tor never even
try to generate or load a master identity key, so it doesn't touch the
hard drive of that server (dirauth use case). The log messages in
`OfflineMasterKey 1` cases should be different anyway and who enables this
feature knows that further action on regular basis is required.
So, what we could do here is append to the notices printed both when Tor
'''wants''' to load or '''needs''' to load the master identity key stating
something like:
''If you did not either move the master identity key away or encrypt it
with a passphrase, no further action is required and this notification can
be ignored. Otherwise, please use --keygen and provide new valid medium
term signing key and certificate.''
What do you think? I am thinking if we should ditch the last part or maybe
it's useful?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20650#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list