[tor-dev] obfsproxy getting scramblesuit password from file in unmanaged mode
Yawning Angel
yawning at schwanenlied.me
Tue May 20 15:35:36 UTC 2014
On Tue, 20 May 2014 18:25:46 +0300
irregulator at riseup.net wrote:
> Hey all,
>
> when running obfsproxy with scramblesuit in unmanaged mode (e.g. to
> obfuscate non-Tor traffic) the UniformDH password is passed in command
> line like this:
>
> obfsproxy scramblesuit --password=W3ECD5GOYU5AAW4G35GSH5QXIHSRBU2X
>
> The problem with this is that the password is visible in the system's
> process list.
>
> Do you think it would make sense to add an argument like
> "--password-file", so as scramblesuit can fetch the password from a
> file? Any caveats?
>
> Although this is not related to the Tor ecosystem, i think it would be
> useful.
Indeed, we have a bug open for this.
https://trac.torproject.org/projects/tor/ticket/8040
I think using `setproctitle` to modify what appears on the system
process list may be a better general solution (and it would let us do
things like showing `obfsproxy: obfs3,scramblesuit` in the managed use
case as well which I think is cute, if not massively useful.
As an added bonus it is a general solution that's more futureproof.
Regards,
--
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140520/b76546b5/attachment.sig>
More information about the tor-dev
mailing list