[tor-relays] Tor-arm failure
Ralph Seichter
m16+tor at monksofcool.net
Sat Sep 2 21:01:41 UTC 2017
On 02.09.17 21:26, Damian Johnson wrote:
> I dropped that since it posed a security issue.
Sigh... That seems a bit overzealous to me.
> I'd suggest cookie authentication if you'd care to rely on file
> permissions rather than something you know. That'll work transparently.
I don't think I understand what exactly you are suggesting. Could you
provide an example? I can currently do the following with 'arm', and
want to it with 'nyx' as well:
me at mynotebook $ ssh foo at tornode
foo at tornode $ sudo -u tor /usr/bin/arm
I have to enter SSH keyfile password(*) and SUDO password already, and
don't want to enter yet another password for the Tor controller. Since
I am the only human who can SSH to my Tor nodes, having a password in
~/.nyx/config would be a "risk" (grin) I'm perfectly willing to take.
-Ralph
(*) I'm aware of ssh-agent.
More information about the tor-relays
mailing list