[tor-relays] Relay Or/Dirport Unreachable
lists at for-privacy.net
lists at for-privacy.net
Sat Mar 21 16:35:28 UTC 2020
On 20.03.2020 09:19, Roger Dingledine wrote:
> On Thu, Mar 19, 2020 at 07:57:53PM +0100, Mario Costa wrote:
>> Or you could just add your user to the debian-tor group, so it will be
>> able to access the nyx control Unix socket.
>
> This is definitely imo the better approach rather than sudo'ing your
> nyx to the debian-tor user.
>
> If you sudo to debian-tor, then your nyx gets access to all of your Tor
> keys, and if nyx has a security flaw then it can do more damage.
>
> Whereas if you add your own user to the debian-tor group, and then run
> nyx
> as yourself, you are better isolated from pieces of Tor that nyx has no
> business being able to access.
.... >8
Thanks for the explanation @Roger & Mario.
Is there anything wrong with usermod in terms of security?
sudo adduser $USER debian-tor
sudo usermod -aG debian-tor $USER
@Kathi
Then ignore my instructions from our private conversation later on your
relay.
--
╰_╯ Ciao Marco!
Debian GNU/Linux
It's free software and it gives you freedom!
More information about the tor-relays
mailing list