Your Tor relay might be affected by Debain OpenSSL flaw
Matt LaPlante
cyberdog3k at gmail.com
Wed May 14 16:20:35 UTC 2008
On Wed, May 14, 2008 at 11:14 AM, Roger Dingledine <arma at mit.edu> wrote:
> On Wed, May 14, 2008 at 11:10:24AM -0500, Matt LaPlante wrote:
>> I received a notice earlier today stating that "Your Tor relay might
>> be affected by Debain OpenSSL flaw." I had already regenerated my
>> secret keys following the procedure given in the tor-announce notice
>> (after having updated ssl/ssh/etc). Regardless, my node still appears
>> blacklisted. Is this list static? The notice unfortunately did not
>> seem to document the re-enabling procedure for corrected nodes.
>
> We blacklisted nodes by their weak keys. So if you come back with the same
> (weak) key, you'll still be blacklisted -- but that's as it should be.
>
> Perhaps you could provide more details?
I'm no Tor expert, but based on the announcement I:
apt-get update
apt-get upgrade [ssl is now ubuntu hardy latest]
/etc/init.d/tor stop
rm /var/lib/tor/keys/secret_*
/etc/init.d/tor start
My server log then gives me:
May 14 09:01:30.488 [warn] Received http status code 404 ("Not found")
from server '...' while fetching "/tor/status/fp/...". I'll try again
soon.
Which I assume is because I'm still blocked. Am I missing a step in
the procedure, or misinterpreting the log?
>
> --Roger
>
>
More information about the tor-talk
mailing list