Opened 6 months ago

Closed 3 months ago

#22348 closed defect (implemented)

16 relays have mismatched rsa/ed keys currently

Reported by: arma Owned by: nickm
Priority: Medium Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: review-group-22
Cc: Actual Points:
Parent ID: Points:
Reviewer: dgoulet Sponsor:

Description

Looking at lines from moria1's log for mismatched ed/rsa keys like this:

May 19 18:00:10.942 [info] dirserv_router_get_status(): Descriptor from router $BB119A5A4D5DA2BBB7B796ECC50E3C0F1D4FD910~onslaught at 163.172.228.191 has an Ed25519 key, but the <rsa,ed25519> keys don't match what they were before.

There are sixteen relays currently that I'm rejecting the descriptors of:

0F366C2AD5F099204E22090FECBFFA511860F196
1200782F57E45EC068340E13FD2C1DFF491BDF27
1C33915BDDE9F1FBF4B8CED25A4D861F2CB8460E
2F7A826CC5B7E6D834ECA25E236A1351D389D195
59F16177E3B3D1979DA56642E6044E266473EF2A
766D10918D238BB96F7CD02C1E2E114110DC32CA
878413A9DE5AC497A2A5F200DA163F12D503FD8D
9B97CD09CA7CCD844ADCAF3241736B1823CE5047
A032473D4A0EC3EE2BF321C31A97158582B4FC94
B5C45F1FD0DFE044772ED1B34160F6CF49B267EC
B62A3F23955AF323A03F4ADB355C7D00594CFBD1
BB119A5A4D5DA2BBB7B796ECC50E3C0F1D4FD910
D46175487C332CC602F7D1A44D7BA73348C6C49E
E721D43AF859DC347710E16FC96E0EE68B722EA4
F01D8D6448C8B883D8ACD08D3AA7789D5EE38B7B
F94A792CE808F8FE39C80AD17CB2D0802F7B9D90

A) We need to put up some documentation for them so they can know what we're enforcing and how to fix it. Right now all they're getting, if they look at their logs, is

May 23 17:06:10.976 [warn] http status 400 ("Looks like your keypair does not match its older value.") response from dirserver '86.59.21.38:80'. Please correct.

which is not enough for them to guess what went wrong and what needs fixing.

B) For anecdotes, we should contact the operators of these 16, to try to get them to help us guess what went wrong such that they're in this situation now.

C) We should consider some plan for how to notice and contact future relay operators that fall into this trap. Otherwise we throw away relay volunteers, which is frustrating for them and bad for the network.

Child Tickets

Change History (12)

comment:1 Changed 6 months ago by teor

Milestone: Tor: 0.3.1.x-final

We need to do this before a majority of authorities key pin, which means the 0.3.1 timeframe.

comment:2 Changed 5 months ago by nickm

How about this for an improved message for A:

"Looks like your keypair has changed? This authority previously recorded a different RSA identity key for your Ed25519 identity key, or vice versa. Did you replace or copy some of your keys, but not others?"

comment:3 Changed 4 months ago by nickm

Owner: set to nickm
Status: newaccepted

comment:4 Changed 4 months ago by nickm

Status: acceptedneeds_review

I'd done the part that requires a tor change as ticket22348_031 in my public repository. No code changes, only a string.

comment:5 Changed 3 months ago by nickm

Keywords: review-group-22 added

comment:6 Changed 3 months ago by dgoulet

Status: needs_reviewneeds_information

I'm wondering, shouldn't we tell the user what to actually do if this message happens? Could we complement the message with a small guideline on what to do?

comment:7 Changed 3 months ago by nickm

Hm. Any ideas what that should say? The problem is that the right fix depends on the user's situation.

comment:8 Changed 3 months ago by dgoulet

Good question. There isn't really much options actually other than doing something like "rm keys/*" and restart tor? Or put back the backed up keys in keys/ ?

comment:9 Changed 3 months ago by nickm

Right. If you still have a matching pair of keys, you should restore them. But if you can't, you should remove your keys and start over with a new identity.

comment:10 Changed 3 months ago by nickm

Status: needs_informationneeds_review

I've tried to add a sentence in ticket22348_031 to say that. Better now?

comment:11 Changed 3 months ago by dgoulet

Reviewer: dgoulet
Status: needs_reviewmerge_ready

Great! Ack.

comment:12 Changed 3 months ago by nickm

Resolution: implemented
Status: merge_readyclosed

ok; merged!

Note: See TracTickets for help on using tickets.