Opened 6 years ago

Closed 3 years ago

#9478 closed enhancement (worksforme)

Operational crypto enhancements

Reported by: grarpamp Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.4.16-rc
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Subject of managing key material has come up a few times on the lists.

Facility for user can add/drop/mod the controller access token and Tor keys directly to a Tor in boot standby or running mode via controller without requiring disk for them.
Some modes of node deployment/use are disposable so in that case config option to autogenerate keys and not write them out to disk, but show them in controller/debug.
Allow use of passphrased keys on startup like apache console or via passphrase put in via controller.
Disk storage of other bits of .tor may be sensitive enough to keep in core as well.

Child Tickets

Change History (5)

comment:1 Changed 6 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.???

comment:2 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:3 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:4 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:5 in reply to:  description Changed 3 years ago by nickm

Resolution: worksforme
Severity: Normal
Status: newclosed

Replying to grarpamp:

Subject of managing key material has come up a few times on the lists.

Recommendation for most of these: use a ramdisk if you want ephemeral, and an encrypted volume if you want persistent but encrypted.

Additionally, offline ed25519 id keys are supported, and nifty.

Note: See TracTickets for help on using tickets.