Re: [Sks-devel] [OT] Any Tor experts here?

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] [OT] Any Tor experts here?

From:	Daniel Kahn Gillmor
Subject:	Re: [Sks-devel] [OT] Any Tor experts here?
Date:	Mon, 29 Aug 2016 15:50:02 -0400
User-agent:	Notmuch/0.22.1+88~g8d09e96 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)

Hi Danny--

On Mon 2016-08-29 15:00:50 -0400, Danny Horne wrote:

> I've just spent several hours trying to get Tor running as a service
> (under systemd) for sks.
>
> Here's some relevant logs (the directories exist under toranon user /
> group) -
>
> Aug 29 18:46:16 marconi tor: Aug 29 18:46:16.566 [warn] Directory 
> /var/lib/tor/hidden_service/sks/ cannot be read: Permission denied
> Aug 29 18:46:16 marconi tor: Aug 29 18:46:16.566 [warn] Failed to 
> parse/validate config: Failed to configure rendezvous options. See logs for 
> details.

what are the permissions on /var/lib/tor/hidden_service/sks ?  On a
debian system, those directories should probably be owned by the
debian-tor user account.  It probably depends on what User is specified
in torrc or how tor is compiled.

> Here's the relevant bit of /etc/tor/torrc
>
> HiddenServiceDir /var/lib/tor/hidden_service/sks/
> HiddenServicePort 80 164.132.220.24:80
> HiddenServicePort 11371 164.132.220.24:11371

Just to be clear, i hope this is pointing at the reverse HTTP proxy.  we
don't recomend offering direct SKS access to the public network:

  https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering

> When using this command (as root) it creates the necessary files and
> runs, but won't run under systemd
>
> /usr/bin/tor --runasdaemon 0 --defaults-torrc
> /usr/share/tor/defaults-torrc -f /etc/tor/torrc
>
> Here's a few links whose solutions I tried (without success)
>
> http://superuser.com/questions/998850/tor-hidden-service-settings-failing-to-allow-tor-service-to-start-on-centos-fedo
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1279222

you don't mention what your systemd service file looks like, or what
operating sytsem you're using.  On debian, tor runs via a systemd
generator, but you can control the default system-wide tor service with:

  systemctl status address@hidden
  systemctl start address@hidden
  systemctl stop address@hidden

etc.  Please write back to the list if you have more details you want to
share.  Thanks for offering sks over tor!

hth,

        --dkg

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] [OT] Any Tor experts here?, Danny Horne, 2016/08/29
- Re: [Sks-devel] [OT] Any Tor experts here?, Daniel Kahn Gillmor <=
  - Re: [Sks-devel] [OT] Any Tor experts here?, Danny Horne, 2016/08/29
  - Re: [Sks-devel] [OT] Any Tor experts here?, Danny Horne, 2016/08/30
    - Re: [Sks-devel] [OT] Any Tor experts here?, Danny Horne, 2016/08/30

Prev by Date: [Sks-devel] [OT] Any Tor experts here?
Next by Date: Re: [Sks-devel] [OT] Any Tor experts here?
Previous by thread: [Sks-devel] [OT] Any Tor experts here?
Next by thread: Re: [Sks-devel] [OT] Any Tor experts here?
Index(es):
- Date
- Thread