On 24 Mar 2014, at 20:21, tor-admin <tor-ad...@torland.me> wrote: > There a couple of sysctrl parameters that Moritz described here: > https://www.torservers.net/wiki/setup/server#sysctlconf
That website has at least one glaringly dangerous suggestion, namely apt-key adv --recv-keys --keyserver keys.gnupg.net 886DDD89 The issue is that he key which is to be fetched from a public, untrusted keyserver using an unauthenticated protocol is not being verified at all. This immediately compromises the entire box in case someone is messing with your upstream traffic. It would seem advisable to review the remainder of the advice there, and also fix the above problem. Cheers Sebastian _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
