-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi everyone,
Two months ago I decided to try the new ed25519 key introduced in Tor 2.7 with OfflineMasterKey set so I can keep the master key in a different place and just upload the medium-term signing key every month. Last month everything went ok: I renewed the key and Tor accepted it. This time instead after generating the new signing key with # tor --datadirectory path_to_my_master_key --signingkeylifetime '1 months' --keygen and uploading ed25519_signing_cert and ed25519_signing_secret_key and fixing the permission, Tor keep saying Feb 03 07:27:40.000 [notice] It looks like I need to generate and sign a new medium-term signing key, because the one I have is expired. To do that, I need to load the permanent master identity key. Feb 03 07:27:40.000 [warn] We needed to load a secret key from /var/lib/tor/keys/ed25519_master_id_secret_key, but couldn't find it. Did you forget to copy it over when you copied the rest of the signing key material? Feb 03 07:27:40.000 [warn] Can't load master identity key; OfflineMasterKey is set. Feb 03 07:27:40.000 [err] Error initializing keys; exiting That raises two questions to me: - why does Tor think the new keys are already expired? - why is Tor searching ed25519_master_id_secret_key? With OfflineMasterKey set it shouldn't care about the master secret key Thank you, patacca -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWsgVWAAoJEE1LNuolWAxg12QP/iy/rd0cPPt8WhzXXCmlRwRi vNFZ2PO6ltpS9uu0HRgUExpDGG1QY8eLUZxRUPCg1lFPbu/tsfHo+Rz3RB6iAg0Q rkqkSen4vjAboA2PTfyu6oLQEqX4zHyJ4RaFZcdemgYdm4/B1pbZVMYOgI1EiJQj bX/WSyjPlAF5gXhWW+F1UH/ucCLcue8LumWdd2qGSILVInzEcXfM2myTi4NRZJry pearKYlMMSt70+qM7ivBKelYp3iMpZjUZOQa4rDmNEvWncWmHDi+QxggsKBGJ/Kf ZqwVuatCQT56B10GNGZrc5bUx1cbBjdXj4wMLh3D/8wxMIJztPB9rEI2+C2GzP3d asG054o2GHQ5HISQqFuFTZ4dzyjudV/g3HbA78kXcLXrTuSVSV0vZ8cEqACiaYSI dFfIjNTevr9WgWbXPfKFzILAGlBS6gUWJflh8eQY539Jg0LnJI4XpSbSFlvAU8dQ fzZSLnUGdPC0w8dcPpSeS+ojxiQ1cv7qQoeubpyXvO16ATlxDZ6SW9WwFDKEN72N xUOwIBGBpj6Onq8UuieMRTqolcd5jc96/4Y1rVCUeegRts+0RloW+ftODf5MjcyR 5uvbvyrm9J9AsAzFkK+ZI7Xi+Fad4lR1rsdM7t9jWndHFb83DEKDOJPyq+aFgk+r 00IxrkcEOwzQUf68QLcP =xN1c -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
