Oops, sorry - my bad. Didn't spot that this was already answered under a different email subject. :)
On Sat, Sep 2, 2017 at 6:27 PM, Damian Johnson <ata...@torproject.org> wrote: > Hi Ralph, I think there's some confusion about the ssh verses tor > password. All I'm suggesting is that instead of > 'HashedControlPassword' you use 'CookieAuthentication 1' in your torrc > instead. This is discussed a bit on the following in case you'd care > to read more... > > https://stem.torproject.org/faq.html#can-i-interact-with-tors-controller-interface-directly > > Cheers! -Damian > > > On Sat, Sep 2, 2017 at 2:01 PM, Ralph Seichter <m16+...@monksofcool.net> > wrote: >> On 02.09.17 21:26, Damian Johnson wrote: >> >>> I dropped that since it posed a security issue. >> >> Sigh... That seems a bit overzealous to me. >> >>> I'd suggest cookie authentication if you'd care to rely on file >>> permissions rather than something you know. That'll work transparently. >> >> I don't think I understand what exactly you are suggesting. Could you >> provide an example? I can currently do the following with 'arm', and >> want to it with 'nyx' as well: >> >> me@mynotebook $ ssh foo@tornode >> foo@tornode $ sudo -u tor /usr/bin/arm >> >> I have to enter SSH keyfile password(*) and SUDO password already, and >> don't want to enter yet another password for the Tor controller. Since >> I am the only human who can SSH to my Tor nodes, having a password in >> ~/.nyx/config would be a "risk" (grin) I'm perfectly willing to take. >> >> -Ralph >> >> (*) I'm aware of ssh-agent. >> _______________________________________________ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
