On Saturday, 5 October 2024 00:40 George Hartley via tor-relays wrote:
> You should default to full disk / partition encryption.
Apart from that FDE is _not_ recommended, especially for Tor exits.
What is the point of a 24/7/365 running cloud or KVM server that the admins
can copy at any time?
I
Try to use mtr to that specific DirAuth, and see where you are being nullrouted.
Then contact that ASN (would be better if your provider did this in your name)
and ask why your origin is excluded / not routed-through.
They don't have to be "bad guys" or "Tor-unfriendly", it's most likely just a
No problem.
You should default to full disk / partition encryption.
The ArchLinux Wiki has (as usual) a great article on this:
https://wiki.archlinux.org/title/Dm-crypt/Device_encryption#Encrypting_devices_with_cryptsetup
Also make sure to not use the standard hash library (SHA256) but SHA512