-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 hi all,
As I understand, there are two steps to mitigating the Heartbled bug for Tor bridges: 1. Upgrade OpenSSL 2. rm -rf /var/lib/tor/keys/* and restart the tor procses While the bridges on Tor Cloud (and therefore Access' Global Proxy Cloud) are configured to automatically fetch updates, there is no way to complete step 2 with SSH access, correct? If so, is there any plan to deal with instances that were set up with the vulnerable version of OpenSSL, but whoever set up the instance has not or cannot regenerate the keys. - -- Peter Bourgelais Circumvention and Network Interference Technologist Access | accessnow.org | rightscon.org PGP ID: 0x1C16F6D8 Fingerprint: EC9B 18C2 EBF4 07E0 37C6 E306 6592 DE70 1C16 F6D8 Github: https://github.com/pbourgel -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTVUToAAoJEGWS3nAcFvbY15oP/31qpnsLAFZZiuvsQ19jwx6C 74drB1P8zdr8cpAvCVMpmEGRE1hDHTB4iyKQ4rttaAhJu5D5ukP+pGvL+bIL7bTC mzyww37gZE4Fh/ydyaUEQSPw6dBR0pMpKl61/DUKsvF2G/62gW8c5j/+ZXlvBYb8 5tX1ecfWF3LAuBDqrFK0EHtysZ8JfwjRz9aOBR/ZuGM9NKW2UN5iLljxsq7nKIIx YFDKEwPJKPV8t4AsaAxv1Z6ctFqAOSmFObj5Ku9Ifc8vgpSKx9yZpuAttpfaEwYT wf+PHvn1hZNzHb/UZ5ZaIBqP63w+xqTLUEmoDrO9qwSUsi2DhCPUCvKhQ7wzWsnZ 3U+GvmsV3c1JGHCroXii+B2hu04DI0fKxboyFdy+x19PvAMf4UAEIwAG+X0FO9dS pd1F8Zq5ohXItjdAm6ZxGtOL1Q9KHU29G9liYjj/N9NYq7iQLd59CNhoELHulYoO BYBUyTzVwASYIDPbcUZ63z23vCk+ymfX95JTj2J4LK0ZbmJWhe+23ZOIfXiF/v/t 5UBoSIPok336NmsNv7vGMV8O8PuqsEm6/Gv9CCETlUw+wzrSdlu3K0QhLjYagj0C Fl8uEiKzH1LzavdBsSMfDKCGQya4LbvWSnDM2DmHWra3hPG6xJMvnMPxCdqr73dv vGezCcQBb6limTdHW1xH =xqRh -----END PGP SIGNATURE----- _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev