# Introduction
Dear tor-project@,
my work in February 2025 has been centered around two small but powerful
tools that I have authored during this time period.
# oniux
In the beginning of the month, I started the *oniux* project[1], which
utilizes `namespaces(7)` and onionmasq in order to securely isolate an
arbitrary application through Tor. It basically serves as a replacement
for torsocks but in a way that is less hacky and sounds more correct.
My work centered around studying the inner workings of Linux namespaces
and capabilities, writing an initial prototype and finally the real
implementation. I have also given a German-language presentation about
this at my local hackspace and can give you the slides on request.
Please read the projects README for further information about this,
including the inner workings on which I have spent a huge effort to
document those.
# TorVault
During the other half the month, I started the *TorVault* project[2],
which makes it possible to use the `OfflineMasterKey` feature for relays
in combination with a Yubikey.
It provides a guide on how to generate and import a long-term Ed25519
identity key onto a Yubikey (recommended) or on how to generate a
long-term Ed25519 identity key on the Yubikey itself.
The program itself then provides an interactive dialogue that prompts
the user for the relevant information (device name, expiration date,
paths, ...). In the end, the program generates and exports the relevant
keys and certificate(s) which are then ready to be deployed into the
relays `keys/` folder.
I have announced the project onto the tor-relays@ mailing list and I am
already using it in production for my own relay.
Right now, I have plans to port this tool into Rust in order to
eventually integrate it into Arti. Unfortunately, the Rust ecosystem is
– at the moment – not far enough to support this, because Curve25519
support in Yubikeys is a rather new feature not supported by the most
popular Rust Yubikey crate. This is also an area I am working on at the
moment.
Thank You,
Clara
···
---
[1]: Clara Engler / oniux · GitLab
[2]: The Tor Project / Core / TorVault · GitLab
_______________________________________________
tor-project mailing list -- tor-project@lists.torproject.org
To unsubscribe send an email to tor-project-leave@lists.torproject.org