Hi tor-relays@,
I am Clara and work for The Tor Project, Inc. as part of the network team.
As some of you may know, Tor supports a feature called "OfflineMasterKey"[1],
which allows you to store the long-term Ed25519 identity key of a relay
on a cold device, from which you will generate from time to time a
medium-term signing key alongside a certificate signed by the identity
key.
While moving my server and re-installing my relay, I thought about using
this feature, the recommended approach of using an offline computer
seemed rather burdensome to me though.
This made me think about how we could solve that issue by storing the
Ed25519 identity key on a Yubikey and let it sign the relevant
certificates.
After a week, I came up with a tool called: TorVault[2]. It allows you
to use the PIV module on your Yubikey for storing the identity key and
signing medium-term certificates. The application itself handles the
generation and signing of the medium-term key.
The usage of the program is interactive and as follows:
$ go build -o torvault cmd/torvault/*.go
$ ./torvault
1. Yubico YubiKey OTP+FIDO+CCID
choose a smart card: 1
choose a slot [9c]:
choose an expiration date [2025-05-24]:
choose a path for the identity public key [ed25519_master_id_public_key]:
choose a path for the signing secret key [ed25519_signing_secret_key]:
choose a path for the signing cert [ed25519_signing_cert]:
================================
smart card: Yubico YubiKey OTP+FIDO+CCID 31892185
slot: 0x9c
public key: EVLS6NL8wastoApvJUPDzYxJ7FAdOx22RFpqtlzFGpA
expiration date: Sat, 24 May 2025 00:00:00 UTC (1748044800)
identity public key path: ed25519_master_id_public_key
signing secret key path: ed25519_signing_secret_key
signing cert path: ed25519_signing_cert
================================
is this correct? (y/n): y
enter PIN:
success! ๐ง
$ systemctl stop tor
$ cp ed25519_* /path/to/your/relay/keys
$ systemctl start tor
In theory, one Yubikey can store up to 17 relay identity keys, before
reaching its limit. Unfortunately, Ed25519 support is rather new in
Yubikeys, so you will probably need a newer one (I developed it with
firmware 5.7).
Another thing you have to keep in mind is, that it is *not possible* to
move an existing Ed25519 identity key to a Yubikey. This is a
historical limitation of the way on how ctor stores Ed25519 keys. This
means, you can only secure new relays with this feature, but not
existing ones.
Please also keep in mind that this feature requires you to keep an eye
on the expiry date, as an expired certificate will render the relay to
be unusable, which will in the long run result in its loss of the guard
and other flags.
I am also already using this in production for my own relay.
Feedback is gladly welcome.
Thank You
Clara
[1]: OfflineKeys ยท Wiki ยท Legacy / Trac ยท GitLab
[2]: Clara Engler / TorVault ยท GitLab
ยทยทยท
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org