Re: [Tails-dev] feature request

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: James
CC: Garrett Robinson, Trevor Timm, The Tails public development discussion list
Betreff: Re: [Tails-dev] feature request
Hi James,

James wrote (18 Feb 2014 22:39:55 GMT) :
>> 1) The ability to make the Torrc file persistent.
> The reason we would like a persistent torrc file is for authenticated
> hidden services. Authenticated Tor Hidden Services (ATHS) requires a
> `HidServAuth random_value.onion random_value` line added to the torrc
> file. Currently with Tails the torrc file is not a persistent option so
> each time the journalist boots their tails (w/ persistent storage) they
> need to a) set a root password b) re-add the ATHS config to the torrc
> file c) service tor reload


> We would like a way for the Authenticated Tor Hidden Service configs to
> be persistent across reboots.
> https://github.com/freedomofpress/securedrop/issues/282


No doubt this is a usecase I'd like us to support better.

We could somehow mitigate the problems caused by a persistent torrc if
we had a /etc/tor/torrc.d/ mechanism [1] so that people can add to the
configuration or override it, without ignoring our future updates of
torrc (that is, without being pretty sure to get a broken Tails system
as a result within a year, I would say).

[1] https://trac.torproject.org/projects/tor/ticket/1922

Once tor supports this, making this directory persistent is a matter
of adding a line to the persistence configuration file. So, the great
news is you could basically get this feature without modifying Tails
at all :)

However, I'm not sure we would want to advertize such a feature to the
point that it is readily available in the persistence assistant.
I'm afraid it would communicate a strong "feel free to fiddle with the
tor configuration" message, and I'd rather not walk that road. What do
others think?

Regardless of what answer we provide to this second question,
I suspect that your best bet could be to first resolve the
aforementioned Tor ticket.

>> 2) The ability to easily log into a persistent storage on USB if you
>> boot Tails using a DVD/CD
> The problem we faced is if you boot tails off a dvd you can't use the
> gui (applications/tails/configure persistent storage) to create a
> persistent volume on usb stick. You get "Tails is running from non-USB /
> non-SDIO device /org/UDisks/devices/sr0"


Yes. I'm aware of the current state of things, and I still want to
read a user story :)

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc