Anondate
From Whonix
anondate-get[edit]
Diagnostic utility. anondate-get. A "higher level" easier to use tool than the "lower level" anondate.
Usage of anondate-get should be safe. It does not use networking. It does not change time. Only looks at locally available information.
sudo anondate-get
Sample output.
/usr/sbin/anondate-get: INFO: 100% Tor bootstrap, ok. /usr/sbin/anondate-get: INFO: tor_circuit_established_check.py, ok. /usr/sbin/anondate-get: INFO: Tor circuit already established, ok. /usr/sbin/anondate-get: INFO: current time in valid in range, ok. /usr/sbin/anondate-get: INFO: Tor certificate lifetime valid, ok. /usr/sbin/anondate-get: END: Exiting with exit_code '3' indicating 'Could not determine any time using Tor from consensus or certificate life time.'.
anondate-set[edit]
Security impact has yet to be documented.
anondate-set.
sudo anondate-set
/usr/sbin/anondate-set: INFO: Status file '/run/anondate/tor_certificate_lifetime_set' does not yet exist. /usr/sbin/anondate-set: INFO: running anondate-get... /usr/sbin/anondate-get: INFO: 100% Tor bootstrap, ok. /usr/sbin/anondate-get: INFO: tor_circuit_established_check.py, ok. /usr/sbin/anondate-get: INFO: Tor circuit already established, ok. /usr/sbin/anondate-get: INFO: current time in valid in range, ok. /usr/sbin/anondate-get: INFO: Tor certificate lifetime valid, ok. /usr/sbin/anondate-get: END: Exiting with exit_code '3' indicating 'Could not determine any time using Tor from consensus or certificate life time.'. /usr/sbin/anondate-set: END: Exiting with exit_code '3' indicating 'Setting time using anondate either not possible or not required.'.
anondate[edit]
Introduction[edit]
- TODO: documentation on anondate is outdated
- anondate interface description as per latest git master:
- https://github.com/Whonix/helper-scripts/blob/master/usr/sbin/anondate [archive]
- See also: #Tor Consensus Method
- Needs access to either:
/var/run/tor/log[only default in Whonix ™ specific] [Tor Project Upstream Feature Request: additional /var/run/tor/log default log [archive]] This is better, because it only contains Tor's log since last boot. More relevant information. Easier for anondate to parse.- Or access to
/var/log/tor/log. Configurable through the environment variableTOR_LOG. (export TOR_LOG=/var/log/tor/log) (Or we can change the default in the code.)
Consensus Related Options[edit]
--verified-only--prefer-verified--unverified-only
Special Exit Codes[edit]
- exit
3:$TOR_LOGnot readable. - exit
4:$consensusnot readable.
Simple Status Checking[edit]
anondate --has-consensus[edit]
Useful for checking if asking for any #Date Ranges Output is worthwhile.
- yes:
- exit
0
- exit
- no:
- exit
1
- exit
Can be replaced by Tor ControlPort / python-stem?
- verified-only: Yes. (
consensus/valid-after) - unverified: No.
anondate --current-time-in-valid-range[edit]
Useful for a sanity test before setting the time for the first time and before setting the time to a newly fetched timestamp.
- yes:
- exit
0
- exit
- no:
- exit
1
- exit
Can be replaced by Tor ControlPort / python-stem?
- verified-only: Yes. (See below.)
- unverified: No. Tor Project Upstream Feature Request: make unverified consensus ISOTime accessible through Tor's ControlPort [archive]
Date Ranges Output[edit]
anondate --show-valid-after[edit]
- yes:
- output:
2015-08-15 22:00:00 - exit
0
- output:
- no:
- exit
1
- exit
Can be replaced by Tor ControlPort / python-stem?
- verified-only: Yes.
consensus/valid-after - unverified: No. Tor Project Upstream Feature Request: make unverified consensus ISOTime accessible through Tor's ControlPort [archive]
anondate --show-valid-until[edit]
- yes:
- output:
2015-08-16 01:00:00 - exit
0
- output:
- no:
- exit
1
- exit
Can be replaced by Tor ControlPort / python-stem?
- verified-only: Yes.
consensus/valid-until - unverified: No. Tor Project Upstream Feature Request: make unverified consensus ISOTime accessible through Tor's ControlPort [archive]
anondate --show-middle-range[edit]
- yes:
- output:
2015-08-15 23:30:00 - exit
0
- output:
- no:
- exit
1
- exit
(A scripted calculation of the above.)
Certificate Validity[edit]
When clock is several months or years fast or slow, Tor cannot even download Tor consensus. Tor however always should be providing a certificate lifetime. For security discussion, see also Tor Certificate Lifetime.
anondate --tor-cert-lifetime-valid[edit]
Sep 03 10:32:59.000 [warn] Certificate already expired. Either their clock is set wrong, or your clock is wrong. Sep 03 10:32:59.000 [warn] (certificate lifetime runs from Aug 16 00:00:00 2014 GMT through Jul 29 23:59:59 2015 GMT. Your time is Sep 03 10:32:59 2015 UTC.)
- yes:
- output:
Sep 03 10:34:00.000 [warn] Certificate already expired. Either their clock is set wrong, or your clock is wrong. - exit
0
- output:
- no:
- exit
1
- exit
Can be replaced by Tor ControlPort / python-stem? No. Tor Project Upstream Feature Request: make certificate lifetime accessible through Tor's ControlPort [archive]
anondate --tor-cert-valid-after[edit]
Similar to above, but less output.
- output:
Jun 16 00:00:00 2014 GMT - Exit codes unreliable.
- Don't use without using the above first.
- (Could be fixed in the code if worthwhile.)
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
Please consider a recurring donation! 
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.