[warn] http status 400 (“Fingerprint is marked rejected”) response from dirserver – Please correct.

This error has been flooding my tor log probably since April, but I only picked it up now after reading about how few relays there are listed in the directory prompted me to check that mine was working.

The standard fix for this is prevalent already: you need to delete your old keys (because they were created with a vulnerable version of OpenSSL). However, I fell into an elementary trap by doing this:

$ sudo rm -f /var/lib/tor/keys/secret*

That reported no errors… because the -f causes rm to “ignore nonexistent files and arguments”, and since stuff under /var/lib/tor/keys/ is private property of debian-tor, Bash has cannot expand secret* to what is actually there.

I thought my old keys were now gone, but when I restarted tor it kept nagging about the fingerprint. Kept me confused for a while.

So you have to have an actual root prompt for deleting those old keys with a wildcard:

$ sudo -i
# service tor stop
* Stopping tor daemon...
* ...
* ...                                                                                    [ OK ] 
# rm -f /var/lib/tor/keys/*
# service tor start
# exit

Image may be NSFW.
Clik here to view.

Like this post? Tip me with bitcoin!

1KshvxmpDs2FjQ7ESE7fgT3G27J34p3q4g

If you enjoyed reading this post, please consider tipping me using Bitcoin. Each post gets its own unique Bitcoin address so by tipping you're not only making my continued efforts possible but telling me what you liked.