Thank you for clearing this up for me.

-Michael

> On 4 Oct 2021, at 11:49, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Hello Michael,
> 
> thanks for your reply.
> 
> To quote from Tor's manpage (see https://2019.www.torproject.org/docs/tor-manual.html.en#HardwareAccel
> for an online version of it):
> 
>>       HardwareAccel 0|1
>>           If non-zero, try to use built-in (static) crypto hardware
>>           acceleration when available. Can not be changed while tor is
>>           running. (Default: 0)
> 
> Even if it is available, Tor does not use hardware crypto acceleration by default. While I consider
> this a reasonable default for Tor users not trusting their hardware, we agreed on doing so a while
> ago (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=13eab1060d0474ddf413386de0361e32113f8cb7).
> 
> Therefore, this needs to be enabled explicitly, which is what this patch is good for. :-)
> 
> I hope to have your question answered.
> 
> Thanks, and best regards,
> Peter Müller
> 
> 
>> Hello,
>> Can you elaborate a little bit more on this?
>> Tor is using OpenSSL which by default should use RDRAND, AES-NI (if applicable) and so on.
>> What does this option change?
>> -Michael
>>> On 25 Sep 2021, at 08:08, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> 
>>> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
>>> ---
>>> html/cgi-bin/tor.cgi | 1 +
>>> 1 file changed, 1 insertion(+)
>>> 
>>> diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi
>>> index ce579aec1..2b0d93336 100644
>>> --- a/html/cgi-bin/tor.cgi
>>> +++ b/html/cgi-bin/tor.cgi
>>> @@ -731,6 +731,7 @@ sub BuildConfiguration() {
>>> 
>>> 	# Global settings.
>>> 	print FILE "Sandbox 1\n";
>>> +	print FILE "HardwareAccel 1\n";
>>> 	print FILE "ControlPort $TOR_CONTROL_PORT\n";
>>> 
>>> 	if ($settings{'TOR_ENABLED'} eq 'on') {
>>> -- 
>>> 2.26.2