SSH Over Tor To Remote Debian Box
SSH Over Tor To Remote Debian Box
SSH Over Tor To Remote Debian Box
https://skytal.es/docs/tips/ssh_over_tor_to_remote...
comment might be user@remotebox. Also you'd better use a password to keep safe you private key. After that, two
files should be created in ~/.ssh/ . An id_rsa and an id_rsa.pub. You can rename them as you like. Make sure
id_rsa(the private key) is readable only by your user.
where you put the codename of your distribution (i.e. squeeze, wheezy, sid ) in place of <DISTRIBUTION>.
#gpg --keyserver keys.gnupg.net --recv 886DDD89
#gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add #apt-get update
#apt-get install deb.torproject.org-keyring
#apt-get install tor
Install connect-proxy
#apt-get install connect-proxy
1 of 3
12/03/2015 05:25 AM
https://skytal.es/docs/tips/ssh_over_tor_to_remote...
alias is just a shortcut name or alias you can use with the ssh command.
verify correct permissions are set to .ssh directory and key file.
2 of 3
12/03/2015 05:25 AM
https://skytal.es/docs/tips/ssh_over_tor_to_remote...
In the first statement we just set the directory under which all the necessary files of the hidden service will reside.
With the second statement we first configure the virtual port our hidden service will listen, in the example it's 22 and
secondly we declare the real socket the application listens to. In the example the ssh in our remote box listens to
0.0.0.0:22.
We can examine the applications and their listening ports by giving
#nestat -ntpl
If we want our remote box have ssh only as hidden service, then we might change /etc/ssh/sshd_config to listen to
localhost and then /etc/tor/torrc .
HiddenServicePort 22 127.0.0.1:22
So at last, you can modify your ~/.ssh/config and use that onion address to ssh to your box. Also mind the change in
ProxyCommand.
Host alias
Hostname someaddress.onion
IdentitiesOnly yes
IdentityFile ~/.ssh/id_rsa
Port PortNumber
CheckHostIP no
Compression yes
Protocol 2
ProxyCommand connect -4 -R remote -S 127.0.0.1:9050 %h %p
ServerAliveInterval 60
3 of 3
12/03/2015 05:25 AM