This work is licensed under a Creative Commons Attribution-Share Alike 2.0 France License.
We live in a nat-ed / firewall-ed world. Almost all DSL providers don't give public IPs and when the do, they are often behind a draconian firewall. In this context having an emergency remote shell, despite not fast and not public is very handy. A simple way to solve this problem it to create a hidden server on the tor network and the access the shell from anywhere in the world without caring of change of IPs, routing, dns or anything else.
On debian you can just install tor from the official repository. Since Tor is not available in ubuntu (but it is available on debian), we need to get it directly from the tor website. There is a nice write-up on the ubuntu site : https://help.ubuntu.com/community/Tor . And these are the details on the tor website.
So we add this to apt.sources
and the we aptitude install tor .The package will install and run by default the tor daemon. Next step is to edit /etc/tor/torrc to add the proxy server.
Remember also to install the openssh-server server if you don't have it already. And this is it. In the directory /var/lib/tor/ssh/ you will find a file with the hostname on the TOR ring that you have to use to connect to you new hidden server.
On the client side we need to aptitude install connect-proxy. It's a simple tool to tunnel ssh through a socks5 connection. Now you are ready to test. In your ~/.ssh/config you can simply add something like
and then ssh-way youronionhost.onion server . The connection will be veeeeery slow since you are going through different layers of encryption and indirection. You should also check the hostid of your server before connecting and dropping in a pub-key as you should never trust your friendly TOR providers (US govt, Chinese gvt, Iranian govt, etc ...).
For emergency is actually pretty handy. For anything else if will make you die of boredom ...
Comments
I thought Tor was available from Debian
If Tor isn't available from Debian, what is the package mentioned at http://packages.qa.debian.org/t/tor.html ?
I'm not sure to understand ...
Tor is in Debian for years. http://packages.debian.org/squeeze/tor http://packages.qa.debian.org/t/tor.html
Bye, Carl Chenet
Tor is available in Debian/Ubuntu
Since Tor is not available in debian, we need to get it directly from the tor website. There is a nice write-up on the ubuntu site : https://help.ubuntu.com/community/Tor . And these are the details on the tor website.
This is wrong. Tor is available in Debian, and by extension, Ubuntu (unless you're talking about a different version). It's available for all Debian distributions: stable, testing, unstable, and even experimental. See the tor package entry at packages.debian.org
A simple apt-cache search will also turn up the relevant info:
$apt-cache search '^tor$'tor - anonymizing overlay network for TCP
(No subject)
> Since Tor is not available
> Since Tor is not available in debian Since when isn't tor available in Debian?
Greetings, Frank
Tor not in Debian?
http://packages.qa.debian.org/t/tor.html
> Since Tor is not available
> Since Tor is not available in debian http://packages.debian.org/search?keywords=tor
Tor is available in Debian
Tor is available in Debian for years:
http://packages.qa.debian.org/t/tor.html
haha I love how when you post
haha I love how when you post something incorrect about 50 people come out the woodwork and fall over themselves in their haste to put you right in the most patronizing way possible
"It seems I've assumed that
"It seems I've assumed that since TOR was not available on ubuntu, this was the same on debian."
Isn't tor available on ubuntu if you enable the universe (ie debian) repositories?
I am fairly certain Tor is
I am fairly certain Tor is available in Debian; here's the package info page: http://packages.qa.debian.org/t/tor.html
Great tutorial, but I can't
Great tutorial, but I can't seem to get it to work properly.
I only get the error message: "ssh: Could not resolve hostname dsadasda55.onion:22: Name or service not known" What worries me is that I get that response really fast so it doesn't seem very likely that my ssh client checks the TOR darknet at all. Any idea what this could depend on?
It seems that ssh is not able
It seems that ssh is not able to tunnel the connection through tor. Check if the tor server is running, you can enable debug to check if it responds, and check if the proxy command (connect) is really used by ssh to connect...
On debian the sock5 proxy 'connect' is in the package connect-proxy . ssh -v gives you also a lot of useful information...
just a wild guess.
tor is available on ubuntu.
tor is available on ubuntu. Just need to add the repository.