Upload
cosasdeangel
View
216
Download
0
Embed Size (px)
Citation preview
7/29/2019 Anonymous SSH Sessions With TOR
1/9
Options For ThisHowto
Free Support
Paid Support
Navigation
Howtos
Linux
Android
CentOS
Debian
Fedora
Kernel
Mandriva
PCLinuxOS
SuSE
Ubuntu
Web Server
Apache
Cherokee
Lighttpd
nginx
Backup
Control PanelsISPConfig
DNS
BIND
MyDNS
PowerDNS
djbdns
Desktop
Anti-Spam/Virus
Postfix
FTP
High-Availability
Monitoring
MySQL
Programming
C/C++
PHP
Samba
Security
Anti-Spam/Virus
Storage
Register Login Contribute Subscribe RSS
NewsFAQForgeISPConfigSubscribeContributeForumsHowtos
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
2/9
Virtualization
KVM
OpenVZ
VMware
VirtualBox
Xen
Other
FreeBSD
CommercialMini-Howtos
Linux
Apache
Backup
DNS
Errors
FTP
MySQL
Networking
PHP
Postfix
SecuritySendmail
Shell
Other
ISPConfig
Forums
Contribute
Create Content
Subscription
Login
Site Map/RSS Feeds
User login
Username:
Password:
Remember Me?
Log in
Create a new account
Request new password
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
3/9
Who's online
There are currently 4 users
and 3202 guests online.
HowtoForgeForums
Mailman in aMultiServer setup
Ubuntu
Site: Memory and
processing
Cannot open
firewall ports
VMWARE networking
question
A supported tablet
was not found on
this system?
Migrating Serves?
email woes
smstools
problem[cant send
sms]
Cluster update
POSTFIX SASL
problem
News
Intel Commits More Mesa
Performance Optimizations
6 Invaluable Free Scheme
Books
Build & Defend has
gotten some updates!
Some tricks with htop
Could a Double Fine
Humble Bundle be
coming?
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
4/9
Portal Runs natively on
Linux
5 Links for Developers and
IT Pros 5-3-13
XBMC Media Center 12.2
Brings Numerous UPnP
Fixes
phpMyAdmin 4.0 Release
Kills Off The Tables
Android trounces Apple in
Q1 2013 tablet shipments
more
Recent comments
missing step
21 hours 33 min ago
Thanks for this wonderful
1 day 5 hours ago
addition for ispconfig
1 day 8 hours ago
Re: Re: Re: installing
Adobe Reader does not
work...
1 day 9 hours ago
Re: Re: Re: Re: i use
.htaccess to change
php_value
1 day 14 hours ago
Re: can't access
1 day 14 hours ago
Load balance servers
difference location1 day 19 hours ago
This also helped me install
LAMP and phpMyAdmin
1 day 22 hours ago
Re: Re: Re: Re:Making
linux windows like.
2 days 3 hours ago
=== INFO ===It's
Works with
2 days 10 hours ago
Newsletter
Subscribe to
HowtoForge
Newsletter
and stay informed about
our latest HOWTOs and
projects.
enter email addr
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
5/9
Submit
(To unsubscribe from
our newsletter, visit this
link.)
English | Deutsch | Site Map/RSS Feeds | Advertise
You are here: Home Howtos Linux Debian Anonymous SSH Sessions With TOR
Anonymous SSH Sessions With TOR
Want to support HowtoForge? Become a !
Submitted by vwochnik (Contact Author) (Forums) on Tue, 2009-07-14 12:21. :: Debian | Ubuntu | Security
Anonymous SSH Sessions With TOR
OpenSSHis a great means to protect your connection from being sniffed by others. However, this isn't
always enough. Simply proving that you connected to a server is enough to get incriminated. Unfortunately,
SSHdoesn't provide a native way to obfuscate to whom it connects. Instead, a proxy server can be set up.
And this is where TOR comes to play. This howto covers installing TOR on a Debian based system and setting
up SSHto use TOR.
Installing TOR
First you should to add the TOR repository to your system. It's only necessary if there's no package in the
default repositories.
Add the following line to your /etc/apt/sources.list file. You have to replace lennywith your distribution.
deb http://mirror.noreply.org/pub/tor lenny ma
To use this repository without problems, you have to add the PGP key to your system.
apt-key adv --recv-keys --keyserver subkeys.pgp.net 0x94C09C7F
Update your repositories and install TOR.
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
6/9
apt-get update && apt-get install -y tor
If you want to use TOR with OpenSSH, you have to install another program called connect-proxy.
apt-get install -y connect-proxy
Setup OpenSSH to use TOR for all connections
However, this is not recommended, but here is how it works.
Add the following block to the top of your ~/.ssh/configfile.
Host *CheckHostIP noCompression yesProtocol 2ProxyCommand connect -4 -S localhost:9050 $(to
The command line syntax won't change at all.
Set up OpenSSH to use TOR for a specific connection
I recommend using TOR only for a specific connection. All other connections won't be affected.
Add this block to your ~/.ssh/config. You have to replace mydomain with the host domain name or IP
address and myaccount with your user name.
Host mydomainHostName mydomain.comUser myaccountCheckHostIP noCompression yesProtocol 2ProxyCommand connect -4 -S localhost:9050 $(to
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
7/9
Set up OpenSSH to use TOR for a bunch of connections
Instead of setting up TOR for every single connections, you can do this for a bunch of connections at once.
Following example shows how it works.
Host anon_*CheckHostIP noCompression yes
Protocol 2ProxyCommand connect -4 -S localhost:9050 $(toHost anon_mydomainHostName mydomain.comUser myaccountHost anon_mydomain2HostName mydomain2.comUser myaccountPort 980
This way you know exactly if you're using TOR or not.
Conclusion
It is very simple to anonymize your SSHsessions if you know what you're doing. I've written this tutorial for
legal purposes only. Using this is your own risk.
Copyright 2009 Vincent
All Rights Reserved.
add comment | view as pdf| print
Related Tutorials
Ultimate Security Proxy With Tor
Please do not use the comment function to ask for help! If you need help, please use ourforum.
Comments will be published after administrator approval.
torifySubmitted by Anonymous (not registered) on Mon, 2010-12-13 20:45.
Why to complicate, when there is a toll which do exactly the same automatically? Use torify as follows:
torify ssh user@ip_address and that's it.
With this tool you can torify any application you want, wget, telnet, ftp...
reply | view as pdf
Tor caused me problems
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
8/9
Submitted byjdkullmann (registered user) on Sat, 2009-08-22 15:58.
I love the idea of Tor but beware. I had it up and running and I got a legal notice that my ISP had received from the
RIAA or HBO or someone that I was bittorrenting illegally. But, I never run bittorrent. Turns out that someone else on
the Tor network was (big surprise) and by being a Tor exit point as far as HBO was concerned it was I (or at least my
system) that was putting out the bittorrent packets.
Sadly I took down Tor in spite of the fact that I really like the notion behind it etc. I suppose I could have left it up and
not been an exit point but that did not seem like it was in the spirit of Tor
reply | view as pdf
Next stepSubmitted by Anonymous (not registered) on Wed, 2009-07-15 13:26.
The next step is to explain how to prevent incoming SSH connections from TOR proxies... If anyone is using TOR to get
to one of my boxes, then they are certainly up to no good.
reply | view as pdf
non-senseSubmitted by phocean (not registered) on Tue, 2009-07-14 15:06.
It contributes to the mess that Internet is becoming : HTTP is the new transport protocol, in place of IP. HTTP wasn't
designed for that, how many more layers will we continue to add on the top of it ? Total non-sense.
reply | view as pdf
Re: non-senseSubmitted by Palin (not registered) on Wed, 2009-07-15 11:28.
The nonsense about internet is the nonsense about firewall policies. That's the same about nonsense in the
most-adopted operating system security (or lack of it), and the nonsense of application-side workaround to the
nonsense above.
So now there's SOAP, rpc over http, but the RPC port is closed on the firewall, are you more secure now? :)
reply | view as pdf
Re: non-senseSubmitted by Silver Knight (not registered) on Wed, 2009-07-15 09:16.
phocean said: "It contributes to the mess that Internet is becoming : HTTP is the new transport protocol, in place of
IP. HTTP wasn't designed for that, how many more layers will we continue to add on the top of it ? Total
non-sense."
Are you entirely 100% absolutely certain that you really really understand how the Internet works exactly? You
might want to think about reading up on the topic a little more. TCP/IP and HTTP are not the same thing and
HTTP most certainly is not in any way replacing IP. HTTP, FTP, SSH, IRC, POP, IMAP, and a number of other
transfer protocols are used in addition to TCP/IP and are simply nothing more than agreed upon methods of
exchanging data "over the wire". NONEof these protocols are being used "in place of" IP, and I'm not exactly
understanding how your comment quite relates to the content of this howto.
On the topic of the howto itself, my thanks to the author for your efforts. While I have no need for TOR at this
particular moment, I appreciate the attempt to share useful information and have captured this howto in my notes
as some of the information in the howto is useful to me even though I have no need of the TOR part of it.
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session
9 05/05/1
7/29/2019 Anonymous SSH Sessions With TOR
9/9
reply | view as pdf
Re: Re: non-senseSubmitted by MoJo (not registered) on Wed, 2009-07-15 11:43.
I agree with Phocean.
Nowadays, a bunch of protocol are encapsulated in HTTP without valid reasons except simplicity and the fact
that firewalls often let HTTP traffic cross them.
However these protocols are not used to carry hyper text messages (what is HTTP for).
TOR is an example of this non-sense, SOAP, WSDL, are others.
reply | view as pdf
Re: Re: Re: non-senseSubmitted by Anonymous (not registered) on Fri, 2011-09-02 19:06.
Also, IP isn't a "transport". TCP, UDP and others are transport protocols, not IP which is in the Network
Layer. Why don't you go read at least a wikipedia entry on the OSI and TCP/IP network protocol stacks?
reply | view as pdf
Re: Re: Re: non-senseSubmitted by Anonymous (not registered) on Wed, 2009-07-22 13:16.
Tor uses TCP only.
reply | view as pdf
Howtos | Mini-Howtos | Forums | News | Search | Contribute |
Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint
Copyright 2013 HowtoForge - Linux Howtos and Tutorials
All Rights Reserved.
nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session