Anonymous SSH Sessions With TOR

7/29/2019 Anonymous SSH Sessions With TOR

1/9

Options For ThisHowto

Free Support

Paid Support

Navigation

Howtos

Linux

Android

CentOS

Debian

Fedora

Kernel

Mandriva

PCLinuxOS

SuSE

Ubuntu

Web Server

Apache

Cherokee

Lighttpd

nginx

Backup

Control PanelsISPConfig

DNS

BIND

MyDNS

PowerDNS

djbdns

Desktop

Email

Anti-Spam/Virus

Postfix

FTP

High-Availability

Monitoring

MySQL

Programming

C/C++

PHP

Samba

Security

Anti-Spam/Virus

Storage

Register Login Contribute Subscribe RSS

NewsFAQForgeISPConfigSubscribeContributeForumsHowtos

nymous SSH Sessions With TOR | HowtoForge - Lin... http://www.howtoforge.com/anonymous-ssh-session

9 05/05/1


2/9

Virtualization

KVM

OpenVZ

VMware

VirtualBox

Xen

Other

FreeBSD

CommercialMini-Howtos

Linux

Apache

Backup

DNS

Errors

FTP

MySQL

Networking

PHP

Postfix

SecuritySendmail

Shell

Other

ISPConfig

Forums

Contribute

Create Content

Subscription

Login

Site Map/RSS Feeds

User login

Username:

Password:

Remember Me?

Log in

Create a new account

Request new password

Facebook


9 05/05/1


3/9

Who's online

There are currently 4 users

and 3202 guests online.

HowtoForgeForums

Mailman in aMultiServer setup

Ubuntu

Site: Memory and

processing

Cannot open

firewall ports

VMWARE networking

question

A supported tablet

was not found on

this system?

Migrating Serves?

email woes

smstools

problem[cant send

sms]

Cluster update

POSTFIX SASL

problem

News

Intel Commits More Mesa

Performance Optimizations

6 Invaluable Free Scheme

Books

Build & Defend has

gotten some updates!

Some tricks with htop

Could a Double Fine

Humble Bundle be

coming?


9 05/05/1


4/9

Portal Runs natively on

Linux

5 Links for Developers and

IT Pros 5-3-13

XBMC Media Center 12.2

Brings Numerous UPnP

Fixes

phpMyAdmin 4.0 Release

Kills Off The Tables

Android trounces Apple in

Q1 2013 tablet shipments

more

Recent comments

missing step

21 hours 33 min ago

Thanks for this wonderful

1 day 5 hours ago

addition for ispconfig

1 day 8 hours ago

Re: Re: Re: installing

Adobe Reader does not

work...

1 day 9 hours ago

Re: Re: Re: Re: i use

.htaccess to change

php_value

1 day 14 hours ago

Re: can't access

1 day 14 hours ago

Load balance servers

difference location1 day 19 hours ago

This also helped me install

LAMP and phpMyAdmin

1 day 22 hours ago

Re: Re: Re: Re:Making

linux windows like.

2 days 3 hours ago

=== INFO ===It's

Works with

2 days 10 hours ago

Newsletter

Subscribe to

HowtoForge

Newsletter

and stay informed about

our latest HOWTOs and

projects.

enter email addr


9 05/05/1


5/9

Submit

(To unsubscribe from

our newsletter, visit this

link.)

English | Deutsch | Site Map/RSS Feeds | Advertise

You are here: Home Howtos Linux Debian Anonymous SSH Sessions With TOR

Anonymous SSH Sessions With TOR

Want to support HowtoForge? Become a !

Submitted by vwochnik (Contact Author) (Forums) on Tue, 2009-07-14 12:21. :: Debian | Ubuntu | Security

Anonymous SSH Sessions With TOR

OpenSSHis a great means to protect your connection from being sniffed by others. However, this isn't

always enough. Simply proving that you connected to a server is enough to get incriminated. Unfortunately,

SSHdoesn't provide a native way to obfuscate to whom it connects. Instead, a proxy server can be set up.

And this is where TOR comes to play. This howto covers installing TOR on a Debian based system and setting

up SSHto use TOR.

Installing TOR

First you should to add the TOR repository to your system. It's only necessary if there's no package in the

default repositories.

Add the following line to your /etc/apt/sources.list file. You have to replace lennywith your distribution.

deb http://mirror.noreply.org/pub/tor lenny ma

To use this repository without problems, you have to add the PGP key to your system.

apt-key adv --recv-keys --keyserver subkeys.pgp.net 0x94C09C7F

Update your repositories and install TOR.


9 05/05/1


6/9

apt-get update && apt-get install -y tor

If you want to use TOR with OpenSSH, you have to install another program called connect-proxy.

apt-get install -y connect-proxy

Setup OpenSSH to use TOR for all connections

However, this is not recommended, but here is how it works.

Add the following block to the top of your ~/.ssh/configfile.

Host *CheckHostIP noCompression yesProtocol 2ProxyCommand connect -4 -S localhost:9050 $(to

The command line syntax won't change at all.

Set up OpenSSH to use TOR for a specific connection

I recommend using TOR only for a specific connection. All other connections won't be affected.

Add this block to your ~/.ssh/config. You have to replace mydomain with the host domain name or IP

address and myaccount with your user name.

Host mydomainHostName mydomain.comUser myaccountCheckHostIP noCompression yesProtocol 2ProxyCommand connect -4 -S localhost:9050 $(to


9 05/05/1


7/9

Set up OpenSSH to use TOR for a bunch of connections

Instead of setting up TOR for every single connections, you can do this for a bunch of connections at once.

Following example shows how it works.

Host anon_*CheckHostIP noCompression yes

Protocol 2ProxyCommand connect -4 -S localhost:9050 $(toHost anon_mydomainHostName mydomain.comUser myaccountHost anon_mydomain2HostName mydomain2.comUser myaccountPort 980

This way you know exactly if you're using TOR or not.

Conclusion

It is very simple to anonymize your SSHsessions if you know what you're doing. I've written this tutorial for

legal purposes only. Using this is your own risk.

Copyright 2009 Vincent

All Rights Reserved.

add comment | view as pdf| print

Related Tutorials

Ultimate Security Proxy With Tor

Please do not use the comment function to ask for help! If you need help, please use ourforum.

Comments will be published after administrator approval.

torifySubmitted by Anonymous (not registered) on Mon, 2010-12-13 20:45.

Why to complicate, when there is a toll which do exactly the same automatically? Use torify as follows:

torify ssh user@ip_address and that's it.

With this tool you can torify any application you want, wget, telnet, ftp...

reply | view as pdf

Tor caused me problems


9 05/05/1


8/9

Submitted byjdkullmann (registered user) on Sat, 2009-08-22 15:58.

I love the idea of Tor but beware. I had it up and running and I got a legal notice that my ISP had received from the

RIAA or HBO or someone that I was bittorrenting illegally. But, I never run bittorrent. Turns out that someone else on

the Tor network was (big surprise) and by being a Tor exit point as far as HBO was concerned it was I (or at least my

system) that was putting out the bittorrent packets.

Sadly I took down Tor in spite of the fact that I really like the notion behind it etc. I suppose I could have left it up and

not been an exit point but that did not seem like it was in the spirit of Tor

reply | view as pdf

Next stepSubmitted by Anonymous (not registered) on Wed, 2009-07-15 13:26.

The next step is to explain how to prevent incoming SSH connections from TOR proxies... If anyone is using TOR to get

to one of my boxes, then they are certainly up to no good.

reply | view as pdf

non-senseSubmitted by phocean (not registered) on Tue, 2009-07-14 15:06.

It contributes to the mess that Internet is becoming : HTTP is the new transport protocol, in place of IP. HTTP wasn't

designed for that, how many more layers will we continue to add on the top of it ? Total non-sense.

reply | view as pdf

Re: non-senseSubmitted by Palin (not registered) on Wed, 2009-07-15 11:28.

The nonsense about internet is the nonsense about firewall policies. That's the same about nonsense in the

most-adopted operating system security (or lack of it), and the nonsense of application-side workaround to the

nonsense above.

So now there's SOAP, rpc over http, but the RPC port is closed on the firewall, are you more secure now? :)

reply | view as pdf

Re: non-senseSubmitted by Silver Knight (not registered) on Wed, 2009-07-15 09:16.

phocean said: "It contributes to the mess that Internet is becoming : HTTP is the new transport protocol, in place of

IP. HTTP wasn't designed for that, how many more layers will we continue to add on the top of it ? Total

non-sense."

Are you entirely 100% absolutely certain that you really really understand how the Internet works exactly? You

might want to think about reading up on the topic a little more. TCP/IP and HTTP are not the same thing and

HTTP most certainly is not in any way replacing IP. HTTP, FTP, SSH, IRC, POP, IMAP, and a number of other

transfer protocols are used in addition to TCP/IP and are simply nothing more than agreed upon methods of

exchanging data "over the wire". NONEof these protocols are being used "in place of" IP, and I'm not exactly

understanding how your comment quite relates to the content of this howto.

On the topic of the howto itself, my thanks to the author for your efforts. While I have no need for TOR at this

particular moment, I appreciate the attempt to share useful information and have captured this howto in my notes

as some of the information in the howto is useful to me even though I have no need of the TOR part of it.


9 05/05/1


9/9

reply | view as pdf

Re: Re: non-senseSubmitted by MoJo (not registered) on Wed, 2009-07-15 11:43.

I agree with Phocean.

Nowadays, a bunch of protocol are encapsulated in HTTP without valid reasons except simplicity and the fact

that firewalls often let HTTP traffic cross them.

However these protocols are not used to carry hyper text messages (what is HTTP for).

TOR is an example of this non-sense, SOAP, WSDL, are others.

reply | view as pdf

Re: Re: Re: non-senseSubmitted by Anonymous (not registered) on Fri, 2011-09-02 19:06.

Also, IP isn't a "transport". TCP, UDP and others are transport protocols, not IP which is in the Network

Layer. Why don't you go read at least a wikipedia entry on the OSI and TCP/IP network protocol stacks?

reply | view as pdf

Re: Re: Re: non-senseSubmitted by Anonymous (not registered) on Wed, 2009-07-22 13:16.

Tor uses TCP only.

reply | view as pdf

Howtos | Mini-Howtos | Forums | News | Search | Contribute |

Site Map/RSS Feeds | Advertise | Contact | Disclaimer | Imprint

Copyright 2013 HowtoForge - Linux Howtos and Tutorials

All Rights Reserved.


Documents

Anonymous SSH Sessions With TOR