42

I have a working installation of Tor. I am able to both access hidden services and proxy my clear-net traffic through Tor. My main source of traffic so far has been HTTP.

I would like to know how I can use Tor to access remote computers through the use of SSH. I would like answers for the major operating systems: Windows, Linux/Unix, Mac OS X.

Further, can programs such as rsync be made to use the Tor network?

weasel - Peter Palfrader
  • 5,158
  • 1
  • 24
  • 39
Manas B
  • 565
  • 1
  • 4
  • 7

5 Answers5

28

For SSH you can do something like the following:

ssh -o ProxyCommand='nc -x localhost:$orport %h %p' example.com

Options can also be configured in your ~/.ssh/config (or /etc/ssh/ssh_config, or the equivalent on your OS) file:

Host example
    Hostname example.com
    ProxyCommand /usr/bin/nc -x localhost:$orport %h %p

Rsync can then use ssh as its remote shell and it will pick up the previous config:

rsync -e ssh example:path/to/files /dest

or, by directly passing arguments to the remote shell:

rsync -e "ssh -o ProxyCommand='nc -x localhost:$orport %h %p'" example.com /dest

Finally, you can use the RSYNC_CONNECT_PROG environment variable to set up all future RSYNC invocations to use Tor (without having to manually specify it each time):

export RSYNC_CONNECT_PROG='ssh proxyhost nc -x localhost:$orport %h %p'
rsync example.com:/src /dest

Replace $orport with the port you've got Tor's SOCKS proxy listening on.

13

If you are using PuTTY you can configure it to use the Tor client as a SOCKS proxy directly. In Configuration > Connection > Proxy select SOCKS 5, enter localhost and the port Tor client is listening on. The Tor Browser Bundle listens on port 9150 by default. Keep in mind that functional SOCK proxy is available only after starting the Tor client (or Tor Browser) and connecting it to the Tor network.

The picture shows how the setting looks like in PuTTY 0.67.

SOCK proxy setting in PuTTY

Note that one of the really cool things about PuTTY is that it's cross-platform, so this technique should work on both Linux and Windows. Use sudo apt install putty to install PuTTY in Ubuntu, for instance.

pabouk - Ukraine stay strong
  • 1,851
  • 1
  • 16
  • 44
8

Using one of the anonymity (Tor) focused operating systems, such as Tails, QubesOS TorVM, Liberte Linux or Whonix is another option.

(Full disclosure: I am a maintainer of Whonix.)

adrelanos
  • 2,847
  • 2
  • 20
  • 35
7

Read this article if you are interested: Pietro Abate homepage: hidden ssh service via tor / 16 October 2010

You can use proxifier called torsocks:

# torsocks ssh user@host

Torsocks allows you to use most SOCKS-friendly applications in a safe way with Tor. It ensures that DNS requests are handled safely and explicitly rejects UDP traffic from the application you're using.

perpetuity
  • 563
  • 4
  • 13
6

My config for all connections looks like:

nano /etc/ssh/sshd_config

Host *
CheckHostIP no
Compression yes
Protocol 2
ProxyCommand connect -4 -S localhost:9050 $(tor-resolve %h localhost:9050) %p

And for some domains it can looks like:

Host mydomain
HostName mydomain.com
User myaccount
CheckHostIP no
Compression yes
Protocol 2
ProxyCommand connect -4 -S localhost:9050 $(tor-resolve %h localhost:9050) %p