[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tor-talk] Tor over SSH (torsocks) (?)
perhaps use "stealth" authenticated tor hidden service for your ssh to
mitigate the ssh 0-day(s); obviously this is not just a tin foil hat
On Mon, Feb 16, 2015 at 10:56 PM, Dave Warren <email@example.com> wrote:
> On 2015-02-16 03:30, firstname.lastname@example.org wrote:
>> On 2015-02-16 02:31, Dave Warren wrote:
>>> On 2015-02-15 16:35, Mirimir wrote:
>>>> On 02/15/2015 02:22 PM, email@example.com wrote:
>>>>> I want to login to my VPS over SSH.
>>>>> Is torsocks still a safe way to do this? A lot of the documentation
>>>>> (such as it is) is several years old.
>>>> I prefer to run an SSH hidden service on the VPS.
>>> I'd tend to agree; if you control the endpoint, set it up as a hidden
>>> service rather than having Tor exit node involved at all.
>>> While running hidden services alongside non-hidden services introduces
>>> some risks, most of these are less significant when connecting to SSH
>>> on a server that you control.
>> I don't think I phrased my question very well. I'm not running a hidden
>> server. I'm just logging in to a shared VPS to ftp. etc, rather than logging
>> in to a control panel over HTTPS.
>> I just want a simple way to do "ssh IP port" but with Tor.
> Understood. But the suggestion is that you SHOULD run a hidden server to
> listen for SSH connections over Tor as this will be far more reliable and
> secure than having to rely on an exit node.
> The rest of the server doesn't need to be a hidden server, and SSH can still
> listen as both a Tor hidden server and a regular public server, but by
> making it a hidden server within Tor, you remove one of the major risk
> factors of using Tor: The exit node.
> Dave Warren
> tor-talk mailing list - firstname.lastname@example.org
> To unsubscribe or change other settings go to
tor-talk mailing list - email@example.com
To unsubscribe or change other settings go to