Tutorial: SSH over Tor


3 years ago
Step 1

To make an SSH conection over Tor you'll need a small program called 'connect.c'
It is available in many Linux distros in the pakage named 'connect-proxy' or 'connect'
Or you can build it from source: https://bitbucket.org/gotoh/connect/
Microsoft Windows version is also avilable.


apt-get install connect-proxy



Step 2

To run SSH over Tor, run the following command. Substitute your username for andries and the IP address you wish to connect for 1.2.3.4 .


ssh -l andries@1.2.3.4 -o ProxyCommand="/usr/bin/connect -4 -S localhost:9050 %h %p"


"-o" passes the following argument as option in the format used in the configuration file. In this case, it passes the option ProxyCommand with the value of "/usr/bin/connect -4 -S localhost:9050 %h %p". Port 9050 is the default portnumber for tor. /usr/bin/connect is a full path to 'connect' executable.

The "-4" option tells connect to use SOCKS protocol 4.
The "-S" option specifies the hostname and port number of the SOCKS server to relay.


Note:

Do not pass a hostname instead of an IP address as the remote machine to which you wish to connect, use tor-resolve if you don't know the IP.

tor-resolve google.com localhost:9050
64.233.161.99

2 years ago
Just in case somebody will need Windows 32bit version of connect-proxy, that was mensioned by TOR Hacker in previous post, here it is

connect.zip

2 years ago
Why so complicate, when there is a tool which do exactly the same automatically? Use torify as follows:

$ torify ssh user@remote.ip


And if you don't know ip address and don't want to leak DNS use tor-resolve

$ tor-resolve remote.hostname localhost:9050


or together:

$ torify ssh user@$(tor-resolve remote.hostname localhost:9050)



With this tool you can torify any application you want: wget, telnet, ftp...

2 years ago
OK, you did a great job of explaining this for Linux users, but I have a question about how to run SSH over tor with the tor browser bundle and bit vise tunneler. I have both on a USB drive that I want to use when I travel, or when using public hotspots. I'm not sure how to setup up the tunneler app to use tor. I have Orbit on my tablet and connectbot so from my tablet its not an issue but if I use my laptop I'd like to be able to create a secure tunnel. Any help is appreciated.

2 years ago
For Windows users there is a program called PuTTY. Small, powerful and free.

It supports SSH-Tunneling (which creates SOCKS5 proxy on desired port on Localhost, that you can use in your browser settings), and also it has it's own proxy settings and therefore can work via proxy created by Tor.

So,
[list]first you run Tor,

then you tell Putty to make all connections only through Tor (in Configuration: Connection -> Proxy -> , Type: SOCKS5, Host: localhost, Port:9050),

then you set up SSH Tunneling

and then you tell your Browser to use newly created SSH Tunnel as a proxy (Type:SOCKS5, Host: localhost, Port: {the one that you used for port forwarding in Putty, something like 8080 or whatever})[/list:u]

Your connection will go from you -> tor -> tor exit node -> ssh server -> destination website.

2 years ago
Tor is set to 127.0.0.1:9151by default, so would I set putty to use that as the proxy host and port?

2 years ago
9051 is control port (for Vidalia to send commands to Tor) and 9050 is data port (for other applications to use it as socks proxy). Maybe your setup is different, but default Tor Browser Bundle comes with this settings.

Reply

You are not logged in. Login or register to reply on this thread.