Hello!
I'm trying to run BorgBackup through Tor for some small backups. Borg uses SSH for remote backups.
I installed Tor on my local and remote computers. I configured an onion SSH service in the remote one, where my Borg server is. I can SSH the remote computer through Tor without a problem.
To run Borg, in my local script I have
BORG_REPO=ssh://iamusininthismessagethisfakeversion3onionaddressinsteadofmyrealone.onion:2222/path/to/repo
and have "torsocks" before the "borg create" command.
That does the job, the backups are done, however I am getting some name resolution error (please see below).
Do you have any advice?
Thank you!
------
ERROR torsocks[]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677)
Remote: ssh: Could not resolve hostname iamusininthismessagethisfakeversion3onionaddressinsteadofmyrealone.onion: Name or service not known Connection closed by remote host. Is borg working on the server? terminating with error status, rc 2
On Mon, 2021-02-08 at 01:49 +0100, anan wrote:
Could not resolve hostname
What's happening is that Borg is trying to resolve the domain name on its own instead of leaving Tor to do the job. This leaves traces for your internet service provider (or whoever else resolves your DNS queries), so if you need to keep the fact that you tried connecting confidential, this should be taken seriously. Otherwise you may wish to ignore it.
Does the same message appear when using SSH?
This is an interesting find. Can you workaround this by using torsocks?
-----Original Message----- From: tor-onions tor-onions-bounces@lists.torproject.org On Behalf Of John Scott Sent: Thursday, February 18, 2021 10:02 AM To: tor-onions@lists.torproject.org Subject: Re: [tor-onions] Borg SSH could not resolve hosname
On Mon, 2021-02-08 at 01:49 +0100, anan wrote:
Could not resolve hostname
What's happening is that Borg is trying to resolve the domain name on its own instead of leaving Tor to do the job. This leaves traces for your internet service provider (or whoever else resolves your DNS queries), so if you need to keep the fact that you tried connecting confidential, this should be taken seriously. Otherwise you may wish to ignore it.
Does the same message appear when using SSH?
John Scott:
On Mon, 2021-02-08 at 01:49 +0100, anan wrote:
Could not resolve hostname
What's happening is that Borg is trying to resolve the domain name on its own instead of leaving Tor to do the job. This leaves traces for your internet service provider (or whoever else resolves your DNS queries), so if you need to keep the fact that you tried connecting confidential, this should be taken seriously. Otherwise you may wish to ignore it.
Does the same message appear when using SSH?
Hey, thanks for the answer!
torsocks ssh works perfectly, I get no error message.
Borg is supposed to use SSH for communication, so I don't understand why I get those name resolution errors. Borg does its job, it works ok through torsocks, but it shows those name resolution error messages.
PS. By the way, I originally sent my question to this list, but it was never approved by the moderator (or there was another problem I don't know), so then I sent my message to the tor-talk list and it was finally approved there. But now I get an answer in this list, where my question has never been published as far as I know... I don't understand anything :)
On Thu, February 18, 2021 9:11 pm, anan wrote:
John Scott:
On Mon, 2021-02-08 at 01:49 +0100, anan wrote:
Could not resolve hostname
What's happening is that Borg is trying to resolve the domain name on its own instead of leaving Tor to do the job. This leaves traces for your internet service provider (or whoever else resolves your DNS queries), so if you need to keep the fact that you tried connecting confidential, this should be taken seriously. Otherwise you may wish to ignore it.
Does the same message appear when using SSH?
Hey, thanks for the answer!
torsocks ssh works perfectly, I get no error message.
Borg is supposed to use SSH for communication, so I don't understand why I get those name resolution errors. Borg does its job, it works ok through torsocks, but it shows those name resolution error messages.
In my experience, torsocks stopped being able to completely contain the apps it wraps some time a number of years ago, but thankfully AORTA does a better job. I never dove into the code or saw anyone explain why, but you should try AORTA:
tor-onions@lists.torproject.org