The instance I use for administrative purposes (SSH and APT) is a separate one, client-only.
-----Original Message----- From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of teor Sent: Wednesday, October 4, 2017 5:49 AM To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
On 4 Oct 2017, at 02:26, Igor Mitrofanov igor.n.mitrofanov@gmail.com
wrote:
I have setup a (private, key-based) Tor hidden service for SSH
administration. It works well and leaves no extra open ports to attack.
If you also take advantage of package updates over Tor (via the local SOCKS5 proxy that any Tor instance provides)
We don't recommend that you run a client and hidden service on the same tor instance. It makes traffic correlation easier, because your traffic all goes through the same guard. (There are probably some other reasons, too.)
Depending on your threat model, this might not be an issue for you.
T
-- Tim / teor
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n ------------------------------------------------------------------------