So assuming I just want to run SSH on some port on an .onion on the relay, what is the downside there? Just wondering if for that usecase, SSH to login remotely on to the relay would still have any disadvantages that I missed to consider
The relay is on clearnet in consensus, thus observable, attackable, correlatable, influenceable, patternable, DoSable, offlineable, rebootable, etc.
If the onion is running on the relay and
- its onion address is known to anyone else other than you, by or for any reason, including via v2 HSDir harvesting, the node is generally findable in time by them via correlation to above relay *ables [1].
- its onion address is only known to you, including by requirement of using only v3 onion addressing which claims HSDir unharvestability, then you stand a better chance, perhaps even a strong one.
Adding an HsFootShoot config knob before tor will enable "HS + any other public mode of operation" seems potentially helpful.
[1]
Not much different than a client and some guards being used to find a HS over time.
Or if all else fails, sequentially troll up to the entire allocated v4/v6 space till the services drop (this could already be in use against well and narrowly chosen likely subsets of hosts).