[tor-talk] Tor over SSH (torsocks) (?)
David Goulet
dgoulet at ev0ke.net
Thu Feb 19 15:41:07 UTC 2015
On 16 Feb (00:27:40), James Murphy wrote:
> On 02/15/2015 03:22 PM, blobby at openmailbox.org wrote:
> > I want to login to my VPS over SSH.
> >
> > Is torsocks still a safe way to do this? A lot of the
> > documentation (such as it is) is several years old.
> >
> >
>
> I would also like to know this. SSH hidden service setup and use are
> easy with torsocks.
>
> /etc/tor/torrc
>
> HiddenServiceDir /var/lib/tor/ssh_service/
> HiddenServicePort 22 127.0.0.1:22
>
> Then
>
> torsocks ssh user at xxx.onion
>
> works like a charm.
>
> Can anyone comment on security of torsocks?
(So yeah I sent that a week ago and didn't notice that I used the wrong
email address for the list so here it is)
Torsocks was rewritten alost from scratch due to design issues and the
code was unmaintained since 2009. This new version is 2.0 and is now
packaged by most Linux distros.
https://people.torproject.org/~dgoulet/torsocks/
git: https://gitweb.torproject.org/torsocks.git
Now, that effort did improved the safety of it I would say quite a bit.
I won't go in the technical details but it's better and maintained now.
That being said, know this, torsocks is a best effort, it's not a silver
bullet and it's "easy" to design an application that will bypass
torsocks. However, you can be confident with a bunch of stuff such as
ssh, wget, netcat, etc... It's extensively used with those applications
on a daily basis. Tails and Whonix for instance rely on torsocks for
some applications (note that their firewall gives them extra
protection). I know that people are using torsocks with postfix and it
works well.
I would be happy to detail technical details of torsocks if someone
would like to, maybe a blog post?
Cheers!
David
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150219/2d108d62/attachment.sig>
More information about the tor-talk
mailing list