SSH as a Hidden Service with Tor
With fewer and fewer IPv4 addresses running around, especially among residential consumer lines, it has become increasingly difficult to “play a part” in the internet without gnarly port forwarding hacks combined with dynamic DNS.
Hidden Services offer a way to bypass a lot of those hacks altogether, but it comes at a cost of some latency. Basically you need to connect both ends of the connection, the SSH server and SSH client, to the Tor network and let it handle discovery and routing for you.
- Set up a Hidden Service by following these instructions
- Store your
.onionhostname on your “client” computer
- Run Tor on your “client” computer
Add the following entry to you
Host *.onion ProxyCommand /usr/bin/nc -xlocalhost:9050 -X5 %h %p
- Run SSH to your
- Profit? Probably not, but who cares, you can now access all of your machines on any network from anywhere around the globe!
It’s worth noting again that latency will be sticking point, so I probably
wouldn’t use this for developing in a remote
tmux session, but I would use it
for using SFTP to transfer files to and from the server (for example).
Addtionally, with the instructions above it’s trivial to set up hidden web servers, hidden jabber servers, etc.