mirror of
http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git
synced 2025-07-02 11:56:40 +00:00
listed ALL the git issues on ALL the tutorials,
This commit is contained in:
nihilist
parent
bbfab6f47e
commit
67c58fdfc9
69 changed files with 272 additions and 112 deletions
|
|
@ -61,7 +61,9 @@
|
|||
<div class="row">
|
||||
<div class="col-lg-8 col-lg-offset-2">
|
||||
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-05-02</ba></p>
|
||||
<h1>Remote anonymous access setup (cockpit + ssh through tor) </h1>
|
||||
<h1>Remote anonymous access setup (SSH through tor) </h1>
|
||||
|
||||
<p><img src="../logos/daturagit.png" style="width:100px"> <u>Sidenote:</u> Help us improve this tutorial by letting us know if there's anything missing or incorrect on this <a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/111">git issue</a> directly!</p>
|
||||
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
|
|
@ -88,16 +90,10 @@ HiddenServicePort 80 127.0.0.1:4443
|
|||
<pre><code class="nim">
|
||||
[ mainpc ] [ /dev/pts/7 ] [~]
|
||||
→ cat .ssh/config
|
||||
Host web-gw2024-dedi
|
||||
User root
|
||||
hostname 37.27.32.233
|
||||
IdentityFile ~/.ssh/torified
|
||||
|
||||
Host tortura
|
||||
User root
|
||||
hostname daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
|
||||
IdentityFile ~/.ssh/torified
|
||||
proxyCommand ncat --proxy 127.0.0.1:9050 --proxy-type socks5 %h %p
|
||||
|
||||
Host datura
|
||||
User root
|
||||
|
|
@ -105,13 +101,13 @@ Host datura
|
|||
IdentityFile ~/.ssh/torified
|
||||
|
||||
</code></pre>
|
||||
<p>Then connect to the host via SSH:</p>
|
||||
<p>Then connect to the host by forcing SSH to go through tor, thanks to torsocks:</p>
|
||||
<pre><code class="nim">
|
||||
[ mainpc ] [ /dev/pts/5 ] [~]
|
||||
→ systemctl restart tor@default
|
||||
|
||||
[ mainpc ] [ /dev/pts/5 ] [~]
|
||||
→ ssh tortura
|
||||
→ torsocks ssh tortura
|
||||
The authenticity of host 'daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion (<<b></b>no hostip for proxy command>)' can't be established.
|
||||
ED25519 key fingerprint is SHA256:A0CFTeUixGoK96VenBQ7Z2U8kX5olDCqBvBNeJUfs6I.
|
||||
This host key is known by the following other names/addresses:
|
||||
|
|
@ -128,39 +124,18 @@ individual files in /usr/share/doc/*/copyright.
|
|||
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
|
||||
permitted by applicable law.
|
||||
Last login: Thu May 2 14:47:23 2024 from 178.255.149.178
|
||||
|
||||
[ Datura ] [ /dev/pts/11 ] [~]
|
||||
→
|
||||
|
||||
</code></pre>
|
||||
|
||||
<p>So <b>that's how you do it if you cannot access the server via a public IP directly</b>, but keep in mind that the latency is most likely unbearable due to the 6 hops circuit (since we're doing it via the .onion link, rather than connecting to the IP directly)</p>
|
||||
<p> so you're probably better off just connecting to the IP directly but <b>forcing the SSH connection through tor using torsocks, which greatly reduces the latency (3 hops instead of 6)</b>:</p>
|
||||
<pre><code class="nim">
|
||||
[ mainpc ] [ /dev/pts/7 ] [~]
|
||||
→ torsocks ssh datura
|
||||
Enter passphrase for key '/home/nihilist/.ssh/torified':
|
||||
Linux Datura 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
|
||||
<p>For instance, this is how you can access a server that is in an isolated LAN (such as in your home network), without requiring to port-forward anything.</p>
|
||||
|
||||
The programs included with the Debian GNU/Linux system are free software;
|
||||
the exact distribution terms for each program are described in the
|
||||
individual files in /usr/share/doc/*/copyright.
|
||||
|
||||
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
|
||||
permitted by applicable law.
|
||||
Last login: Thu May 2 15:48:08 2024 from 127.0.0.1
|
||||
|
||||
[ Datura ] [ /dev/pts/12 ] [~]
|
||||
→ id
|
||||
uid=0(root) gid=0(root) groups=0(root)
|
||||
|
||||
</code></pre>
|
||||
<p> But keep in mind that the latency is going to be higher due to the 6 hops circuit (since we're doing it via the .onion link, rather than connecting to the IP directly). The length of the circuit is due to requiring to use the rendez-vous mechanism, since we're using the .onion domain.</p>
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
</div> <!-- /container -->
|
||||
</div><!-- /white -->
|
||||
|
||||
<div id="anon2">
|
||||
<!-- <div id="anon2">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-lg-8 col-lg-offset-2">
|
||||
|
|
@ -230,9 +205,9 @@ nihilist ALL=(ALL:ALL) ALL
|
|||
</code></pre>
|
||||
|
||||
</div>
|
||||
</div><!-- /row -->
|
||||
</div> <!-- /container -->
|
||||
</div><!-- /white -->
|
||||
</div>
|
||||
</div>
|
||||
</div>-->
|
||||
|
||||
|
||||
<!-- +++++ Footer Section +++++ -->
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue