--- search: exclude: true --- # tor_ssh_tunnel_port_forwarding Setup ## **Initial Setup** First, setup the /etc/ssh/sshd_config to allow port forwarding: root@torVPS:~# vim /etc/ssh/sshd_config root@torVPS:~# cat /etc/ssh/sshd_config | grep Gateway GatewayPorts yes root@torVPS:~# systemctl restart sshd Then run the SSH tunnel command to go through tor via a local TOR bridge node: [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → apt install tor obfs4proxy -y [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim /etc/tor/torrc [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat /etc/tor/torrc UseBridges 1 ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy Bridge obfs4 10.0.0.195:8042 2E73653A148DFFF3CA28D53F0C366936FE554335 cert=znEl9kidNa4TgqiasENSDvxLPDVMOvdIPcVhqwMR27iVUoMn+MtjoxmcpikFpsYAbtSpMw iat-mode=0 DataDirectory /var/lib/tor TransPort 9040 SocksPort 9050 DNSPort 53 User debian-tor [ 10.0.0.101/16 ] [ /dev/pts/3 ] [~] → vim /etc/tor/torsocks.conf [ 10.0.0.101/16 ] [ /dev/pts/3 ] [~] → cat /etc/tor/torsocks.conf | grep AllowOutboundLocalhost AllowOutboundLocalhost 1 [ 10.0.0.101/16 ] [ /dev/pts/3 ] [~] → systemctl restart tor [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → torify ssh -fN -R 0.0.0.0:443:127.0.0.1:443 torVPS root@torVPS:~# nmap 127.0.0.1 -p 443 Starting Nmap 7.80 ( https://nmap.org ) at 2022-05-14 17:41 CEST Nmap scan report for localhost (127.0.0.1) Host is up (0.000068s latency). PORT STATE SERVICE 443/tcp open https root@torVPS:~# nmap $(curl ifconfig.me) -p 443 Starting Nmap 7.80 ( https://nmap.org ) at 2022-05-14 17:41 CEST Nmap scan report for ip.88.217.167.104.hivedatacenter.com (104.167.217.88) Host is up (0.000038s latency). PORT STATE SERVICE 443/tcp open https And the 443 port has been port forwarded to both localhost and the destination public IP ! Now let's make sure it auto restarts: [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → apt install autossh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → torify autossh -fN -R 0.0.0.0:443:127.0.0.1:443 torVPS [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → torify autossh -fN -R 0.0.0.0:80:127.0.0.1:80 torVPS Then we make sure it starts at boot: [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → which torify autossh /usr/bin/torify /usr/bin/autossh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim sshtunnels.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat sshtunnels.sh #!/bin/bash while true; do if [ $(pidof autossh ssh | wc -l) -eq 0 ]; then echo "[+] STARTING SSH TUNNELS ..." kill -9 $(pidof autossh ssh) 2>/dev/null /usr/bin/torify /usr/bin/autossh -fN -R 0.0.0.0:80:127.0.0.1:80 torVPS /usr/bin/torify /usr/bin/autossh -fN -R 0.0.0.0:443:127.0.0.1:443 torVPS else echo "[+] SSH TUNNELS ACTIVE..." pidof ssh autossh fi sleep 3 done [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → pwd /root [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → chmod +x sshtunnels.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat sshtunnels.sh #!/bin/bash /usr/bin/torify /usr/bin/autossh -fN -R 0.0.0.0:80:127.0.0.1:80 torVPS /usr/bin/torify /usr/bin/autossh -fN -R 0.0.0.0:443:127.0.0.1:443 torVPS [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim /etc/systemd/system/sshtunnel.service [ 10.8.0.3/24 ] [ /dev/pts/0 ] [~] → cat /etc/systemd/system/sshtunnel.service [Unit] Description=SSH Tunnels After=network-online.target Wants=network-online.target [Service] Type=Simple ExecStart=/root/sshtunnels.sh ExecStop=kill -9 $(pidof autossh ssh) [Install] WantedBy=multi-user.target Then we test it: [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → kill -9 $(pidof autossh) [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → systemctl daemon-reload [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → systemctl start sshtunnel [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → systemctl status sshtunnel ● sshtunnel.service - SSH Tunnels Loaded: loaded (/etc/systemd/system/sshtunnel.service; disabled; vendor preset: enabled) Active: inactive (dead) May 14 18:06:05 home systemd[1]: Started SSH Tunnels. May 14 18:06:06 home autossh[31304]: starting ssh (count 1) May 14 18:06:06 home autossh[31304]: ssh child pid is 31306 May 14 18:06:06 home systemd[1]: sshtunnel.service: Succeeded. May 14 18:06:06 home autossh[31304]: received signal to exit (15) It ran successfully, now we test if the ports are properly forwarded: root@torVPS:~# nmap 127.0.0.1 -p 80,443 Starting Nmap 7.80 ( https://nmap.org ) at 2022-05-14 18:08 CEST Nmap scan report for localhost (127.0.0.1) Host is up (0.000068s latency). PORT STATE SERVICE 80/tcp open http 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds root@torVPS:~# nmap $(curl ifconfig.me 2>/dev/null) -p 80,443 Starting Nmap 7.80 ( https://nmap.org ) at 2022-05-14 18:08 CEST Nmap scan report for ip.88.217.167.104.hivedatacenter.com (104.167.217.88) Host is up (0.000050s latency). PORT STATE SERVICE 80/tcp open http 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds And it is! now if we want the web server to also VPN to the torVPS machine, we can do that too, following the [Openvpn Over TOR setup](../ovpn_tor/index.md): [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat home.ovpn client proto tcp-client remote x.x.x.x 1194 dev tun resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server verify-x509-name server_0OoqAjLKoDz7Zu2d name auth SHA256 auth-nocache cipher AES-128-GCM tls-client tls-version-min 1.2 tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 ignore-unknown-option block-outside-dns setenv opt block-outside-dns # Prevent Windows 10 DNS leak verb 3 ### TOR SETTINGS ### socks-proxy 127.0.0.1 9050 socks-proxy-retry up-delay route 10.0.0.195 255.255.255.255 net_gateway ################### [...] [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim /etc/systemd/system/vpn.service [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat /etc/systemd/system/vpn.service [Unit] Description=VPN After=network-online.target Wants=network-online.target [Service] Type=simple ExecStart=/usr/sbin/openvpn /root/home.ovpn ExecStop=kill -9 $(pidof openvpn) Restart=always [Install] WantedBy=multi-user.target [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim /etc/systemd/system/torwatch.service You have new mail. [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat /etc/systemd/system/torwatch.service [Unit] Description=torwatcher After=network-online.target Wants=network-online.target [Service] Type=simple ExecStart=/root/monitor_tor.sh ExecStop=kill -9 $(pidof /root/monitor_tor.sh) Restart=always [Install] WantedBy=multi-user.target [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim monitor_tor.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat monitor_tor.sh #!/bin/bash counter=0 while true; do echo TESTING timeout 10 ping -c1 10.8.0.1 &>/dev/null if [ $? -eq 0 ]; then echo OK; sleep 3 else if [ $counter -gt 0 ]; then echo 'RESTARTING TOR...' systemctl restart tor counter=0 sleep 10 else counter=$((counter+1)) echo "FAIL ( $counter / 2)"; sleep 3 fi fi done [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim /etc/systemd/system/tortables.service You have new mail. [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat /etc/systemd/system/tortables.service [Unit] Description=Tor IP Tables After=network-online.target Wants=network-online.target [Service] Type=simple ExecStart=/root/iptables_vpn_tor.sh [Install] WantedBy=multi-user.target [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → vim iptables_vpn_tor.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → cat iptables_vpn_tor.sh #!/bin/bash #default private networks sudo iptables -F sudo iptables -A INPUT -m iprange --src-range 192.168.0.0-192.168.255.255 -j ACCEPT sudo iptables -A INPUT -m iprange --src-range 172.16.0.0-172.31.255.255 -j ACCEPT sudo iptables -A INPUT -m iprange --src-range 10.0.0.0-10.255.255.255 -j ACCEPT sudo iptables -A INPUT -m iprange --src-range 127.0.0.0-127.255.255.255 -j ACCEPT sudo iptables -A OUTPUT -m iprange --dst-range 192.168.0.0-192.168.255.255 -j ACCEPT sudo iptables -A OUTPUT -m iprange --dst-range 172.16.0.0-172.31.255.255 -j ACCEPT sudo iptables -A OUTPUT -m iprange --dst-range 10.0.0.0-10.255.255.255 -j ACCEPT sudo iptables -A OUTPUT -m iprange --dst-range 127.0.0.0-127.255.255.255 -j ACCEPT #ip range of tor VPN: sudo iptables -A OUTPUT -o tun0 -j ACCEPT sudo iptables -A INPUT -i tun0 -j ACCEPT sudo iptables -A INPUT -j DROP sudo iptables -A OUTPUT -j DROP #sudo iptables -A INPUT -j DROP #sudo iptables -A OUTPUT -j DROP You have new mail. [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → chmod +x iptables_vpn_tor.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → chmod +x monitor_tor.sh [ 10.0.0.101/16 ] [ /dev/pts/2 ] [~] → systemctl restart torwatch tortables tor vpn [ 10.0.0.101/16 ] [ /dev/pts/0 ] [~] → systemctl enable --now torwatch tortables tor vpn sshtunnel Synchronizing state of tor.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable tor Created symlink /etc/systemd/system/multi-user.target.wants/torwatch.service → /etc/systemd/system/torwatch.service. Created symlink /etc/systemd/system/multi-user.target.wants/tortables.service → /etc/systemd/system/tortables.service. Created symlink /etc/systemd/system/multi-user.target.wants/vpn.service → /etc/systemd/system/vpn.service. [ 10.8.0.3/24 ] [ /dev/pts/0 ] [~] → systemctl status sshtunnel vpn tor torwatch tortables ● sshtunnel.service - SSH Tunnels Loaded: loaded (/etc/systemd/system/sshtunnel.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-05-14 19:14:31 CEST; 1min 16s ago Main PID: 394 (sshtunnels.sh) Tasks: 6 (limit: 4700) Memory: 8.1M CGroup: /system.slice/sshtunnel.service ├─ 394 /bin/bash /root/sshtunnels.sh ├─1290 /usr/lib/autossh/autossh -N -R 0.0.0.0:80:127.0.0.1:80 torVPS ├─1292 /usr/bin/ssh -L 39557:127.0.0.1:39557 -R 39557:127.0.0.1:39558 -N -R 0.0.0.0:80:127.0.0.1:80 torVPS ├─1306 /usr/lib/autossh/autossh -N -R 0.0.0.0:443:127.0.0.1:443 torVPS ├─1308 /usr/bin/ssh -L 39858:127.0.0.1:39858 -R 39858:127.0.0.1:39859 -N -R 0.0.0.0:443:127.0.0.1:443 torVPS └─1793 sleep 3 May 14 19:15:35 home sshtunnels.sh[394]: [+] SSH TUNNELS ACTIVE... May 14 19:15:35 home sshtunnels.sh[394]: 1308 1292 1306 1290 May 14 19:15:38 home sshtunnels.sh[394]: [+] SSH TUNNELS ACTIVE... May 14 19:15:38 home sshtunnels.sh[394]: 1308 1292 1306 1290 May 14 19:15:41 home sshtunnels.sh[394]: [+] SSH TUNNELS ACTIVE... May 14 19:15:41 home sshtunnels.sh[394]: 1308 1292 1306 1290 May 14 19:15:44 home sshtunnels.sh[394]: [+] SSH TUNNELS ACTIVE... May 14 19:15:44 home sshtunnels.sh[394]: 1308 1292 1306 1290 May 14 19:15:47 home sshtunnels.sh[394]: [+] SSH TUNNELS ACTIVE... May 14 19:15:47 home sshtunnels.sh[394]: 1308 1292 1306 1290 ● vpn.service - VPN Loaded: loaded (/etc/systemd/system/vpn.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-05-14 19:14:31 CEST; 1min 16s ago Main PID: 397 (openvpn) Tasks: 1 (limit: 4700) Memory: 3.2M CGroup: /system.slice/vpn.service └─397 /usr/sbin/openvpn /root/home.ovpn May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 ROUTE_GATEWAY 10.0.0.1/255.255.0.0 IFACE=ens18 HWADDR=96:b0:53:08:49:a6 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 TUN/TAP device tun0 opened May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 TUN/TAP TX queue length set to 100 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip link set dev tun0 up mtu 1500 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip addr add dev tun0 10.8.0.3/24 broadcast 10.8.0.255 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip route add 127.0.0.1/32 via 10.0.0.1 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 /sbin/ip route add 10.0.0.195/32 dev ens18 May 14 19:14:39 home openvpn[397]: Sat May 14 19:14:39 2022 Initialization Sequence Completed ● tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-05-14 19:14:31 CEST; 1min 16s ago Main PID: 378 (tor) Tasks: 13 (limit: 4700) Memory: 74.1M CGroup: /system.slice/tor.service ├─378 /usr/sbin/tor -f /etc/tor/torrc └─454 /usr/bin/obfs4proxy May 14 19:14:32 home tor[378]: May 14 19:14:32.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. May 14 19:14:33 home tor[378]: May 14 19:14:33.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. May 14 19:14:34 home tor[378]: May 14 19:14:34.000 [notice] Bootstrapped 0%: Starting May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Starting with guard context "bridges" May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] new bridge descriptor 'voidyt' (cached): $2E73653A148DFFF3CA28D53F0C366936FE554335~voidyt at 10.0.0.195 May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Delaying directory fetches: Pluggable transport proxies still configuring May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Bootstrapped 10%: Finishing handshake with directory server May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Bootstrapped 80%: Connecting to the Tor network May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Bootstrapped 90%: Establishing a Tor circuit May 14 19:14:36 home tor[378]: May 14 19:14:36.000 [notice] Bootstrapped 100%: Done ● torwatch.service - torwatcher Loaded: loaded (/etc/systemd/system/torwatch.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-05-14 19:14:31 CEST; 1min 16s ago Main PID: 398 (monitor_tor.sh) Tasks: 2 (limit: 4700) Memory: 2.7M CGroup: /system.slice/torwatch.service ├─ 398 /bin/bash /root/monitor_tor.sh └─1772 sleep 3 May 14 19:15:34 home monitor_tor.sh[398]: TESTING May 14 19:15:34 home monitor_tor.sh[398]: OK May 14 19:15:37 home monitor_tor.sh[398]: TESTING May 14 19:15:37 home monitor_tor.sh[398]: OK May 14 19:15:40 home monitor_tor.sh[398]: TESTING May 14 19:15:40 home monitor_tor.sh[398]: OK May 14 19:15:43 home monitor_tor.sh[398]: TESTING May 14 19:15:43 home monitor_tor.sh[398]: OK May 14 19:15:46 home monitor_tor.sh[398]: TESTING May 14 19:15:46 home monitor_tor.sh[398]: OK ● tortables.service - Tor IP Tables Loaded: loaded (/etc/systemd/system/tortables.service; enabled; vendor preset: enabled) Active: inactive (dead) since Sat 2022-05-14 19:14:35 CEST; 1min 12s ago Process: 396 ExecStart=/root/iptables_vpn_tor.sh (code=exited, status=0/SUCCESS) Main PID: 396 (code=exited, status=0/SUCCESS) May 14 19:14:35 home sudo[624]: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/iptables -A INPUT -i tun0 -j ACCEPT May 14 19:14:35 home sudo[624]: pam_unix(sudo:session): session opened for user root by (uid=0) May 14 19:14:35 home sudo[624]: pam_unix(sudo:session): session closed for user root May 14 19:14:35 home sudo[626]: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/iptables -A INPUT -j DROP May 14 19:14:35 home sudo[626]: pam_unix(sudo:session): session opened for user root by (uid=0) May 14 19:14:35 home sudo[626]: pam_unix(sudo:session): session closed for user root May 14 19:14:35 home sudo[628]: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/iptables -A OUTPUT -j DROP May 14 19:14:35 home sudo[628]: pam_unix(sudo:session): session opened for user root by (uid=0) May 14 19:14:35 home sudo[628]: pam_unix(sudo:session): session closed for user root May 14 19:14:35 home systemd[1]: tortables.service: Succeeded. And that's it! Now you have a local service, which automatically port forwards it's http and https services via SSH tunnels to a remote host, and it automatically connects there via a VPN Over TOR setup.