Ir al contenido principal

SSH over Tor

Overview

OpenSSH is a fantastic means to protect the contents of your communications. However, this isn't always enough. Sometimes simply proving you made a connection to a server is enough to incriminate and incarcerate a person. Natively, SSH does not possess a capability to obfuscate to whom it connects. Fortunately, Tor provides just such a capability. By sending the connection through the Tor network, an observer can see a connection to the first (of three nodes), not the connection to the destination. This prevents an adversary from conducting traffic analysis against your connections.

Compiling connect

Download connect.c. Compile connect and install it in /usr/local/bin with the following commands.
# gcc -o /usr/local/bin/connect connect.c
# chmod 755 /usr/local/bin/connect
# chown root.root /usr/local/bin/connect

Running SSH through Tor

To run SSH over Tor, run the following command. Substitute your username for marlowe, the IP address you wish to connect for 1.2.3.4 and the IP address of your Tor server for localhost.
% ssh -l marlowe -2 1.2.3.4 -o ProxyCommand="/usr/local/bin/connect -4 -S localhost:9050 %h %p"
Warning, before using the above command, make sure you understand what the command does.
  • "-l" specifies the username to log into on the remote machine
  • "-2" forces ssh to try protocol version 2 only. Don't use version 1 as it is a security risk.
  • "-o" passes the following argument as option in the format used in the configuration file. In this case, it passes the option ProxyCommand with the value of "/usr/local/bin/connect -4 -S localhost:9050 %h %p"
Additional options for ssh are covered in its man page. The "-4" option tells connect to use SOCKS protocol 4. The "-S" option specifies the hostname and port number of the SOCKS server to relay. Addtional options are listed in detail in the source code for connect.c
Do not pass a hostname instead of an IP address as the remote machine to which you wish to connect. If you pass a hostname, ssh uses your name server to resolve the name before passing it to connect. This deprives you of the protection of Tor for your name resolution. Instead use the program tor-resolve which is included with the Tor distribution. tor-resolve takes two arguments, the first is a fully qualified domain name (FDQN), the second is SOCKS proxy connection. The example below resolves www.google.com over the SOCKS proxy running on localhost over 9050 using Tor.
% tor-resolve www.google.com localhost:9050
64.233.161.99
Validated by HTML Validator (based on Tidy) Copyright 2006-2012 Patrick R. McDonald <marlowe@antagonism.org> (GPG key (old)/ GPG key (new))
This document last modified Monday, 09-May-2011 19:27:09 UTC

Comentarios

Publicar un comentario

Entradas populares de este blog

Internet Gratis en Unefon

Internet Gratis en Unefon Que tal a todos les traigo este post para conseguir internet gratis en Mexico y abre el facebook, twitter, whats app, no se si funcione con todos y si con Iusacell tambien aunque supongo que si sale les dejo los pasos... 1.-irse a Configuraciones/redes inalambricas/redes moviles 2.-Marcar la casilla de Datos Habilitados y entrar en APN 3.-Crear uno nuevo esta es la configuracion: Nombre: Hack (esto es opcional) APN: mms.iusacellgsm.mx Proxy: 192.200.1.110 Puerto:9201 Nom de Usuario: mmsiusacellgsm Contraseña: mmsiusacellgsm Servidor: MMSC:  http://mms.iusacell3g.com/ Proxy MMS: 192.200.1.110 Puerto mms: 9201 MCC: 334 MNC: 050 Tipo de autenticación: (Vacio) Tipo de apn: (Vacio)
Publicar un comentario
Leer más

medidas de barrenacion de rines

Aqui esta tambien a INFO COMPLETA de Separacion de birlos Informacion viene en el siguiente orden: Carro | Separacion | Offset | Medida del centro (Algunas les falta algo de Informacion ) ----------------------------------------------------------------------------------------- 4X95.25 ROVER 100 4X95.25 35-42 56 ROVER MGF 96> 4X95.25 18-30 56 ROVER MGF TF 4X95.25 28-30 56 ----------------------------------------------------------------------------------------- 4X98 ALFA ROMEO 33 86-96 4X98 35-42 58.1 ALFA ROMEO 145 94-01 4X98 35-42 58.1 ALFA ROMEO 146 94-01 4X98 35-42 58.1 ALFA ROMEO 155 94-98 4X98 35-42 58.1 ALFA ROMEO 164 4 Stud 88-98 4X98 35-42 58.1 FIAT BARCHETTA 95> 4X98 35-42 58.1 FIAT BRAVO 96-01 4X98 35-42 58.1 FIAT BRAVA 96-01 4X98 35-42 58.1 FIAT CINQUENCENTO 4X98 30-38 58 FIAT COUPE 16V 95-01 4X98 35-42 58.1 FIAT DOBLO 01> 4X98 35-42 58.1 FIAT FLORINO 95-00 4X98 35-42 58.1 FIAT IDEA 03> 4X98 35-42 58.1 FIAT MAREA 96> 4X98 35-42 58.1 FIAT MULTIPLA 99> 4X98 25...
Publicar un comentario
Leer más

Cambiar firmware y DNS al router Thomson TG585 v7 de Infinitum

Después de recibir este router de infinitum y percatarme de las limitaciones que el firmware modificado por Telmex tiene decidí cambiarle el firmware y de paso poner otros DNS, cosa fácil en el viejo 2Wire, pero no en este Thomson, luego de mucho leer e investigar, después de ver varios tutoriales, unos inútiles y otros útiles pero sin contener todo lo que quería hacer, me di a la tarea de hacer este tutorial. En la versión que he visto que infinitum provee la cubierta es de color blanco. La web oficial de Thomson y de este modelo es esta: http://www.thomsonbroadbandpartner.com/dsl-modems-gateways/products/product-detail.php?id=161 Antes de iniciar el proceso solo nuestra computadora debe estar conectada al router con cable de red ethernet en el puerto 1, no por red inalámbrica. Recomiendan poner una ip estática a nuestra pc para evitar errores, para configurarlo seguiremos estos pasos: Inicie sesión en el equipo cliente como Administrador o como Propietario. Haga...
12 comentarios
Leer más