SSH via TOR

SSH via TOR

In case your outbound SSH encrypted connections are blocked or intercepted for whatever reason, you may use the following command to connect via a local or remote TOR relay (Socks) proxy:

ssh -o ProxyCommand='nc -x my-proxy-server:my-proxy-port %h %p'
target-ssh-server.example.com

Example: SSH connect to IP address 1.2.3.4 via local TOR proxy:

ssh -o ProxyCommand='nc -x localhost:9150 %h %p'
1.2.3.4

Security Note:

  • DNS information do not seem to get leaked out via local DNS server settings.
  • It is highly recommended to only use the Advanced Encryption Standard (AES) encryption with stateful-decryption counter (CTR). AES with CBC is vulnerable to Plaintext Recovery Attacks Against SSH. AES is the strongest encryption available in openssl and all others are probably too weak to trust.
  • I also recommend to define strong “MACs” (Hash-based Message Authentication Code) for connections via the TOR network; the default algorithm hmac-md5 may be subject to collision attacks.
  • Be sensitive on fingerprint messages and do not connect in case of any unplausible information or on fingerprint error messages: You may be subject of “Man-in-the-middle attacks”!
  • Use this on your own risk. Keep in mind that weekly encrypted information may be stored and/or decrypted from third party (later).

Being paraniod it may make sense to force a very strong encryption algorithm and enable some verbosity to control the packet flow while connecting, i.e:

ssh -o ProxyCommand='nc -x localhost:9150 %h %p'
-v -c aes256-ctr -m hmac-sha2-512
1.2.3.4

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php