How can I anonymize my SSH traffic using the Tor network?
I have a working installation of Tor. I am able to both access hidden services and proxy my clear-net traffic through Tor. My main source of traffic so far has been HTTP.
I would like to know how I can use Tor to access remote computers through the use of SSH. I would like answers for the major operating systems: Windows, Linux/Unix, Mac OS X.
Further, can programs such as
rsyncbe made to use the Tor network?
Usually questions should cover just one topic. So it might be a good idea to ask your rsync question separately.
For SSH you can do something like the following:
ssh -o ProxyCommand='nc -x localhost:$orport %h %p' example.com
Options can also be configured in your
/etc/ssh/ssh_config, or the equivalent on your OS) file:
Host example Hostname example.com ProxyCommand /usr/bin/nc -x localhost:$orport %h %p
Rsync can then use ssh as its remote shell and it will pick up the previous config:
rsync -e ssh example:path/to/files /dest
or, by directly passing arguments to the remote shell:
rsync -e "ssh -o ProxyCommand='nc -x localhost:$orport %h %p'" example.com /dest
Finally, you can use the
RSYNC_CONNECT_PROGenvironment variable to set up all future RSYNC invocations to use Tor (without having to manually specify it each time):
export RSYNC_CONNECT_PROG='ssh proxyhost nc -x localhost:$orport %h %p' rsync example.com:/src /dest
$orportwith the port you've got Tor's SOCKS proxy listening on.
Right. Note this also works for hidden services. For example: ssh -o ProxyCommand='nc -x localhost:9050 %h %p' wjawsduj7uxqnqhu.onion
I just did the netcat proxy command here on Gentoo. There is a detail here: Gentoo's default netcat is netcat6, which has a different command line invocation. To use this method, you first have to install OpenBSD netcat with `emerge openbsd-netcat`. This will install `nc.openbsd`. Then, do the SSH ProxyCommand method discussed above, substituting `nc.openbsd` instead of just `nc`.