My offsite #backup can now be placed any place with internet access and can be reached as long as Tor works for maintenance and for backup without Tor as long as at least IPv4 or IPv6 works outbound. Also a great use for #Tor.
This is one of the best use-cases for hidden services. I use the same technique for many of my own services. It's great that I don't have to worry about setting up all sorts of weird port-forwarding rules in my firewall to be able to access my stuff on the inside. I just keep a list of .onion URLs in my password manager for the stuff I need to be able to get hold of.
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_user@xyz.onion will open a ssh connection even if the computer is behind a firewall (as long as tor found some way to connect to the outside, in tricky cases you can use obfs or so).
Any service running on the computer can be made available, but also ssh should be enough to connect to any locally available service.
Downside is the speed. Upside, if you crashed the router or DynDNS is not working for any reason you can still connect to the machine via the hidden service.
You can also run commands from that end that will use the usual internet connection to transfer some data to your computer.
Disclaimer: Be careful, think before execute the command, do no trust me with the above given keys but check if these are the correct ones.
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_user@xyz.onion will open a ssh connection even if the computer is behind a firewall (as long as tor found some way to connect to the outside, in tricky cases you can use obfs or so).
Any service running on the computer can be made available, but also ssh should be enough to connect to any locally available service.
Downside is the speed. Upside, if you crashed the router or DynDNS is not working for any reason you can still connect to the machine via the hidden service.
You can also run commands from that end that will use the usual internet connection to transfer some data to your computer.
Disclaimer: Be careful, think before execute the command, do no trust me with the above given keys but check if these are the correct ones.
graffen 1 week ago
utzer 7 days ago
desertpepper 1 week ago
Fabio 1 week ago
utzer 7 days ago
echo "deb http://deb.torproject.org/torproject.org stretch main"|sudo tee /etc/apt/sources.list.d/tor.list
sudo apt-get update
sudo apt-get install dirmngr
sudo gpg --keyserver keyserver.ubuntu.com --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get install tor tor-arm gpgv2 deb.torproject.org-keyring
echo 'SOCKSPort 9050
RunAsDaemon 1
ControlPort 9051
ExitPolicy reject *:* # no exits allowed
HiddenServiceDir /var/lib/tor/sshd/
HiddenServicePort 22 127.0.0.1:22
CookieAuthentication 1'|sudo tee /etc/tor/torrc
sudo systemctl enable tor --now
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_user@xyz.onion will open a ssh connection even if the computer is behind a firewall (as long as tor found some way t... Show more...
echo "deb http://deb.torproject.org/torproject.org stretch main"|sudo tee /etc/apt/sources.list.d/tor.list
sudo apt-get update
sudo apt-get install dirmngr
sudo gpg --keyserver keyserver.ubuntu.com --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get install tor tor-arm gpgv2 deb.torproject.org-keyring
echo 'SOCKSPort 9050
RunAsDaemon 1
ControlPort 9051
ExitPolicy reject *:* # no exits allowed
HiddenServiceDir /var/lib/tor/sshd/
HiddenServicePort 22 127.0.0.1:22
CookieAuthentication 1'|sudo tee /etc/tor/torrc
sudo systemctl enable tor --now
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_user@xyz.onion will open a ssh connection even if the computer is behind a firewall (as long as tor found some way to connect to the outside, in tricky cases you can use obfs or so).
Any service running on the computer can be made available, but also ssh should be enough to connect to any locally available service.
Downside is the speed. Upside, if you crashed the router or DynDNS is not working for any reason you can still connect to the machine via the hidden service.
You can also run commands from that end that will use the usual internet connection to transfer some data to your computer.
Disclaimer:
Be careful, think before execute the command, do no trust me with the above given keys but check if these are the correct ones.
utzer 7 days ago
echo "deb http://deb.torproject.org/torproject.org stretch main"|sudo tee /etc/apt/sources.list.d/tor.list
sudo apt-get update
sudo apt-get install dirmngr
sudo gpg --keyserver keyserver.ubuntu.com --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get install tor tor-arm gpgv2 deb.torproject.org-keyring
echo 'SOCKSPort 9050
RunAsDaemon 1
ControlPort 9051
ExitPolicy reject *:* # no exits allowed
HiddenServiceDir /var/lib/tor/sshd/
HiddenServicePort 22 127.0.0.1:22
CookieAuthentication 1'|sudo tee /etc/tor/torrc
sudo systemctl enable tor --now
*each line contains a new command*
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_use... Show more...
echo "deb http://deb.torproject.org/torproject.org stretch main"|sudo tee /etc/apt/sources.list.d/tor.list
sudo apt-get update
sudo apt-get install dirmngr
sudo gpg --keyserver keyserver.ubuntu.com --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
sudo gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get install tor tor-arm gpgv2 deb.torproject.org-keyring
echo 'SOCKSPort 9050
RunAsDaemon 1
ControlPort 9051
ExitPolicy reject *:* # no exits allowed
HiddenServiceDir /var/lib/tor/sshd/
HiddenServicePort 22 127.0.0.1:22
CookieAuthentication 1'|sudo tee /etc/tor/torrc
sudo systemctl enable tor --now
*each line contains a new command*
If you want to be able to run "arm" with your user then run "sudo usermod -a -G debian-tor $your_user".
sudo cat /var/lib/tor/sshd/hostname will output the .onion of the device.
"ssh $your_user@xyz.onion will open a ssh connection even if the computer is behind a firewall (as long as tor found some way to connect to the outside, in tricky cases you can use obfs or so).
Any service running on the computer can be made available, but also ssh should be enough to connect to any locally available service.
Downside is the speed. Upside, if you crashed the router or DynDNS is not working for any reason you can still connect to the machine via the hidden service.
You can also run commands from that end that will use the usual internet connection to transfer some data to your computer.
Disclaimer:
Be careful, think before execute the command, do no trust me with the above given keys but check if these are the correct ones.
desertpepper 7 days ago
I will give it a try this weekend! 😀