Delivery-Date: Wed, 18 Feb 2015 16:04:57 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 1E43B1E0BBE
	for <archiver@seul.org>; Wed, 18 Feb 2015 16:04:56 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 73A0833158;
	Wed, 18 Feb 2015 21:04:51 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id AF494330CF
 for <tor-talk@lists.torproject.org>; Wed, 18 Feb 2015 21:04:48 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id banY_x7PPbMJ for <tor-talk@lists.torproject.org>;
 Wed, 18 Feb 2015 21:04:48 +0000 (UTC)
Received: from smtp2.hushmail.com (smtp2.hushmail.com [65.39.178.134])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.hushmail.com", Issuer "Self-signed" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 78A73306F1
 for <tor-talk@lists.torproject.org>; Wed, 18 Feb 2015 21:04:48 +0000 (UTC)
Received: from smtp2.hushmail.com (localhost [127.0.0.1])
 by smtp2.hushmail.com (Postfix) with SMTP id 60C66A01BF
 for <tor-talk@lists.torproject.org>; Wed, 18 Feb 2015 21:04:45 +0000 (UTC)
Received: from smtp.hushmail.com (w7.hushmail.com [65.39.178.32])
 by smtp2.hushmail.com (Postfix) with ESMTP
 for <tor-talk@lists.torproject.org>; Wed, 18 Feb 2015 21:04:45 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99)
 id 102A140421; Wed, 18 Feb 2015 21:04:45 +0000 (UTC)
MIME-Version: 1.0
Date: Wed, 18 Feb 2015 16:04:44 -0500
To: tor-talk@lists.torproject.org
From: "l.m" <ter.one.leeboi@hush.com>
In-Reply-To: <81f72c0f7a48368897291576d52bfc37@openmailbox.org>
References: <ff0969f9d2ea5c294f866c4660ebb309@openmailbox.org>
 <54E13B37.8070004@riseup.net> <54E1567A.90709@hireahit.com>
 <c0e17374bc441f241698b7109078ec67@openmailbox.org>
 <54E275A2.1000504@hireahit.com>
 <81f72c0f7a48368897291576d52bfc37@openmailbox.org> 
Message-Id: <20150218210445.102A140421@smtp.hushmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Tor over SSH (torsocks) (?)
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi,

It sounds like you need to do a little introspection on why you want
to torify your ssh. You've already confessed to having a lack of faith
in your own technical ability. You need to ask yourself the
question--what is my threat model? You want to connect to a VPS--how
did you pay for this VPS? If you didn't pay for it using anonymous
currency then you might consider that torifying your ssh access will
provide limited anonymity if a (digital) paper trail exists. Without
using a hidden service you need to consider that the port you use on
your VPS will influence the choice of exit relay. Even if you use a
hidden service you need to trust the HS guard. If you use a hidden
service and your guards come under attack you may end up being unable
to connect to your VPS. In any case you may experience dropped
connections or the limited ability to connect. Which means you'll need
fallback connection methods or a server setup to detect-correct
faults. 

tl;dr Based on Roger's response you could use torsocks just fine. That
won't change needing to secure access (ie key-based auth). So you'll
need to read the man pages irregardless. Focusing on access via tor
before knowing how to secure your VPS will come back to haunt you.
That's why I recommend netcat via proxycommand. Why use torsocks if
you don't have to. It's not like you won't be editing the config files
anyway.
--leeroy
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

