[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

configure/verify SSH connect thru Squid+Privoxy+Tor?



hi all,

i've a proxy gateway configured with Squid + Privxy + Tor for anonymized surfing/connection.

works fine-n-dandy for web browsing.

now i'd LIKE to SSH to a remote shell with:

   pubkey session authentication
   routing via the Tor OR network
   SSL end-to-end encryption of the stream

the question is HOW?

a simple:

   ssh -l USER -L 8888:FQDN_OF_PROXY:8888 fqdn.of.target

connects, but seems to be INSENSITIVE to the <port> spec'n -- i.e., ANYTHING seems to work ...

i HAVE read in the FAQ (see, i CAN be trained!) about/around:

"If you would like to enable a non-SSL client ... to connect to a server through Tor using SSL or TLS, you can use sslredir."
"Our first answer is "then use end-to-end encryption such as SSL", which is great but not always practical."
"If you want to use a service directly through the SOCKS interface (eg. ssh via connect.c), you'll probably have to set up an internal mapping in your configuration file using MapAddress"


but, frankly, in general, and given that I've added Squid to the mix ... I'm not at all certain how to
(a) properly configure the SSH connect to use Tor, and
(b) verify that the SSH session DID route through the OR network (unlike, e.g., using showmyip.com for web browsing ...)


in my config, squid listens on:

   http_port         10.0.0.6:8888
   http_port         127.0.0.1:8888

and forces connects to privoxy as a cahce_peer:

   acl Divert        myport        8888
   cache_peer                      127.0.0.1 parent 8118 7 no-query default
   never_direct      allow         Divert

where privoxy is listening/forwarding on:

   listen-address    127.0.0.1:8118
   permit-access     127.0.0.1
   forward-socks4a / 127.0.0.1:9050 .

and Tor catches the pass with:

   SocksPort 9050
   SocksBindAddress 127.0.0.1:9050
   SocksPolicy accept 127.0.0.1
   SocksPolicy reject *

thx.

cheers,

richard

Attachment: pgpZXz337efZW.pgp
Description: PGP signature