[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor bridges over ICMP or DNS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor bridges over ICMP or DNS
From: Andreas Krey <a.krey@xxxxxx>
Date: Fri, 8 Sep 2017 07:27:42 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 08 Sep 2017 01:27:56 -0400
In-reply-to: <CABMkiz7V8Zus7nbgxNT87+=nVTu2gwYrCBro1JO4uBJ_a7qm+Q@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20170907133235.5e20a2ad@natsu> <20170907184853.GA29784@inner.h.apk.li> <CABMkiz7V8Zus7nbgxNT87+=nVTu2gwYrCBro1JO4uBJ_a7qm+Q@mail.gmail.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Thu, 07 Sep 2017 21:47:24 +0000, Ben Tasker wrote:
...
> > Same. Basically, you just need any bridge and a means to tunnel ssh,
> > and the you can 'ssh -L port:bridgeip:bridgeport', and configure
> > tor to use the bridge at localhost:port. This will work as long
> > as not too many people do it.
> >
> 
> In principle, yes. In practice, not so much. SSH to and from China can be
> an absolute pain even for low traffic levels (like, for example, a standard
> SSH session).

There is no plain ssh session on the net here - it is encapsulated in
DNS or ICMP, and supposedly the tunneling does its own flow control
(as in (self-plug) https://github.com/apk/udpmob).

> Sometimes it's might be deliberate interference, but most of
> the time it's a case of combining the headaches of TCP-over-TCP

There is no TCP-over-TCP here, not even TCP. (And no VPN.) The
connection to the bridge is port-forwarded in an SSH session
which in turn is tunneled via UDP/DNS/ICMP.

> Things like sshuttle (https://github.com/apenwarr/sshuttle)

The readme fails to say what it actually does. :-)

- Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor bridges over ICMP or DNS
  - From: Roman Mamedov
- Re: [tor-talk] Tor bridges over ICMP or DNS
  - From: Andreas Krey
- Re: [tor-talk] Tor bridges over ICMP or DNS
  - From: Ben Tasker

Prev by Author: Re: [tor-talk] Tor bridges over ICMP or DNS
Next by Author: [tor-talk] Let's build Tails 3.2~alpha2 instead! [Was: Help us build Tails 3.2~alpha1 build reproducibly]
Previous by thread: Re: [tor-talk] Tor bridges over ICMP or DNS
Next by thread: [tor-talk] [warn] assign_to_cpuworker failed. Ignoring.
Index(es):
- Author
- Thread