[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor bridges over ICMP or DNS

On Thu, 07 Sep 2017 21:47:24 +0000, Ben Tasker wrote:
> > Same. Basically, you just need any bridge and a means to tunnel ssh,
> > and the you can 'ssh -L port:bridgeip:bridgeport', and configure
> > tor to use the bridge at localhost:port. This will work as long
> > as not too many people do it.
> >
> In principle, yes. In practice, not so much. SSH to and from China can be
> an absolute pain even for low traffic levels (like, for example, a standard
> SSH session).

There is no plain ssh session on the net here - it is encapsulated in
DNS or ICMP, and supposedly the tunneling does its own flow control
(as in (self-plug) https://github.com/apk/udpmob).

> Sometimes it's might be deliberate interference, but most of
> the time it's a case of combining the headaches of TCP-over-TCP

There is no TCP-over-TCP here, not even TCP. (And no VPN.) The
connection to the bridge is port-forwarded in an SSH session
which in turn is tunneled via UDP/DNS/ICMP.

> Things like sshuttle (https://github.com/apenwarr/sshuttle)

The readme fails to say what it actually does. :-)

- Andreas

"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to