[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Extreme Exit Policy

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Extreme Exit Policy
From: ronqtorrelays@xxxxxxxxxx
Date: Tue, 18 Dec 2018 06:39:40 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 18 Dec 2018 09:48:08 -0500
In-reply-to: <cd4cf83d-dc62-7d61-660b-a43b40054933@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <94E20C0A-28AB-4724-974A-08AE1F1BCE38@quintex.com> <cd4cf83d-dc62-7d61-660b-a43b40054933@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Dec 17, 2018, at 22:51, Mirimir <mirimir@xxxxxxxxxx> wrote:

And sure, I could setup .onion SSH for everything, and that'd arguably
be more secure. But sometimes I'm just too lazy for that.

I'm pretty frickin' lazy, but I do this with all my servers. Here's the recipe for Linux/Debian provisioning:

-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-

# cat >>/etc/apt/sources.list

deb https://deb.torproject.org/torproject.org stretch main
deb-src https://deb.torproject.org/torproject.org stretch main

# apt install gnupg2 dirmngr

# gpg2 --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89

I've had gpg2 fail, in which case this should work:

# gpg --keyserver hkp://pool.sks-keyservers.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89

# gpg2 --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

# apt update

# apt install tor deb.torproject.org-keyring

edit /etc/tor/torrc, the "hidden services" section, to add:

HiddenServiceDir /var/lib/tor/control/
HiddenServicePort 22 127.0.0.1:22

# service tor restart

# cat /var/lib/tor/control/hostname

Record the onion address for posterity

-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-.,,.-*"*-

The SSH sessions to the .onion address seem pretty darned solid.

--Ron

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Extreme Exit Policy
  - From: John Ricketts
- Re: [tor-relays] Extreme Exit Policy
  - From: Mirimir

Prev by Author: Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)
Next by Author: Re: [tor-relays] AS: "ColoCrossing" - 28 new relays
Previous by thread: Re: [tor-relays] Extreme Exit Policy
Next by thread: Re: [tor-relays] Extreme Exit Policy
Index(es):
- Author
- Thread