"Generating" ssh KnownHosts file fails sometimes
norpol opened this issue · 0 comments
norpol commented
If you are low on entropy the catting of the hostname is failing because it wasn't generated yet.
I need to implement this in a more lazy fashion or with a delay...
First run:
./setup_tor_ssh.sh install
Append to /etc/tor/torrc: HiddenServiceDir /var/lib/tor/ssh_hidden_service
Append to /etc/tor/torrc: HiddenServicePort 22 127.0.1.7:22
mkdir: created directory '/etc/ssh_tor/'
Generating public/private ed25519 key pair.
Your identification has been saved in /etc/ssh_tor/ssh_host_ed25519_key.
Your public key has been saved in /etc/ssh_tor/ssh_host_ed25519_key.pub.
The key fingerprint is:
SHA256:Q0zZ+u8hxXtYAXAHXqAtUn0l88+SNeLAstyTZYZF5TM root@host
The key's randomart image is:
+--[ED25519 256]--+
+----[SHA256]-----+
$ systemctl daemon-reload
$ systemctl restart tor
$ systemctl restart ssh-tor
$ systemctl enable ssh-tor
Created symlink /etc/systemd/system/multi-user.target.wants/ssh-tor.service → /etc/systemd/system/ssh-tor.service.
cat: /var/lib/tor/ssh_hidden_service/hostname: No such file or directory
Second run:
./setup_tor_ssh.sh install
HiddenServiceDir /var/lib/tor/ssh_hidden_service in /etc/tor/torrc exists
HiddenServicePort 22 127.0.1.7:22 in /etc/tor/torrc exists
$ systemctl daemon-reload
$ systemctl restart tor
$ systemctl restart ssh-tor
$ systemctl enable ssh-tor
Success; Now you can proceed with https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/ssh
You can add this to your known-hosts:
<removed>.onion ssh-ed25519 <removed>