/torrific-ssh

Scripts to configure SSH hidden service and client connections

Primary LanguageShellGNU Affero General Public License v3.0AGPL-3.0

Torrific Ssh

Scripts to configure SSH hidden service and client connections

Byte size of Torrific Ssh Open Issues Open Pull Requests Latest commits

Requirements

The Tor service must be installed prior to utilizing this project on both server and client devices, eg. for Debian based distributions installation may be a easy as...

sudo apt-get install tor

Client devices should also install socat to proxy connections over Tor Socks port

sudo apt-get install socat

This repository makes use of Git Submodules to track script run-time dependencies, to avoid incomplete downloads clone with the --recurse-submodules option...

git clone --recurse-submodules git@github.com:paranoid-linux/torrific-ssh.git

To update tracked Git Submodules issue the following commands...

git pull

git submodule update --init --merge --recursive

To force upgrade of Git Submodules...

git submodule update --init --merge --recursive --remote

Note, forcing and update of Git Submodule tracked dependencies may cause instabilities and/or merge conflicts; if however everything operates as expected after an update please consider submitting a Pull Request.

Quick Start

Clone this project and the submodules that it depends upon...

git clone --recurse-submodules git@github.com:paranoid-linux/torrific-ssh.git

Change current working directory...

cd torrific-ssh

Use -h or --help option to list available command-line parameters...

sudo ./torrific-ssh-server.sh --help

On the server configure Tor hidden service for SSH via torrific-ssh-server.sh script...

sudo ./torrific-ssh-server.sh --client='pi'

Note, setting up the server within a Docker container is now possible via...

docker run --name torrific-ssh --client 'pi'

On each client device configure via torrific-ssh-client.sh script...

sudo ./torrific-ssh-client.sh --host-name="yourgeneratedaddress.onion"\
                              --auth="S0meLet7er5AndNumbers"\
                              --identity-file='~/.ssh/id_rsa'\
                              'pi'

Test that connection can be established on each client device...

ssh tor-pi

Notes

Configurations for SSH server may be further customized via torrific-ssh-server.sh script, eg...

sudo ./torrific-ssh-server.sh --torrc='/etc/tor/torrc'\
  --tor-lib-dir='/var/lib/tor'\
  --tor-port='2222'\
  --service-port='22'\
  --client-names='first-client,second-client,third-client'\
  ssh_server

... and via torrific-ssh-client.sh script there are additional optional configuration options, eg...

sudo ./torrific-ssh-client.sh --host-name="yourgeneratedaddress.onion"\
  --auth="S0meLet7er5AndNumbers"\
  --torrc='/etc/tor/torrc'\
  --identity-file='~/.ssh/id_rsa'\
  --ssh-config='~/.ssh/config'\
  --ssh-host='tor-pi'\
  --port='2222'
  'pi'

Pull Requests are certainly welcomed if bugs are found or new features are wanted.

Attribution

License

Scripts to configure SSH hidden service and client connections
Copyright (C) 2020 S0AndS0

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.

For further details review full length version of AGPL-3.0 License.