Control: severity -1 wishlist Control: retitle -1 torsocks: please add whitelisting for local ports Control: tags -1 + upstream
treaki:
> i tryed to use torsocks on ssh with x forward enabled (-X) but i
> failed for an unknown reason.
The reason is explained in the error message:
> treaki@hostname:~$ xterm
> [Jan 20 00:32:24] WARNING torsocks[31250]: [connect] Connection to a
> local address are denied since it might be a TCP DNS query to a local
> DNS server. Rejecting it for safety reasons. (in tsocks_connect() at
> connect.c:177)
torsocks tries to prevent an application from making DNS query without
going through Tor, and so reject the connection to localhost. This is
good.
For the specific case of SSH forwarding to work, torsocks is missing a
way to specify a list of ports that can be declared safe by users (as in
“I know this port can not be used to deanonymize me”). The syntax could
be something like:
AllowLocalhostConnectionsToPorts 6010 6011
For your specific example of xterm, you can always call torsocks in the
newly created shell instead of having torsocks wrap xterm.
--
Lunar .''`.
lu...@debian.org : :Ⓐ : # apt-get install anarchism
`. `'`
`-
signature.asc
Description: Digital signature
