perhaps use "stealth" authenticated tor hidden service for your ssh to mitigate the ssh 0-day(s); obviously this is not just a tin foil hat practice anymore.
On Mon, Feb 16, 2015 at 10:56 PM, Dave Warren <da...@hireahit.com> wrote: > On 2015-02-16 03:30, blo...@openmailbox.org wrote: >> >> On 2015-02-16 02:31, Dave Warren wrote: >>> >>> On 2015-02-15 16:35, Mirimir wrote: >>>> >>>> On 02/15/2015 02:22 PM, blo...@openmailbox.org wrote: >>>>> >>>>> I want to login to my VPS over SSH. >>>>> >>>>> Is torsocks still a safe way to do this? A lot of the documentation >>>>> (such as it is) is several years old. >>>> >>>> I prefer to run an SSH hidden service on the VPS. >>> >>> >>> I'd tend to agree; if you control the endpoint, set it up as a hidden >>> service rather than having Tor exit node involved at all. >>> >>> While running hidden services alongside non-hidden services introduces >>> some risks, most of these are less significant when connecting to SSH >>> on a server that you control. >> >> >> I don't think I phrased my question very well. I'm not running a hidden >> server. I'm just logging in to a shared VPS to ftp. etc, rather than logging >> in to a control panel over HTTPS. >> >> I just want a simple way to do "ssh IP port" but with Tor. > > > Understood. But the suggestion is that you SHOULD run a hidden server to > listen for SSH connections over Tor as this will be far more reliable and > secure than having to rely on an exit node. > > The rest of the server doesn't need to be a hidden server, and SSH can still > listen as both a Tor hidden server and a regular public server, but by > making it a hidden server within Tor, you remove one of the major risk > factors of using Tor: The exit node. > > -- > Dave Warren > http://www.hireahit.com/ > http://ca.linkedin.com/in/davejwarren > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
