Configuring Tor v3 Hidden Services and SSH Connections

Introduction

In this article, we will discuss how to set up a Tor v3 hidden service and use it for SSH connections. This setup enhances your network’s privacy and security, allowing secure, anonymous access to your services.

Server Configuration

Setting Up a Single Hidden Address Service

1. Install Tor:

   sudo apt-get install tor
   

   • Verify the process: sudo lsof -i | grep LISTEN
   • Terminate if necessary: sudo kill <pid>

2. Configure the Tor Service: Edit /etc/tor/torrc:

   HiddenServiceDir /home/<username>/<hiddenfile_A>
   HiddenServicePort 22 127.0.0.1:22
   

   • HiddenServiceDir: Set to /home/<username>/<hiddenfile_A>. Modify permissions with sudo chmod 700 /home/<username>/<hiddenfile_A>.
   • HiddenServicePort: Map a hidden service port to a local port (22 in this case for SSH).

3. Start Tor:

   • Run tor.
   • This generates private and public keys and a hostname in /home/<username>/<hiddenfile_A>.

Configuring Multiple Hidden Address Services

1. Modify Tor Configuration: Edit /etc/tor/torrc to add multiple services:

   HiddenServiceDir /home/<username>/<hiddenfile_X>
   HiddenServicePort 80 127.0.0.1:<localport>
   

   • Replace <hiddenfile_X> and <localport> as needed.
   • Each HiddenServiceDir creates a unique hidden address.

2. Start Tor:

   • Run tor.
   • Check created folders for generated keys and addresses.

SSH Client Configuration

1. Install Tor on the Client:

   brew install tor
   tor
   

2. Modify SSH Configuration: Edit .ssh/config and add:

   Host *.onion *-tor
   ProxyCommand nc -X 5 -x 127.0.0.1:9050 %h %p
   CheckHostIP no
   Compression yes
   Protocol 2
   

3. Connect via SSH:

   ssh <username>@<hostname-onion>.onion
   

Reference: SSH Hidden Service Guide

Generating Custom Tor v3 Addresses

1. Download and Install Tools:

   sudo apt-get install git
   git clone https://github.com/cathugger/mkp224o.git
   cd mkp224o
   sudo apt install gcc libsodium-dev make autoconf

1. Compile the Software:

   ./autogen.sh
   ./configure
   ./configure CPPFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib"
   make
   

2. Use the Tool:

   • Caution: Avoid setting very short terms (≤3 characters) to prevent rapid generation, which can damage the disk or create files that are hard to delete.

     ./mkp224o <term_A> <term_B> <...>
     

   • Use -S 1 for status updates every second (default is every 10 seconds).
   • Use -j 10 to set the number of CPU cores (default uses all available).

Generated results will appear in folders named <onionaddress>.onion, containing private keys, public keys, and the address. To activate, move these to the /home/<username>/<hiddenfile_*> directory.

Reference: mkp224o GitHub Repository