How to Make SSH Connection via Tor

Often, ISP doesn't allow us to reach our computers using normal IP or IPv6 and cuts ports using NAT. Here is a guide how to overpass this problem using Tor.

• First, install Tor in all computers you want to get connected (search instruction for your distribution; in Debian-like systems, it's simply apt install tor, see link). Make sure if Tor is running using sudo /etc/init.d/tor status, if not run sudo /etc/init.d/tor start
• In computers you want to use as servers, you should run an ssh server. Here are instructions for Debian-like systems. Check if it's running: sudo /etc/init.d/ssh status.
• To reach you ssh server via tor you need to have these lines uncommented or added in /etc/tor/torrc:

  	HiddenServiceDir /var/lib/tor/hidden_ssh_service/
          HiddenServicePort 22 127.0.0.1:22  
        

  Restart Tor and SSH servers:

  	sudo /etc/init.d/ssh restart
  	sudo /etc/init.d/tor restart
        

• You can find the hostname in /var/lib/tor/hidden_ssh_service/hostname . It's in format xyz.onion - it can be very long string.
• Now, you can easily reach the server from any client with Tor running. You simply need to use torsocks or torify (almost no difference, torsocks is preferably) commands, e.g.:

  	torsocks ssh myusername@xyz.onion
  	torsocks scp myusername@xyz.onion:/tmp/filename.txt ~/
        

• You may make your life easier by using aliases for your hosts. First install connect-proxy. Then, simply, edit your ~/.ssh/config file adding something like this:

  	
  host myhost
     user myusername
     hostname xyz.onion
     ProxyCommand connect-proxy -a none -S 127.0.0.1:9050  %h %p
    

  Now, you can easily reach your host using the myhost alias. E.g.,

      ssh myhost
      scp file.txt myhost:~/
      rsync -avzr --progress --size-only ~/books/ myhost:~/allbooks
    

  .
• You can try to make a bookmark in your file manager. In my Caja, it works like this: go to File → Connect to Server: