Security - Access servers via onion address (tor)

To access my bastion nodes I prefer onion address. Here is a way how to create your own bastion server available via onion address.

Server installation

You already have a working linux server available by public ip in internet. Following steps describes only TOR installation.

Start by installing tor package

# install tor serv
apt install tor

Now configure tor

echo "HiddenServiceDir /var/lib/tor/other_hidden_service/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
echo "HiddenServicePort 22 127.0.0.1:22" >> /etc/tor/torrc

And restart tor service

systemctl restart tor

To get onion address of your server run command bellow

cat /var/lib/tor/other_hidden_service/hostname

Client machine configuration (linux)

pacman -S tor torsocks

To connect to the onion address use command

torify ssh SERVER_ADDRESS.onion