Time ago I posted about how to ssh throug tor and torsocks, bypassing Apple SIP in a very lame way.
Today I found a more elegant way to escape this limitation and still ssh through Tor via Netcat.
Homebrew’s netcat provides version 0.7.1, which doesn’t support proxy so it’s not suitable for our purpose. We will install Nmap’s improved version ncat
brew install nmap tor
This will install both Nmap and Tor. Now, very easily, let’s proxy ssh through Tor by using ProxyCommand:
ssh -o ProxyCommand="ncat --proxy-type socks5 --proxy 127.0.0.1:9050 %h %p" root@dest-host
That’s it!
You can create a convenient shell alias by adding to your ~/.zsh (or ~/.bashrc):
alias torssh='ssh -o ProxyCommand="ncat --proxy-type socks5 --proxy 127.0.0.1:9050 %h %p"
Thank you !
It was what I was searching for a long time!!
Tnx
npam or ncat?
Thx for your writeup! For macOS 11 Big Sur I had to use this command: (use port 9150 if you use Tor Browser instead of the brew version)
alias torssh=’ssh -o ProxyCommand=”nc -X 5 -x localhost:9050 %h %p”‘
Make sure the brew version of netcat is removed though:
brew remove netcat
Knowing that exit nodes are in cleartext, I would be extra careful passing SSH keys over the tor network.
Great!