forked from tilde.black/docs
format raw md files to 67 columns for good display on gopher
This commit is contained in:
parent
8e801c9747
commit
48055f0e4e
|
@ -1,9 +1,15 @@
|
|||
# Tilde Black Documentation
|
||||
|
||||
The purpose of Tilde Black is to collaborate on the subjects of privacy, anonymity, and security. The documentation contained here is a direct output of that collaboration.
|
||||
The purpose of Tilde Black is to collaborate on the subjects of
|
||||
privacy, anonymity, and security. The documentation contained here
|
||||
is a direct output of that collaboration.
|
||||
|
||||
This documentation is kept in [version control](https://tildegit.org/tilde.black/tilde-black-docs) and can be edited and improved by pull request.
|
||||
This documentation is kept in [version
|
||||
control](https://tildegit.org/tilde.black/tilde-black-docs) and
|
||||
can be edited and improved by pull request.
|
||||
|
||||
## Join Tilde Black
|
||||
|
||||
If you would like to join our [tilde](https://tildeverse.org) community, you may sign up for the public access unix system by [following the guide](sign-up)
|
||||
If you would like to join our [tilde](https://tildeverse.org)
|
||||
community, you may sign up for the public access unix system by
|
||||
[following the guide](sign-up)
|
||||
|
|
|
@ -2,40 +2,45 @@
|
|||
|
||||
## How to join the system
|
||||
|
||||
Tilde Black's registration is a bit different from what you may have
|
||||
encountered in other public access unix systems.
|
||||
Tilde Black's registration is a bit different from what you may
|
||||
have encountered in other public access unix systems.
|
||||
|
||||
## Sending a request
|
||||
|
||||
Send an email to this system's admin user with an SSH public key that you will
|
||||
use for authentication. The newer ed-25519 keys are recommended, but any valid
|
||||
ssh key is acceptable. Some users enjoy using GPG keys for authentication using
|
||||
the `--export-ssh-key` option.
|
||||
Send an email to this system's admin user with an SSH public key
|
||||
that you will use for authentication. The newer ed-25519 keys are
|
||||
recommended, but any valid ssh key is acceptable. Some users enjoy
|
||||
using GPG keys for authentication using the `--export-ssh-key`
|
||||
option.
|
||||
|
||||
## Receiving your invitation
|
||||
|
||||
Once your public key has been received, the admin will assign 10 random user
|
||||
accounts to your control. You will receive an email response with the list of
|
||||
user accounts you can now log into using your key.
|
||||
Once your public key has been received, the admin will assign 10
|
||||
random user accounts to your control. You will receive an email
|
||||
response with the list of user accounts you can now log into using
|
||||
your key.
|
||||
|
||||
Tilde Black has 10490 user accounts available, generated from 4 and 5 letter
|
||||
word lists. By assigning you 10 random selections from already-created users we
|
||||
hide your user creation date from others on the system and provide you a means
|
||||
of anonymity to other users. You may use any or all of these user accounts.
|
||||
They are all fully-featured.
|
||||
Tilde Black has 10490 user accounts available, generated from
|
||||
4 and 5 letter word lists. By assigning you 10 random selections
|
||||
from already-created users we hide your user creation date from
|
||||
others on the system and provide you a means of anonymity to other
|
||||
users. You may use any or all of these user accounts. They are all
|
||||
fully-featured.
|
||||
|
||||
## Logging in
|
||||
|
||||
It is recommended that users connect to ssh over tor to hide their IP address
|
||||
from other users on the system. [instructions to follow] Once logged in, each
|
||||
of your 10 user accounts will have an email waiting that includes that
|
||||
account's password. Please change the password when you first log in by using
|
||||
the passwd command. This password is not used for login authentication, but
|
||||
will be necessesary for some operations like changing your shell (chsh).
|
||||
It is recommended that users connect to ssh over tor to hide their
|
||||
IP address from other users on the system. [instructions to
|
||||
follow] Once logged in, each of your 10 user accounts will have an
|
||||
email waiting that includes that account's password. Please change
|
||||
the password when you first log in by using the passwd command.
|
||||
This password is not used for login authentication, but will be
|
||||
necessesary for some operations like changing your shell (chsh).
|
||||
|
||||
## The basics
|
||||
|
||||
Your users have a `~/public_gopher` and `~/public_html` folder available. By
|
||||
creating a root gophermap or index.html file in their respective folder you
|
||||
will enable your gopher or website for that user. Your user will also appear on
|
||||
the userlists for gopher or web within the next 12 hours.
|
||||
Your users have a `~/public_gopher` and `~/public_html` folder
|
||||
available. By creating a root gophermap or index.html file in
|
||||
their respective folder you will enable your gopher or website for
|
||||
that user. Your user will also appear on the userlists for gopher
|
||||
or web within the next 12 hours.
|
||||
|
|
|
@ -1,28 +1,32 @@
|
|||
# SSH over Tor
|
||||
|
||||
One of the best ways to maintain your anonymity on Tilde Black is to connect to
|
||||
ssh using tor. Your home IP address will be hidden from other users.
|
||||
One of the best ways to maintain your anonymity on Tilde Black is
|
||||
to connect to ssh using tor. Your home IP address will be hidden
|
||||
from other users.
|
||||
|
||||
## Easy Mode
|
||||
|
||||
Before trying the rest of this document, you can try the easy-mode for ssh over
|
||||
tor:
|
||||
Before trying the rest of this document, you can try the easy-mode
|
||||
for ssh over tor:
|
||||
|
||||
- Install tor
|
||||
- Run tor
|
||||
- torify ssh <username>@tdblackjcbw5kc46.onion -p 2222
|
||||
|
||||
If that doesn't work for you for any reason, the process below is more explicit and will likely solve your problems.
|
||||
If that doesn't work for you for any reason, the process below is
|
||||
more explicit and will likely solve your problems.
|
||||
|
||||
## Detail Mode
|
||||
|
||||
### Overview
|
||||
|
||||
In order to ssh over tor, we'll need some way to make our terminal session or
|
||||
a terminal command run over the tor network. My favorite way to do this is with
|
||||
a program called `torsocks`. This utility pushes a single command or an entire
|
||||
shell through a socks proxy to your tor connection. Since `torsocks` is just
|
||||
a socks proxy that means we'll need to do a couple things to get it to work.
|
||||
In order to ssh over tor, we'll need some way to make our terminal
|
||||
session or a terminal command run over the tor network. My
|
||||
favorite way to do this is with a program called `torsocks`. This
|
||||
utility pushes a single command or an entire shell through a socks
|
||||
proxy to your tor connection. Since `torsocks` is just a socks
|
||||
proxy that means we'll need to do a couple things to get it to
|
||||
work.
|
||||
|
||||
You'll need to:
|
||||
|
||||
|
@ -35,16 +39,16 @@ You'll need to:
|
|||
|
||||
### Step 1: Install tor
|
||||
|
||||
Just like on the server you'll need to install tor on your local machine. Read
|
||||
up on the tor website to see which method works best for your operating system.
|
||||
It's probably a one-liner.
|
||||
Just like on the server you'll need to install tor on your local
|
||||
machine. Read up on the tor website to see which method works best
|
||||
for your operating system. It's probably a one-liner.
|
||||
|
||||
### Step 2: Configure tor
|
||||
|
||||
We need to configure our local tor differently than we did the server. We don't
|
||||
need any hidden services this time, but we do need to allow local connections
|
||||
to use it as a SOCKS proxy. Here's the key lines you'll need to uncomment,
|
||||
change, or add:
|
||||
We need to configure our local tor differently than we did the
|
||||
server. We don't need any hidden services this time, but we do
|
||||
need to allow local connections to use it as a SOCKS proxy. Here's
|
||||
the key lines you'll need to uncomment, change, or add:
|
||||
|
||||
SOCKSPort 9050
|
||||
SOCKSPolicy accept 192.168.0.0/16
|
||||
|
@ -60,30 +64,31 @@ change, or add:
|
|||
|
||||
### Step 4: Configure torsocks
|
||||
|
||||
To be honest, I don't remember if this is required or if it comes like this out
|
||||
of the box. Edit the file /etc/tor/torsocks.conf and verify that the following
|
||||
lines are present and not commented out:
|
||||
To be honest, I don't remember if this is required or if it comes
|
||||
like this out of the box. Edit the file /etc/tor/torsocks.conf and
|
||||
verify that the following lines are present and not commented out:
|
||||
|
||||
TorAddress 127.0.0.1
|
||||
TorPort 9050
|
||||
|
||||
### Step 5: Start tor & torsocks
|
||||
|
||||
Now that everything is all configured, whenever you want to run torsocks you'll
|
||||
need to first start tor in another terminal or tmux pane. Running tor is as
|
||||
easy as typing:
|
||||
Now that everything is all configured, whenever you want to run
|
||||
torsocks you'll need to first start tor in another terminal or
|
||||
tmux pane. Running tor is as easy as typing:
|
||||
|
||||
$ tor
|
||||
|
||||
You'll get some interesting output before it eventually says 100% bootstrapped.
|
||||
That means you're up and running. Now in your other terminal window you can
|
||||
start the torsocks proxy connection like so:
|
||||
You'll get some interesting output before it eventually says 100%
|
||||
bootstrapped. That means you're up and running. Now in your other
|
||||
terminal window you can start the torsocks proxy connection like
|
||||
so:
|
||||
|
||||
$ . torsocks on
|
||||
|
||||
This will respond back with: _"Tor mode activated. Every command will be
|
||||
torified for this shell."_ And that's exactly it. You should be fully running
|
||||
now and able to try your ssh connection.
|
||||
This will respond back with: _"Tor mode activated. Every command
|
||||
will be torified for this shell."_ And that's exactly it. You
|
||||
should be fully running now and able to try your ssh connection.
|
||||
|
||||
### Step 6: ssh
|
||||
|
||||
|
|
Loading…
Reference in New Issue