TL;DR
This guide shows you how to build a basic anonymous network using Tor and SSH tunnels. It’s not foolproof, but it adds layers of privacy by hiding your IP address and encrypting your traffic.
Setting up an Anonymous Network
- Choose a Server: You’ll need a server you control (e.g., a VPS from DigitalOcean, Linode, or Vultr). Make sure it’s in a different location than your own.
- Install Tor on the Server: Connect to your server via SSH and install Tor.
sudo apt updatesudo apt install tor - Configure Tor Hidden Service: Edit the Tor configuration file (usually
/etc/tor/torrc) to create a hidden service.sudo nano /etc/tor/torrcAdd these lines at the end of the file:
HiddenServiceDir /var/lib/tor/hidden_service/HiddenServicePort 80 127.0.0.1:80(Change port 80 if needed, and adjust the internal IP/port to match your desired service.)
- Restart Tor: Restart the Tor service for the changes to take effect.
sudo systemctl restart tor - Find Your Onion Address: Check the hidden service directory for the onion address (hostname).
cat /var/lib/tor/hidden_service/hostnameThis will output a 16-character alphanumeric string followed by ‘.onion’. Keep this safe!
- Set up SSH Tunnel: On your local machine, create an SSH tunnel to the server.
ssh -D 9050 user@your_server_ip(Replace
userandyour_server_ipwith your actual username and server IP address.9050is a common port for SOCKS proxies.) - Configure Your Applications: Configure applications (like web browsers) to use the SOCKS proxy at
localhost:9050.- Firefox: Go to Settings > General > Network Settings > Settings… Choose ‘Manual proxy configuration’ and set SOCKS Host to
localhost, Port to9050. - Chrome/Edge: Use a Chrome extension like Proxy SwitchyOmega or launch with command-line flags (less user-friendly).
- Firefox: Go to Settings > General > Network Settings > Settings… Choose ‘Manual proxy configuration’ and set SOCKS Host to
- Verify Your Anonymity: Visit a website that shows your IP address (e.g.,
whatismyipaddress.com) while using the tunnel and onion address. It should show the server’s IP, not yours.
Important Considerations
- Security: This setup is a basic starting point. For stronger anonymity, consider using multiple Tor hops, VPNs in addition to Tor, and regularly auditing your system.
- SSH Security: Secure your SSH server with strong passwords or key-based authentication, disable password login, and use fail2ban to prevent brute-force attacks.
- Tor Browser: Using the Tor Browser is generally more secure than configuring a regular browser because it’s pre-configured for anonymity.
- Traffic Analysis: Be aware that traffic analysis can still potentially deanonymize you, especially if you are using predictable patterns.