[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Host Hidden Services on a remote rooted physical server (not Virtual)

Support
#1

want to use whonix to host hidden services on a remote dedi physical server with root access. It is a Debian system. I can SSH through Tor into the Physical server and install, start the Virtualbox and register the Whonix VM’s using CLI. But cannot find a way to SSH into Whonix Gateway and workstation using tor to setup the webserver and other details.

I can perform the above task with a vpn but as u know they would be more than willing to give up my ip. The main issue is, I want to set the entire stuff up using Tor. The issue that comes with Tor, is that I cannot use it alongwith RDP to accomplish the stuff.

I have the read the documentation regarding SSH into Whonix Gateway and Workstation, but I think it comes with a fair warning, any help is appreciated.

thnx & regards
newbee

#2
But cannot find a way to SSH into Whonix Gateway and workstation using tor to setup the webserver and other details.
First of all, I advise to exercise with https://www.whonix.org/wiki/File_Transfer#SSH_into_Whonix-Gateway on your local computer. When you succeeded, you can try the same on a remote machine.
I can perform the above task with a vpn but as u know they would be more than willing to give up my ip.
I'd use a locally installed Whonix and connect to the server only using Whonix-Workstation.
The main issue is, I want to set the entire stuff up using Tor.
No problem.
The issue that comes with Tor, is that I cannot use it alongwith RDP to accomplish the stuff.
See also: http://tor.stackexchange.com/questions/3407/rdp-over-tor-safe

I’d use encrypted/authenticated TCP VNC over Tor (user -> Tor -> VNC -> destination) or unencrypted/unauthenticated TCP VNC over VPN over Tor (user -> Tor -> VPN -> VNC -> destination).

I have the read the documentation regarding SSH into Whonix Gateway and Workstation, but I think it comes with a fair warning, any help is appreciated.
Yes, it's quite difficult due to bugs in ssh.
#3

Also related:

#4

Thnx Patrick for the detailed and prompt reply, it helped to clear up some confusions. I checked with the links you provided :

and was curious about mirmir’s comment:

Working from Debian-like VMs, I've used Remmina to access VirtualBox VMs, running on remote servers, via RDP with TLS via Tor. I've also used it to access hosted VPS via RDP via SSH via Tor.

So the question is, can it be done in case of Whonix?

Taking into account your suggestion:

I'd use a locally installed Whonix and connect to the server only using Whonix-Workstation.

I searched a little more and came across NoMachine FreeNX (https://www.nomachine.com/) a better and faster (touted by its creators) option and includes SSH and compression to reduce latency. It is available for debian, I plan to install it on my locally installed Whonix workstation and use it to connect to the remote server. The real question is, will it work, RDP over tor, will it be safe, will there be any DNS or IP leaks. I don’t know.

But as mentioned in the documentation that all outgoing internet connections from Whonix workstation are torrified, so in this case I can expect

Local Whonix Workstation > Tor > NoMachine (RDP) > Remote server

It will be the first thing I plan to do tomorrow.

would appreciate your opinion on this

#5

No idea. If it works with Tor, it should work with Whonix as well. Worth a try.

I searched a little more, I came across NoMachine FreeNX (https://www.nomachine.com/) a better and faster (touted by its creators) option and includes SSH and compression to reduce latency. It is available for debian, I plan to install it on my locally installed Whonix workstation and use it to connect to the remote server. The real question is, will it work, RDP over tor, will it be safe, will there be any DNS or IP leaks. I don't know.
There should be no IP / DNS leaks either way. This is one of Whonix's main features.

Dunno, haven’t checked, NoMachine looks like non-Free software. In my opinion problematic since not Open Source, difficult to verify downloads. I’d attempt to cook something up using Free Software from Debian apt repositories. OpenVPN, SSH, VNC, and more, they have it all.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]