Pietro Abate homepage

We live in a nat-ed / firewall-ed world. Almost all DSL providers don't give public IPs and when the do, they are often behind a draconian firewall. In this context having an emergency remote shell, despite not fast and not public is very handy. A simple way to solve this problem it to create a hidden server on the tor network and the access the shell from anywhere in the world without caring of change of IPs, routing, dns or anything else.

On debian you can just install tor from the official repository. Since Tor is not available in ubuntu (but it is available on debian), we need to get it directly from the tor website. There is a nice write-up on the ubuntu site : https://help.ubuntu.com/community/Tor . And these are the details on the tor website.

So we add this to apt.sources

and the we aptitude install tor .The package will install and run by default the tor daemon. Next step is to edit /etc/tor/torrc to add the proxy server.

Remember also to install the openssh-server server if you don't have it already. And this is it. In the directory /var/lib/tor/ssh/ you will find a file with the hostname on the TOR ring that you have to use to connect to you new hidden server.

On the client side we need to aptitude install connect-proxy. It's a simple tool to tunnel ssh through a socks5 connection. Now you are ready to test. In your ~/.ssh/config you can simply add something like

and then ssh-way youronionhost.onion server . The connection will be veeeeery slow since you are going through different layers of encryption and indirection. You should also check the hostid of your server before connecting and dropping in a pub-key as you should never trust your friendly TOR providers (US govt, Chinese gvt, Iranian govt, etc ...).

For emergency is actually pretty handy. For anything else if will make you die of boredom ...

Update

" I know you think you understand what you thought I said but I'm not sure you realize that what you heard is not what I meant" — Alan Greenspan

I've just attended the workshop Datastream: My own private info at the Open World Forum in paris. A very sensitive topic nowadays and the speakers around the table raised a number of interesting points.

Sunil Abraham, Policy Director, Center for Internet and Society (India), started his contribution pointing out the privacy is very much a related to the local culture and history of a country. In India for example, the expectation of privacy is dramatically different from western countries. A very interesting example is the amount of information that is already "encoded" in the name of the person. Being India a country based on a cast system, the name of the person, not only gives away the social status and religion of a person, but also his sex and location. Very common question during every day conversation are also related to salary, spending and wealth. Questions that are somehow taboo in western countries. This lead to very different perception and expectation of privacy that is not clearly reconcilable with western practice and policies. This also allows the Indian government to establish policies that that from a western point of view are completely unacceptable.

A different angle is proposed by the sociologist Dominique Cardon working for Orange. He points out the important difference between government surveillance versus collateral surveillance, as the stoking from people in their circle as parents, neighborhoods, etc. The large majority of people when confronted with questions about privacy often show great concerns and fears about the big brother spying on them, However, he points out, there is a clear cut between these concerns and the quantity of information that each individual then puts on the web. The problem being the distinction that unconsciously people make between data they want to share with their social network and the world as a whole (composed of governments and unknown individuals). Facebook and other social network greatly emphasize the idea of a network of friends giving people the false idea that the data they share is truly private, or restrict to a small circle of friends, when reality shows that these tools are often exploited by other individual or entities to dig information and make profit on personal data.

Somebody in the audience framed the same problem as and identity issue in the digital worlds. As he put it, people starts to develop split digital personalities (i.e. a personal facebook account and a work facebook account) in order to defend themselves from snooping and surveillance. There is clearly a need to reconcile these personalities by technological means creating privacy contexts instead of fostering the creation of completely separated and antithetic digital personae that can have repercussions on the way poeple behave in the real world.

Djordje Djokic (European rights and privacy protection on the Internet), gave a quite broad overview of the political issues related to privacy. Despite privacy being a fundamental right upon which many other rights are based, from a legal prospective it is impossible to define privacy. This is due to the fact that national policies are local while digital privacy is a global problem. If we put together this with the cultural difference among states, in the short term it will be very difficult to safe guard citizens against privacy speculators. He also made an interesting points about privacy safe heavens that can attract activists and agencies due to better legal protections.

I point I made is about the future. It seems that the entire debate was focus about the state actual state of affairs. The FLOSS community has debated for long time now about privacy and technological solutions. Enlightening talks like Eben Moglen many times this year gave rise to interesting projects like the freedom box project . The Diaspora project that will hopefully take off the ground sometimes soon, promises to offer and distributed and decentralized alternative to facebook. Status Net and Identica are also two very interesting platforms built on free and open source software that I hope will take over, or at least pave the path for commercial alternatives.

One of the biggest challenge of course is about education. People don't understand the pitfall of many so called "free" services like facebook or twitter. These companies effectively make money on your willingness to give away information about you, your friends and your life. The large majority of the community is not aware of these problems. This makes it very difficult to privacy advocates to push policies changes because of the lack of interest with the general public. Politicians in particular do not really grasp these problems. Now we even start to see regional and national politician embracing privacy-less social medias making it difficult to for the public to move away from them at the price of being excluded from the democratic life of their country.

National education certainly do not have yet in their curricula topics such as privacy and new medias. Kids often learn from their peers and are enticed by the rich offer of these companies. This state of affair allows facebook or google founders to declare that people today do not have anymore an expectation of privacy. I personally strongly disagree with this position and I hope these will change in the future with privacy aware social media, maybe decentralized, but certainly built in a way to let individuals to retain complete ownership and control over their digital life.

The path to shift the actual tendency is certainly steep. A first step, from a technological point of view, is to create something stable and sound. But the second step, to get weight among todays' big players is to create new and exciting services. Selling an alternative to somebody that does not understand the problem of privacy is already difficult enough (and the story about desktops on linux should already have show why this does not work in this monopolistic world). The strong selling point should be about new services, exciting new way to interact and seamlessly integration with nowadays platforms.

I've always wondered why iceweasel won't paste my selection into the search area from a gnome terminal. It turned out that to put something in the gnome clipboard from a gnome terminal is not enough to select the piece of text with your mouse, but you need to explicitly do "Ctrl + shift + v" . Then in iceweasel you can use "shift insert" . Kind of brain-dead for me. So if i want to search a word I've on a terminal I've to :

• select the word with the mouse
• ctrl + insert OR Ctrl + shift + v to store the word in the clipboard
• alt + tab to get focus on iceweasel
• ctrl + k to focus on the search form
• shift + insert OR Ctrl + v to copy
• return

wowwwwww !

This nice post explain the root of the problem related to the gnome terminal. This gives a bit of general background.

If you just want to search something, you can try the gnome applet gspot. It's nice, works (I tried only 5 minutes), but doesn't allow you to configure common short-cuts. You are always obliged to use the mouse. googlizer is another applet that has the same problem are gspot, and it limited to google only (while gspot has many search engines built-in).

bah, for the moment I'm a bit stuck ...

Update

A very nice solution :

shell power !