A users traffic through Tor?
Since I have some idling cloud servers with Debian, I was thinking of making a remote desktop which connects only through Tor (similar to a VPN) but without being allowed clear traffic. This would mean a specific user of which traffic forcefully goes just through a Tor connection, but the rest of users and services on server don't use Tor (to connect to the cloud server using SSH for example).
I am curious if there is some easy script for such install, or if anyone tried it.
Stop the planet! I want to get off!
Comments
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TransparentProxy/#local-redirection-through-tor
You just need to tweak the snippet provided to process only specific uid(s). Currently it skips Tor for a specific uid (required for Tor to work properly, as you can't loop Tor daemon traffic into Tor using the same process), all other users are forced to be run under Tor.
Check our KVM VPS (flags are clickable): π΅π± πΈπͺ | Looking glass: π΅π± πΈπͺ
Check out Kasm Workspaces. There is one prebuilt container running only tor browser with no other apps. All conterners come with remote desktop, directly within any browser, without the need of installing anything on the client. Can create multiple users each running their own isolated tor browser container. Requires a lot of RAM though, each container eats up 3GB, 10 users simultaneously require at least 30GB, more users even more.
Easy install on bare metal Debian with in 2 lines, give it a certificate or use a reverse proxy and the management interface is ready to go. Install the tor browser container and add some users (supports all popular authentication protocols). Login and start using the Remote Desktop in any browser as if it were a local machine.
(Tor browser sends all of its traffic through the tor network)
The thing is I want all traffic of user to go through Tor.
Stop the planet! I want to get off!
If the prebuilt containers are not enough. You can build your own containers with all traffic going through tor and nowhere else. Since each User and each container is isolated, they canβt communicate with each other.
I love this project because of its near native performance, almost no latency/lags unlike conventional VNC and RDP which are both garbage. Feels like GeForce NOW.
Are you talking about piggybacking or bouncing?
Free Hosting at YetiNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
Basically I want a remote desktop, but I must connect to server using SSH (like X2Go) and desktop is to forcefully use only Tor for all online usage (not just browser; real connection is to be blocked for that user).
I do not know if anyone did this. I managed to do with with a VPN, but not with Tor. It is something I want to try for fun; I don't even know if this is possible in an easy preset config.
Stop the planet! I want to get off!
So basically what you are looking for is using a VM(Remote Desktop) with all it's traffic going through Tor so when someone connects all traffic is tunneled through Tor?
Which OS is the desktop?
Free Hosting at YetiNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
No. Nobody connects. It is just me. Only I connect remotely. The idea is to not use just Tor Browser; everything must go through Tor for that user.
Stop the planet! I want to get off!
Right I was using the someone as a placeholder. So the VM would be connected to Tor all the time, and any network traffic goes through the Tor network before it gets to it's destination correct?
Free Hosting at YetiNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
You can try proxychains + tor daemon.
Though this will only be picked up by apps respecting the proxy env var.
For inbound connections, you can use Tor Hidden Service feature. But I don't think you will have usable it as a desktop (latency too high and throughput is pretty low). But it should be sufficient for SSH.
Check our KVM VPS (flags are clickable): π΅π± πΈπͺ | Looking glass: π΅π± πΈπͺ