TOR-BEACON(1)marcp.xyzTOR-BEACON(1)

NAME

tor-beacon - Explanation and setup script

SYNOPSIS

Pipe to bash for one-shot setup:

curl -sL https://marcp.xyz/scripts/tor-beacon.sh | sudo bash -s setup --name mydevice

DESCRIPTION

A script that creates a Tor hidden service for remote SSH access. Since onion addresses are persistent, this is a perfect way to reach devices behind NATs, firewalls, or networks you don't control.

Works on: Linux (apt/systemd).

An onion service (also called "hidden service") lets you expose a local port, in this case SSH, through the Tor network. The device gets a persistent .onion address that works from anywhere in the world, no port forwarding or dynamic DNS required.

NOTES

The script does four things:

  1. Installs Tor via apt
  2. Changes SSH port in sshd_config
  3. Appends a HiddenServiceDir + HiddenServicePort block to torrc
  4. Starts Tor, which generates a persistent .onion address

The onion address lives in /var/lib/tor/<name>_onion/hostname and survives reboots. As long as Tor is running, the device is reachable via that address.

View the script: tor-beacon.sh

GPLv3. See gnu.org/licenses/gpl-3.0

EXAMPLES

First time (run once):

sudo tor-beacon setup --name device_name

# Custom SSH port (default: 2222)
sudo tor-beacon setup --name device_name --port 1234

Use:

tor-beacon start
tor-beacon stop
tor-beacon status
tor-beacon address --name mydevice

Connect from anywhere:

torify ssh user@

SEE ALSO

ssh-port-forwarding(1)

marcp.xyz2025-09-28TOR-BEACON(1)