tor-beacon


A script that creates a Tor hidden service for remote SSH access. Since onion addresses are persistent, this is a perfect way to reach devices behind NATs, firewalls, or networks you don't control.

Works on: Linux (apt/systemd).

/about

An onion service (also called "hidden service") lets you expose a local port, in this case SSH, through the Tor network. The device gets a persistent .onion address that works from anywhere in the world, no port forwarding or dynamic DNS required.


/requirements

  • Linux with root access (Debian/Ubuntu)
  • Internet connection (for Tor to connect to the network)

/install

Pipe to bash for one-shot setup:

curl -sL https://marcp.xyz/tor-beacon.sh | sudo bash -s setup --name mydevice

/usage

First time (run once):

sudo tor-beacon setup --name device_name

# Custom SSH port (default: 2222)
sudo tor-beacon setup --name device_name --port 1234

Use:

tor-beacon start
tor-beacon stop
tor-beacon status
tor-beacon address --name mydevice

Connect from anywhere:

torify ssh user@<onion-address>

/how-it-works

The script does four things:

  1. Installs Tor via apt
  2. Changes SSH port in sshd_config
  3. Appends a HiddenServiceDir + HiddenServicePort block to torrc
  4. Starts Tor, which generates a persistent .onion address

The onion address lives in /var/lib/tor/<name>_onion/hostname and survives reboots. As long as Tor is running, the device is reachable via that address.


/source

View the script: tor-beacon.sh