cross-posted from: https://infosec.pub/post/10908807
TLDR:
If I use SSH as a Tor hidden service and do not share the public hostname of that service, do I need any more hardening?
Full Post:
I am planning to setup a clearnet service on a server where my normal “in bound” management will be over SSH tunneled through Wireguard. I also want “out of bound” management in case the incoming ports I am using get blocked and I cannot access my Wireguard tunnel. This is selfhosted on a home network.
I was thinking that I could have an SSH bastion host as a virtual machine, which will expose SSH as a a hidden service. I would SSH into this VM over Tor and then proxy SSH into the host OS from there. As I would only be using this rarely as a backup connection, I do not care about speed or convenience of connecting to it, only that it is always available and secure. Also, I would treat the public hostname like any other secret, as only I need access to it.
Other than setting up secure configs for SSH and Tor themselves, is it worth doing other hardening like running Wireguard over Tor? I know that extra layers of security can’t hurt, but I want this backup connection to be as reliable as possible so I want to avoid unneeded complexity.
WCGW?
Tell me
Accidentally typo your password and get blocked. And if you’re tunneling over tor, you’ve blocked 127.0.0.1 which means now nobody can login.
How would is a typo possible if one is using a password manager?
Not OP but I’ve accidentally fingered another key a split second before hitting enter a few times. It’s not implausible.
True, but I thought we are talking about security here…?
A secure but inaccessible server is useless.
Security must take into account the needs of the real world.