Start9 User Manual Using SSH

Using SSH¶

Creating an SSH Key (Linux/Mac)¶

Open a terminal and enter the following command, replacing the example email address with your own (or, alternatively, a comment):
ssh-keygen -t ed25519 -C "your_email@example.com"
You will be asked to Enter a file in which to save the key - we recommend you press Enter to use the default location
Create a strong passphrase and save it somewhere safe, or press Enter for no passphrase
Next, start your system’s ssh-agent and add your key to it:
eval "$(ssh-agent -s)" ssh-add ~/.ssh/id_ed25519
Note that if you changed the file name/location in step 1, you will need to use that file/path in this step

You can now access your Embassy from the command line (Linux and Mac) using:
ssh root@<LAN URL>

Replacing <LAN URL> with your Embassy’s LAN (embassy-xxxxxxx.local) address

Note

The following guide requires that you have already added an SSH key to your Embassy.

Caution

SSH over Tor is only supported on Linux, though it may also work on Windows with Torifier.

First, you’ll need one dependency, torsocks, which will allow you to use SSH over Tor on the machine that you want access with. Select your Linux flavor to install:
apt install torsocks
pacman -S torsocks
SSH in:
Warning

The changes you make here are on the overlay and won’t persist after a restart of your Embassy.
ssh root@embassy-xxxxxxx.local

Using Vim or Nano, add the following 2 lines to /etc/tor/torrc

HiddenServiceDir /var/lib/tor/ssh
HiddenServicePort 22 127.0.0.1:22

Tip

You can also add these lines by running the following command:

echo "HiddenServiceDir /var/lib/tor/ssh" >> /etc/tor/torrc && echo "HiddenServicePort 22 127.0.0.1:22" >> /etc/tor/torrc

To log in, simply use the following command, using the “.onion” hostname you printed above:

torsocks ssh root@xxxxxxxxxxxxxxxxx.onion