I hope I’m not commenting too late, but your posting inspired me writing a script that automates setting up a new onion service and configuring a sshd-daemon that only listens on the .onion address.
Not super important when you are running behind a NAT, but if you want to have an anonymous onion service for a host that also listens on a public interface, something like this is highly recommended.
I hope I’m not commenting too late, but your posting inspired me writing a script that automates setting up a new onion service and configuring a sshd-daemon that only listens on the
.onionaddress.https://github.com/norpol/opensshd-tor-easy-setup/tree/master
Not super important when you are running behind a NAT, but if you want to have an anonymous onion service for a host that also listens on a public interface, something like this is highly recommended.
It would be interesting to get a version working for v3 tor addresses which are much bigger.