Title: Tor part 1: how-to use Tor
       Author: Solène
       Date: 10 October 2018
       Tags: openbsd unix tor security
       Description: 
       
       Tor is a network service allowing to hide your traffic. People
       sniffing your network will not be able to know what server you reach
       and people on the remote side (like the administrator of a web
       service) will not know where you are from. Tor helps keeping your
       anonymity and privacy.
       
       To make it quick, tor make use of an entry point that you reach
       directly, then servers acting as relay not able to decrypt the data
       relayed, and up to an exit node which will do the real request for
       you, and the network response will do the opposite way.
       
       You can find more details on the
       [Tor project homepage](https://www.torproject.org).
       
       Installing tor is __really__ easy on OpenBSD. We need to install it,
       and start its daemon. The daemon will listen by default on localhost
       on port 9050. On others systems, it may be quite similar, install the
       tor package and enable the daemon if not enabled by default.
       
           # pkg_add tor
           # rcctl enable tor
           # rcctl start tor
       
       Now, you can use your favorite program, look at the proxy settings and
       choose "SOCKS" proxy, v5 if possible (it manage the DNS queries) and
       use the default address: `127.0.0.1` with port `9050`.
       
       If you need to use tor with a program that doesn't support setting a
       SOCKS proxy, it's still possible to use **torsocks** to wrap it, that
       will work with most programs. It is very easy to use.
       
           # pkg_add torsocks
           $ torsocks ssh remoteserver
       
       This will make ssh going through tor network.
       
       Using tor won't make you relaying anything, and is legal in most
       countries. Tor is like a VPN, some countries has laws about VPN, check
       for your country laws if you plan to use tor. Also, note that using
       tor may be forbidden in some networks (companies, schools etc..)
       because this allows to escape filtering which may be against some kind
       of "Agreement usage" of the network.
       
       I will cover later the relaying part, which can lead to legal
       uncertainty.
       
       Note: as torsocks is a bit of a hack, because it uses LD_PRELOAD to
       wrap network system calls, there is a way to do it more cleanly with
       ssh (or any program supporting a custom command for initialize the
       connection) using netcat.
       
           ssh -o ProxyCommand='/usr/bin/nc -X 5 -x 127.0.0.1:9050 %h %p'
       address.onion
       
       This can be simplified by adding the following lines to your
       **~/.ssh/config** file, in order to automatically use the proxy
       command when you connect to a .onion hostname:
       
           Host *.onion
           ProxyCommand='/usr/bin/nc -X 5 -x 127.0.0.1:9050 %h %p'
       
       This netcat command is tested under OpenBSD, there are differents
       netcat implementations, the flags may be differents or may not even
       exist.