Include / Easy configuration of onion-service ssh daemon

[willscott]

Ideally remote connection to a sgos machine would be be done by ssh'ing to an onion service. It would be great if that was the default configuration that occurs when sshd is installed.

[ioerror]

I think this is as simple as adding these two lines to /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/ssh_hidden_service/
HiddenServicePort 22 127.0.0.1:22

As well as installing opensshd like so:

sudo apt-get install openssh-server

It is likely that in this case, we'd want to only bind to local host by setting this config option in /etc/ssh/sshd_config:

ListenAddress 127.0.0.1

In the future, I think an ideal thing would be to patch OpenSSH to listen on unix sockets (Tor can make a Tor HS that is a unix socket rather than a tcp/ip end point) and then to spin up sshd inside of an oz container with only unix sockets and Tor HS for connectivity.