|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
||||
I have played with it, to see how it worked, but have never used it in production. To the best of my recollection, root access is indeed required in order to establish the tunnels.
The way to use an existing device is described in the ssh(1) man page, look at the syntax for the -w option. I can't recall if I tested that feature, or not. |
|
||||
Quickly played with it again, under qemu.
Confirming: root required on both gateways. After logging in, the connecting gateway can exit the shell -- the SSH session will remain established until a ctrl-C. (I did not test this with any scripting, just from console.) One can easily pre-establish tuns with specific addressing configurations and use -w local:remote to select them. |
|
|||
@jggimi
Could you plz throw down what syntax you used? not quite a how to i was just wanting a comparision, if you have a "road warrior" type setup could you plz throw some of that down too? thx.
__________________
The more you learn, the more you realize how little you know .... |
|
||||
As I stated, I have only -played- with SSH VPNs, I have not ever used one in production. For production, these days, I am using IPSec.
A discussion of SSH VPNs, including syntax, can be found right in the ssh(1) man page, under the section called SSH-BASED VIRTUAL PRIVATE NETWORKS. There's another example in the OpenBSD Journal, which uses the ssh configuration files to eliminate the need for -w. Additional details of SSH VPN were discussed in an interview Damien Miller gave to SecurityFocus when OpenSSH 4.3 was about to be released. |
|
|||
Thx jmmigi, I have gone over the man pages for ssh a couple of times, i am happy with my current SSH and OpenVPN setup but am always looking/wanting to try something new or otherwise.
Im going to read the 2 other links you provided, i was actually wondering what YOU had typed at the command line to make this happen ... Reading the OpenBSD journal link right now, seeing what i could use this setup for.
__________________
The more you learn, the more you realize how little you know .... |
|
|||
-> jmmigi
Thx i do have a working setup, i was just wanting to see if you had anything special to add i could reverse analyze ... no matter though not sure how much extra tweaking can be done to this, thx for response.
__________________
The more you learn, the more you realize how little you know .... |
Thread Tools | |
Display Modes | |
|
|