This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Re:minor additions

Posted by: Administrator on June 13, 2006 06:39 AM
Yes, see the "PermitTunnel" setting in sshd_config's man page for server side and esp. the "-w" command line switch in ssh's man page. Note that on client side the user needs access to<nobr> <wbr></nobr>/dev/net/tun (udev/Linux) and the same for server side. If you have set "PermitTunnel" to "yes" on server side's sshd_config, the following should work (given that tun is available in the kernel):


tty1$ ssh -w any:any root@server.side


you can then configure the devices on both ends of the tunnel using {ip,ifconfig+route}. Setting up an authentication agent and using passwordless SSH, this can easily be integrated in a script:

<tt>ssh -w any:any root@server.side sh -c 'ifconfig tun0 up 192.168.99.1; route add -net 192.168.99.0/24 dev tun0; sleep 72000' ><nobr> <wbr></nobr>/dev/null &
sleep 5
ifconfig tun0 up 192.168.99.2
route add -net 192.168.99.0/24 dev tun0
echo Tunnel has been set up.
fg</tt>
(this is an untested example)

#

Return to Creating virtual private networks with tsocks and VTun