Date: Wed, 2 Aug 2000 11:04:22 -0400 (EDT) From: Brian Dean <bsd@bsdhome.com> To: Steve Hocking <shocking@hstn.tensor.pgs.com> Cc: hackers@FreeBSD.ORG Subject: Re: Virtual interaces and tunneling stuff over SSH Message-ID: <Pine.BSF.4.21.0008021053290.34507-100000@vger.bsdhome.com> In-Reply-To: <200008012142.QAA05077@penguin.hstn.tensor.pgs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Aug 2000, Steve Hocking wrote: > Is is possible to use an SSH connection with a tun interface at > either end, such that one could have a VPN? I'm tired of waiting for > people here to make a decision on a package and would like to have a > proof of concept up and running. Extra points for those who can do > the same thing with a Linux box at one end. # Change the following parameters as appropriate user= host= key=/home/bsd/.ssh/vpnkey laddr=192.168.251.2 raddr=192.168.251.1 /usr/local/bin/pty-redir \ /usr/bin/ssh -t -e none -o 'Batchmode yes' \ -i $key -l $user \ $host > $HOME/vpndev /usr/sbin/pppd `cat $HOME/vpndev` debug $laddr:$raddr # wait a few seconds for the connection to establish Your connection will be on ppp0. The remote side should have /usr/sbin/pppd as the login shell (or you can specify in it on the ssh command like, I'm pretty sure). If you use this method, you will need to modify pty-redir slightly so that it's child sleeps for a second or so before execing ssh. This works around a combination of non-standard behaviour in our pty ioctl(), and, I believe, a mis-use of 'isatty()' in ssh. -Brian -- Brian Dean bsd@FreeBSD.org bsd@bsdhome.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008021053290.34507-100000>