VPN with SSH
来源:互联网 发布:sjf调度算法例题 编辑:程序博客网 时间:2024/05/16 23:01
原贴:http://cb.vu/unixtoolbox.xhtml#ssh
VPN with SSH
As of version 4.3, OpenSSH can use the tun/tap device to encrypt a tunnel. This is very similar to other TLS based VPN solutions like OpenVPN. One advantage with SSH is that there is no need to install and configure additional software. Additionally the tunnel uses the SSH authentication like pre shared keys. The drawback is that the encapsulation is done over TCP which might result in poor performance on a slow link. Also the tunnel is relying on a single (fragile) TCP connection. This technique is very useful for a quick IP based VPN setup. There is no limitation as with the single TCP port forward, all layer 3/4 protocols like ICMP, TCP/UDP, etc. are forwarded over the VPN. In any case, the following options are needed in the sshd_conf file:PermitRootLogin yesPermitTunnel yes
Single P2P connection
Here we are connecting two hosts, hclient and hserver with a peer to peer tunnel. The connection is started from hclient to hserver and is done as root. The tunnel end points are 10.0.1.1 (server) and 10.0.1.2 (client) and we create a device tun5 (this could also be an other number). The procedure is very simple:- Connect with SSH using the tunnel option -w
- Configure the IP addresses of the tunnel. Once on the server and once on the client.
Connect to the server
Connection started on the client and commands are executed on the server.Server is on Linux
cli># ssh -w5:5 root@hserversrv># ifconfig tun5 10.0.1.1 netmask 255.255.255.252 # Executed on the server shell
Server is on FreeBSD
cli># ssh -w5:5 root@hserversrv># ifconfig tun5 10.0.1.1 10.0.1.2 # Executed on the server shell
Configure the client
Commands executed on the client:cli># ifconfig tun5 10.0.1.2 netmask 255.255.255.252 # Client is on Linuxcli># ifconfig tun5 10.0.1.2 10.0.1.1 # Client is on FreeBSDThe two hosts are now connected and can transparently communicate with any layer 3/4 protocol using the tunnel IP addresses
- VPN with SSH
- [linux]ssh vpn(vpn)
- Easy VPN with PIX
- IPsec vpn with NAT
- Nmap - scan host with VPN
- PIX 7.0 VPN with Cisco VPN client 4.6.03
- SSH with config
- github with SSH
- 解决Ubuntu ssh VPN 登录慢问题
- Proxy、SSH 和 VPN 的区别
- Proxy、SSH 和VPN 的区别
- putty + vpn利用ssh tunnel访问google
- Proxy、SSH 与 VPN 的区别
- Mac OS X, VPN, Privoxy, SSH, Proxy
- VPN 和 SSH 代理的区别
- Remote Access VPN with PIX(PPTP)
- Authenticate VPN users with RADIUS and XAuth
- Configuring IPsec VPN with Kerio Control
- Linux多系统安装方法
- 英语学习
- application.xml Deployment Descriptor
- 买本本的心得
- weblogic-application.xml Deployment Descriptor
- VPN with SSH
- Linux以及各大发行版介绍
- 不规则窗体和控件的创建
- epoll相关资料整理
- By Reference or By Pointer in Method Arguments
- Multi Data Sources
- UVa Problem Solution: 10252 - Common Permutation
- 网站制作代码优化的小技巧
- 英语学习