Re: VPN over SSH: State of the art?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 01/04/2019 10:57 AM, Thomas Güttler wrote:
> What is the current state of the art if you want to create VPN over ssh?

It might depend on your Platform (I've been essentially Linux-only these
past years), but I have a section "SSH-BASED VIRTUAL PRIVATE NETWORKS"
in the "ssh" manpage of even rather old OpenSSH versions ...

(It requires *root* access on both ends to configure tun* interfaces,
but since you were discussing installing additional proxying(?)
software, I guess that you have that.)

(It also assumes that the subnets involved don't have addresse
collisions. I suppose that one *could* resolve that with NATing in both
peers' iptables, but it'ld promise to be quite a lot of careful work IMHO.)

On 01/04/2019 12:50 PM, Jan Bergner wrote:
> I see your point. Remote work on a production system always makes my
> heart beat faster, too. ^^

You don't have production systems installed at colo/hosting/housing
provider sites, then. ;-) :-S

(Preparing for semisolids-in-the-gas-moving-device situations by having
remote OOB access to "consoles" - from modem-at-the-RS232-port to
servers' management NICs offering ILO/iDRAC/EXPRESSSCOPE/whatsitsname -
and hardware health monitoring quickly becomes second nature, including
on "local" platforms - in case you're actually *not* "local" when the
cell phone rings and have to VPN into the company "L"AN beforehand.)

Regards,
-- 
Jochen Bern
Systemingenieur

www.binect.de
www.facebook.de/binect
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux