On 01/04/2019 10:57 AM, Thomas Güttler wrote: > What is the current state of the art if you want to create VPN over ssh? It might depend on your Platform (I've been essentially Linux-only these past years), but I have a section "SSH-BASED VIRTUAL PRIVATE NETWORKS" in the "ssh" manpage of even rather old OpenSSH versions ... (It requires *root* access on both ends to configure tun* interfaces, but since you were discussing installing additional proxying(?) software, I guess that you have that.) (It also assumes that the subnets involved don't have addresse collisions. I suppose that one *could* resolve that with NATing in both peers' iptables, but it'ld promise to be quite a lot of careful work IMHO.) On 01/04/2019 12:50 PM, Jan Bergner wrote: > I see your point. Remote work on a production system always makes my > heart beat faster, too. ^^ You don't have production systems installed at colo/hosting/housing provider sites, then. ;-) :-S (Preparing for semisolids-in-the-gas-moving-device situations by having remote OOB access to "consoles" - from modem-at-the-RS232-port to servers' management NICs offering ILO/iDRAC/EXPRESSSCOPE/whatsitsname - and hardware health monitoring quickly becomes second nature, including on "local" platforms - in case you're actually *not* "local" when the cell phone rings and have to VPN into the company "L"AN beforehand.) Regards, -- Jochen Bern Systemingenieur www.binect.de www.facebook.de/binect _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev