YaaO SSH VPN

May 6, 2015

The title is Yet Another Article On SSH VPN, so this is used as a personal note keeping for creating a SSH VPN using a manual method.

We assume that we have the server.example.com running OpenBSD with ip 192.0.2.1/24 and the client.example.com running Linux with ip 192.0.2.2/24. The tun that we will create will use the IPs 198.51.100.1/24 on the server side and 198.51.100.2/24 on the client side.

  • Enable the support on server side. Put in /etc/ssh/sshd_config:
    PermitTunnel yes
    

    Also in this case point-to-point will be enough.

  • Client side:
    client# ip tuntap add dev tun0 mode tun
    client# ifconfig tun0 198.51.100.2 pointopoint 198.51.100.1
    
  • Server side:
    server# ifconfig tun0 create
    server# ifconfing tun0 198.51.100.1 195.51.100.2
    
  • For the final ssh:
    client$ ssh -w 0:0 server.example.com
    

Since in both machines we use the tun0 interface on the -w option we use the 0:0. If the server was using tun1 then the option whould be -w 0:1.
Then we need the relevant route commands to make the traffic flow this ssh vpn tunnel.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: