neocities.org/~ake
// articles::ssh_tunnel

SSH point-to-point tunnel minihowto

Prerequesites

Add or uncomment this line in /etc/ssh/sshd_config of remote machine

PermitTunnel yes

Remote machine setup

Setup TUN virtual interface

# ip tuntap add tun[remote interface number] mode tun # ip link set dev tun[remote interface number] up

Set address for interface. [remote address] – IP address with prefix that will be used for connection on remote machine, [local address] – that will be used for connection on local machine.

# ip address add [remote address] peer [local address] dev tun[remote interface number]

Setup routing

# ip route add [address network] via [remote address]

Local machine setup

Setup TUN virtual interface

# ip tuntap add tun[local interface number] mode tun # ip link set dev tun[local interface number] up

Set address for interface

# ip address add [local address] peer [remote address] dev tun[remote interface number]

Setup routing

# ip route add [address network] via [local address]

Starting tunnel

ssh -v -N -f -p [remote machine port] \ -o Tunnel=point-to-point -o ServerAliveInterval=10 -o TCPKeepAlive=yes \ -w [local machine interface number]:[remote machine interface number] \ [remote machine IP/domain]
Go back Go to index