FC6 VPN

[Les Mikesell]

Ric Moore wrote:
> On Tue, 2006-12-19 at 11:55 +0000, James Wilkinson wrote:
> 
>> But it is possible to use SSH either as a "poor man's" VPN, or as a
>> "sort-of" VPN. I've never done a full VPN over SSH, but I'd start by
>> reading http://tldp.org/HOWTO/ppp-ssh/index.html. The advantage of a SSH
>> VPN is that SSH tends to be a lot less picky about the sort of network
>> connections it gets than many VPNs, and SSH itself is easier to set up.
>> Disadvantages include that SSH is supposed to be a poor transport for IP
>> packets, and that if the SSH connection drops, so do all communications.
>>
>> You might get on better with port-forwarding. This can be as simple as
>> ssh -L 5900:192.168.1.55:5901 vncuser at jimdouglas.example.com
>> This connects you to a computer called jimdouglas.example.com, logs you
>> in as vncuser (through a password or private key), and creates a tunnel
>> between port 5900 on your machine and port 5901 on 192.168.1.55 on the
>> same local network as jimdouglas.example.com (it might or might not be
>> the same computer as jimdouglas.example.com). That then allows you to
>> connect a VNC viewer to port 5900 on your own machine, and log into
>> 192.168.1.55.
>>
>> It works very well for simple one-port protocols like VNC. It can be
>> more of a challenge to get it to work with SMB or NFS (usually I don't
>> bother and just sftp what I need).
>>
>> The advantage of this is that it's easy to set up SSH and be sure it's
>> going to work, and then it's practical to set up tunnels as needed
>> remotely.
> 
> I used to use ssh and cipe to tunnel into my office machine, is this
> like that? Ric
> 

Not exactly - with ssh you have to specify every port to forward and
every destination address.   If you want something like cipe, look
at openvpn.

-- 
   Les Mikesell
    lesmikesell at gmail.com