ssh vpn

B

binary_dreamer

Guest
hi. i am looking for a way to create a vpn through ssh when mobile.
i do have ssh enabled at home and i would like to be able when not at home to access the machines and have full access, apart from ssh.
For example i would like to see an internal system that fires up though brower in a local IP in port 80.

the machine at remote site is a linux netbook.
may i have some help please?
 


hi. i am looking for a way to create a vpn through ssh when mobile.
i do have ssh enabled at home and i would like to be able when not at home to access the machines and have full access, apart from ssh.
For example i would like to see an internal system that fires up though brower in a local IP in port 80.

the machine at remote site is a linux netbook.
may i have some help please?

What you are referring to is an "ssh tunnel". A VPN is something else, though ssh tunnels are often referred to as "a poor mans VPN".

You will need:
  • the IP address assigned to your external (WAN) interface on your Internet router
  • firewall rules on any gateway device allowing a specific port (doesn't have to be 22) to pass inbound connections
  • port forwarding to be available on your Internet router and set to forward incoming traffic on the above port to the internal IP address or your netbook on port 22 or whatever you set the ssh daemon to listen on

Since you are going to open up ssh to the Interwebs I would also suggest:
  • Disabling root ssh logins on the target netbook
  • Disabling all password logins on the target netbook, allow only certificate logins
  • Restricting the external IP addresses permitted to pass inbound connections through the firewall, or if that's not an option, install something like "dshield" on the target netbook to lock out brute force attackers IP addresses

As for setting the tunnel up, there are many HOWTOs already out there. One example is here.

Hope this helps.
 
Thanks for posting your question, Binary. After having a close-eye to what you have asked I would like to suggest a few little things here which I think would be easier and beneficial for you herein. To setup SSH VPN involves certain prerequisite like setting up Putty, or using similar kind of tool / app which are available on the web (a trifle search required). As we know that SSH commonly use port 22 to link computers from different places. However, if you are on mobile and want an administration control over your OS/Devices then you need to follow some steps hither. Follow the steps mentioned here to configure the protocol on your mobile.

To boot, the tips that hackinjack suggested earlier are good to go in this case. You may follow it, as it is more like technical pundits cheat sheet ;)
 

Members online


Top