src/usr.bin/ssh/ssh.1 - diff

Return to ssh.1 CVS log

Up to [local] / src / usr.bin / ssh

version 1.257.2.1, 2006/09/30 04:06:51

version 1.257.2.2, 2006/11/08 00:17:14

Line 1077

and at what level (layer 2 or 3 traffic).

.Pp

The following example would connect client network 10.0.50.0/24

with remote network 10.0.99.0/24, provided that the SSH server

with remote network 10.0.99.0/24 using a point-to-point connection

running on the gateway to the remote network,

from 10.1.1.1 to 10.1.1.2,

at 192.168.1.15, allows it:

provided that the SSH server running on the gateway to the remote network,

at 192.168.1.15, allows it.

.Pp

On the client:

.Bd -literal -offset indent

# ssh -f -w 0:1 192.168.1.15 true

# ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252

# ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252

# route add 10.0.99.0/24 10.1.1.2

.Ed

.Pp

On the server:

.Bd -literal -offset indent

# ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252

# route add 10.0.50.0/24 10.1.1.1

.Ed

.Pp

Client access may be more finely tuned via the

.Pa /root/.ssh/authorized_keys

file (see below) and the

Line 1105

Line 1115

tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john

.Ed

.Pp

Since a SSH-based setup entails a fair amount of overhead,

Since an SSH-based setup entails a fair amount of overhead,

it may be more suited to temporary setups,

such as for wireless VPNs.

More permanent VPNs are better provided by tools such as