Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Unix+clones

The 'no-configuration, only-active-when-needed' SSH VPN

Post date: April 13, 2005, 03:04 Category: Views: 2734 Comments
Tutorial quote: So, we started thinking about how we might set up a VPN between the application server and our internal software mirror. The only requirement is that the VPN be initiated from the "inside-out" and that the connection is only active for as long as we need to use. In other words, it would only be active during an administration session. Ideally, it wouldn't be a lot of work to setup and tear down either.

SSH to the rescue...

Fortunately, SSH client and server come with support for this out of the box, requiring no additional software to be installed, and no configuration changes. On the server side, sshd, the setting "AllowTcpForwarding" defaults to "yes" unless your sshd_config file explicitly disables it. On the client side, all you have to do is request the forwarding.

Comments

Web-based applications and online marketing solutions - LumoLink