VPN over ssh

Lets create simple VPN over ssh, using OpenSSH.


1) OpenSSH > 4.3

2) Add "PermitTunnel point-to-point" to sshd config

3) host2#ssh root@host1 -w 0:0 // Connect to server from client

4) host2#ifconfig tun0 192.168.254.1 pointopint 192.168.254.2

5) host1#ifconfig tun0 192.168.254.2 pointopint 192.168.254.1

7) Check pings from both hosts

8) Create/change/add routing on both hosts, for example:

# Add route to remote network 10.0.1.0/24

host1#ip r a 10.0.1.0/24 gw 192.168.254.2

# Add route to remote network 10.0.0.0/24

host2#ip r a 10.0.0.0/24 gw 192.168.254.1



now you can ping hosts from remote networks:

[tsolodov@host1 ~]$ ping 10.0.1.1 -c 1

PING 10.0.1.1 (10.0.1.1) 56(84) bytes of data.

64 bytes from 10.0.1.1: icmp_req=1 ttl=56 time=212 ms




[tsolodov@host2 ~]$ ping 10.0.0.1 -c 1


PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.

64 bytes from 10.0.0.1: icmp_req=1 ttl=56 time=212 ms








Looks like it works for me, Enjoy! :)