LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] compressed tunnels

[ILUG] compressed tunnels

kevin lyda kevin at suberic.net
Sun Feb 25 18:40:08 GMT 2001 

On Sun, Feb 25, 2001 at 11:56:18AM +0000, John P . Looney wrote:
>  Swweeet. How much effort is it to setup on the far end ? I'm thinking
> setting up ssh to listen for tunneling connections on Antefacto's firewall
> (which runs squid).

i thought i'd posted it before.  well here ya go, enjoy.  as always i
expect that you'll choose good passphrases for your public keys, that
you've set yourself up for authorized_keys authentication, etc, etc.

-----------> workathome:
#!/bin/sh
# .ssh-env is where i store environment vars for scripts to talk to ssh-agent.
# this allows cron scripts and other such things to work.
. $HOME/bin/.ssh-env
exec $HOME/bin/workathome.exp

-----------> workathome.exp
#!/usr/bin/expect

# how to use:
#   assumes you have sudo configured to run w/o a password.  after this
#   runs, you need to add a route: put this in /etc/ppp/ip-up.local:
#     #!/bin/bash
#     if [ "$6"x = workx ]; then
#         route add -net 192.168.10.0 netmask 255.255.255.0 gw <lhost below>
#         route add -net 192.168.11.0 netmask 255.255.255.0 gw <lhost below>
#     fi
#     exit 0
#   make sure it's executable.  this assumes a redhat box btw.  fill in the
#   bits enclosed by <...>.  save this file somewhere on your path and run
#   w/o arguments.
# buglet:
#   for some reason you should press return after the first prompt shows
#   after running workathome.  maybe it's a tcsh buglet?

# configs
set lhost # e.g. 192.168.10.102
set rhost # e.g. 192.168.10.2

# go away and hide - comment out to debug
if [fork]!=0 exit
    disconnect

# start pppd on server
set  stty_init raw
spawn /usr/bin/ssh "-x" "-e" "none" "server.example.com"
set remote $spawn_id
expect "kevin"
# you might want to ssh to an internal machine and start pppd from there.
# in the example below i've soft linked 192.168.11.1 to the ssh binary.
#send "killall /home/kevin/bin/192.168.11.1;sleep 2;192.168.11.1 -x -e none\n"
#sleep 1
#stty -echo
# here i send a password since the internal server doesn't trust the
# external host.  make sure this password is *only* used here since it's
# stored in cleartext.
#send "my.password\n"
#stty echo
#expect "%"
send "sudo /usr/sbin/pppd $rhost:$lhost noauth proxyarp\n"

# start pppd
spawn sudo /usr/sbin/pppd "$lhost:$rhost" noauth ipparam work

# tie them up
interact -u $remote

--------------snip!

cheers!

kevin

-- 
kevin at suberic.net        i...  i have a dream.  and that dream is:
fork()'ed on 37058400    use DIY::Tiler;
meatspace place: orbit   my($t) = new DIY::Tiler;
                         $t->tile(-room => "en-suite", -style => "stone");

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell