Run pppd over ssh (the simplest linux vpn)

Run pppd over ssh (the simplest linux vpn)
SBA 2003.1.10
In order to pass the firewall of udp packets to qq
Tried many methods
It's good to use snake's socks5 proxy. You can use windows as an Internet host.
In linux, stunnel only forwards packets that do not support qq udp.
So I thought that vpn pptpd is a very good vpn Client that supports windows.
It is a pity that the firewall should enable ip Forwarding, which does not meet my requirements,

Today, I saw an ssh-ppp script and read some articles. It turned out to be so simple !!

As long as you have two linux instances With sshd services on the Internet, you can use the Firewall
Create a vpn!

My dialing machine adsl is a dynamic domain name sba.3322.org
A linux Intranet (10.9.0.16) in our company can access 22 (ssh) of sba.3322.org through the company's gateway nat)

If both machines have pppd conditions, OK!

Start:
On a home machine
Useradd vpn
Ssh-keygen
Enter file in which to save the key (/root/. ssh/identity): vpnkey

Now we have vpnkey and vpnkey. pub
Configure sshd/etc/ssh/sshd_config
Enable RSAAuthentication yes

Cp vpnkey. pub/home/vpn/. ssh/authorized_keys

Add the following content to/etc/sudoers
Cmnd_Alias VPN =/usr/sbin/pppd
Vpn ALL = NOPASSWD: VPN

Test the Local Machine
Sudo/usr/sbin/pppd noauth
~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%}& V '}"}(}"~ | }#?}!}!} } 4} "}}}}}%} & V?
OK

Okay.
Go to the company machine and ftp the vpnkey.
Test
Everything will be OK if the prompt logon is successful.
Ssh-l vpn-I./vpnkey-1-P sba.3322.org
Linux 2.2.14.
Cool :~ $ Exit
Logout
Connection to sba.3322.org closed.

Create the following script
Vpnstart

#! /Bin/sh
# VPN PPP-SSH script

# History
#16 May 2002 j.n.pritchard@brad.ac.uk

#*************************************** ****

# You will need to edit in these varibles

# Server Hostname
SERVER_HOSTNAME = sba.3322.org

# Username on the server for VPN
SERVER_USERNAME = vpn

# SSH Private Key Location
PRIVATE_KEY_FILE =/home/bin_shi/vpnkey

#*************************************** ****
# You do NOT need to edit below this line unless you use the subnet 192.168.250

# VPN Network subnet (change to a different subnet if this one is in use)
VPN_SUBNET = 192.168.6
# Server ppp address
SERVER_IFIPADDR = $ VPN_SUBNET.1
# Client ppp address
CLIENT_IFIPADDR = $ VPN_SUBNET.2

# Extra SSH Options
LOCAL_SSH_OPTS = "-P-1-I $ PRIVATE_KEY_FILE"

# Path environment
PATH =/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/X11/bin

# Command Alias'
PPPD =/usr/sbin/pppd
SSH =/usr/local/bin/ssh

If! Test-f $ PPPD; then echo "can't find $ PPPD"; exit 3; fi
If! Test-f $ SSH; then echo "can't find $ SSH"; exit 4; fi

Case "$1" in
Start)
# Echo Starting VPN Connection
$ Updetach noauth passive pty "$-l $-o Batchmode = yes sudo $ nodetach notty noauth" ipparam vpn $: $
# Echo "connected ."
;;

Stop)
# Echo-n "Stopping vpn to $ SERVER_HOSTNAME :"
PID = 'ps ax | grep "$-l $-o" | grep-v 'passive '| grep-v 'grep' | awk' {print $1 }''
If ["$ "! = ""]; Then
Kill $ PID
Echo "disconnected ."
Else
Echo "Failed to find PID for the connection"
Fi
;;

Config)
Echo "SERVER_HOSTNAME = $ SERVER_HOSTNAME"
Echo "SERVER_USERNAME = $ SERVER_USERNAME"
Echo "SERVER_IFIPADDR = $ SERVER_IFIPADDR"
Echo "CLIENT_IFIPADDR = $ CLIENT_IFIPADDR"

*)
Echo "Usage: vpn"
Exit 1
;;
Esac

Exit 0

You can modify some configurations by yourself.
Then./vpnstart start
Haha
Does ifconfig-a see 192.168.6.2?
Ping 192.168.6.1 is my sba.3322.org.
Good
Add
Route add-net 10.9.0.0 netmask 255.255.248.0 gw 192.168.6.2

Then add it to my company's windows machine.
Route add 192.168.6.1 mask 255.255.255.255 10.9.0.16

Ping 192.168.6.1.

Then, on qq, my sba.3322.org socks5 Proxy
The upd package is encrypted and encapsulated in the ssh link.

The firewall passes through.

This method is really good! Unfortunately, I did not find it myself. I also saw an ssh-ppp script on the Internet.
I studied it again.

Haha!

Vpn on linux is so simple!
What are your comments? I hope you can talk more!