Running PPPD with SSH (the simplest Linux VPN) _unix Linux

Running PPPD with SSH (the simplest Linux VPN)
Sbaa 2003.1.10
I am in order to pass the UDP packet firewall on the QQ
Tried a lot of ways.
With snake SOCKS5 agent good, you can have the extranet machine is Windows
And Linux, Stunnel just forward TCP does not support QQ UDP
So I thought about the VPN pptpd is a very good, Windows-enabled VPN client
Unfortunately, the firewall to open IP forwarding, also does not meet my requirements,

Today saw a SSH-PPP script, and then read some articles, originally so simple!!

As long as you have two Linux online with sshd service, you can access the firewall
Build VPN!

My home dial-up machine ADSL is dynamic domain name sbaa.3322.org
My Company a Linux intranet (10.9.0.16) through the company's gateway NAT can access to sbaa.3322.org (SSH)

There are pppd conditions on both machines ok!

Begin:
On the home machine.
Useradd VPN
Ssh-keygen
Enter file in which to save the key (/root/.ssh/identity): Vpnkey

Now we have Vpnkey and vpnkey.pub.
Configure Sshd/etc/ssh/sshd_config
Open Rsaauthentication Yes

CP Vpnkey.pub/home/vpn/.ssh/authorized_keys

Add the following content to the/etc/sudoers
Cmnd_alias VPN=/USR/SBIN/PPPD
VPN All=nopasswd:vpn

Test this machine
SUDO/USR/SBIN/PPPD Noauth
~}#?}!}!} }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} '}&amp}}} '}%}&v 鴠 '}} (} "~}#?}!}!}" }4} "}&amp}}}}}%}&v?"
Just OK

All right
To the company machine, put the Vpnkey ftp over here
Test
See Prompt login success everything's OK.
Ssh-l vpn-i./vpnkey-1-P sbaa.3322.org
Linux 2.2.14.
cool:~$ exit
Logout
Connection to sbaa.3322.org closed.

Create the following script
Vpnstart

#!/bin/sh
# VPN Ppp-ssh Script

# History
# May 2002 j.n.pritchard@brad.ac.uk

# *******************************************

# You'll need to edit in these Varibles

# Server Hostname
server_hostname=sbaa.3322.org

# Username on the server for VPN
Server_username=vpn

# SSH Private Key Location
Private_key_file=/home/bin_shi/vpnkey

# *******************************************
# You don't need to edit below this line unless your use the subnet 192.168.250


# VPN Network Subnet (change to a different subnet if?
vpn_subnet=192.168.6
# Server PPP Address
Server_ifipaddr= $VPN _subnet.1
# Client PPP Address
Client_ifipaddr= $VPN _subnet.2

# Extra SSH Options
local_ssh_opts= "-p-1-I $PRIVATE _key_file"

# Path Environment
Path=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/x11/bin

# Command Alias '
Pppd=/usr/sbin/pppd
Ssh=/usr/local/bin/ssh

if! Test-f $PPPD; Then echo "Can ' t find $PPPD"; Exit 3; Fi
if! Test-f $SSH ; Then echo "Can ' t find $SSH"; Exit 4; Fi

Case "$" in
Start
# Echo Starting VPN Connection
$ Updetach Noauth Passive Pty "$ $ $-l$-o batchmode=yes sudo $ nodetach notty noauth" Ipparam VPN $:$
# echo "Connected."
;;

Stop
# echo-n "Stopping VPN to $SERVER _hostname:"
pid= ' PS Ax | grep "$ $ $-l$-O" | Grep-v ' passive ' | Grep-v ' grep ' | awk ' {print '} '
if ["$"!= "]; Then
kill $PID
echo "Disconnected."
else
echo "Failed to find PID for the connection"
fi
;;

Config
echo "Server_hostname= $SERVER _hostname"
echo "Server_username= $SERVER _username"
echo "Server_ifipaddr= $SERVER _ifipaddr"
echo "Client_ifipaddr= $CLIENT _ifipaddr"


*)
echo "Usage:vpn"
exit 1
;;
Esac

Exit 0


There are some configurations you can change yourself.
And then./vpnstart Start
Oh
Ifconfig-a See 192.168.6.2?
Ping 192.168.6.1 is my sbaa.3322.org.
Not bad
Add on the sbaa.3322.org
Route add-net 10.9.0.0 netmask 255.255.248.0 GW 192.168.6.2

Then go to my company's Windows machine and add
Route add 192.168.6.1 Mask 255.255.255.255 10.9.0.16

Ping 192.168.6.1 Oh, cartoon.

Then QQ on my sbaa.3322.org SOCKS5 agent
Oh upd package in the SSH link is encrypted encapsulated

The firewall has been crossed.

That's a good idea! Unfortunately, I didn't find it myself, I also saw the SSH-PPP script on the Internet.
And then I studied it.

Oh!

Linux on the VPN incredibly simple!
We have any ideas, but also hope that a lot of exchanges!