I am trying to connect two CentOS machines (one laptop --> one desktop) securely across the''net. The desktop is running masquerading and provides internet sharing for my network @ home. I have been running squid on the desktop, then tunnelling http in via SSH, but this creates a drag on the machine and network (for some reason the bandwidth doesn''t get shared- the SSH tunnel gets it all). Does anyone have any suggestions? Most of the time the laptop will be at hotspots.
On Sat, 26 Mar 2005 19:52:18 +0000, Ryan <ryanag@zoominternet.net> wrote:> I have been running squid on the desktop, then tunnelling http in via > SSH, but this creates a drag on the machine and network (for some > reason the bandwidth doesn''t get shared- the SSH tunnel gets it all). > > Does anyone have any suggestions? Most of the time the laptop will be > at hotspots.Not sure what the problem is with ssh, should work fine. In any case, the easy way to VPN 2 linux boxes is cipe. yum install cipe :) Francois
On Sat, 2005-03-26 at 15:11, Francois Caen wrote:> > I have been running squid on the desktop, then tunnelling http in via > > SSH, but this creates a drag on the machine and network (for some > > reason the bandwidth doesn''t get shared- the SSH tunnel gets it all). > > > > Does anyone have any suggestions? Most of the time the laptop will be > > at hotspots. > > Not sure what the problem is with ssh, should work fine.> In any case, the easy way to VPN 2 linux boxes is cipe. yum install cipe :)That''s good for Centos 3.x. You can add the setup in the redhat-config-network tool by clicking the device/new button, and port forward the UDP port number you choose through your router. Unfortunately, it is gone in Centos 4.x and you have to recompile the kernel to make it work if you try to add it back yourself. -- Les Mikesell les2futuresource.com
On Sat, 26 Mar 2005 19:59:51 -0600, Les Mikesell <lesmikesell@gmail.com> wrote:> Unfortunately, it is gone in Centos 4.x and you > have to recompile the kernel to make it work if you try > to add it back yourself.Yeah I heard that cipe was kinda gone in kernel 2.6 Dunno what replaces it as easy linux-linux VPN. IPSEC solutions are much more difficult to get going. Francois
On Sat, 2005-03-26 at 18:18 -0800, Francois Caen wrote:> On Sat, 26 Mar 2005 19:59:51 -0600, Les Mikesell <lesmikesell@gmail.com> wrote: > > Unfortunately, it is gone in Centos 4.x and you > > have to recompile the kernel to make it work if you try > > to add it back yourself. > > Yeah I heard that cipe was kinda gone in kernel 2.6 > Dunno what replaces it as easy linux-linux VPN. > IPSEC solutions are much more difficult to get going. >I found OpenVPN easy to setup and use. Trevor B> Francois > _______________________________________________ > CentOS mailing list > CentOS@caosity.org > http://lists.caosity.org/mailman/listinfo/centos
Trevor Batley wrote:>On Sat, 2005-03-26 at 18:18 -0800, Francois Caen wrote: > > >>On Sat, 26 Mar 2005 19:59:51 -0600, Les Mikesell <lesmikesell@gmail.com> wrote: >> >> >>>Unfortunately, it is gone in Centos 4.x and you >>>have to recompile the kernel to make it work if you try >>>to add it back yourself. >>> >>> >>Yeah I heard that cipe was kinda gone in kernel 2.6 >>Dunno what replaces it as easy linux-linux VPN. >>IPSEC solutions are much more difficult to get going. >> >> >> >I found OpenVPN easy to setup and use. > >Trevor B > >I''ll second that. Openvpn is a breeze to set up, crosses NATing firewalls, can tunnel from Linux to Linux, Windows to Linux, supports multiple connections on a single port. And their mail list is quite helpful. -- Micha
On Mar 26, 2005, at 12:52 PM, Ryan wrote:> I am trying to connect two CentOS machines (one laptop --> one > desktop) securely across the''net. > > The desktop is running masquerading and provides internet sharing for > my network @ home. > > I have been running squid on the desktop, then tunnelling http in via > SSH, but this creates a drag on the machine and network (for some > reason the bandwidth doesn''t get shared- the SSH tunnel gets it all). > > Does anyone have any suggestions? Most of the time the laptop will be > at hotspots. >It sounds like you are just tunneling HTTP traffic. Why not use SSL? There are plenty of FAQs on how to install a self-signed certificate on Apache. Tarun