search for: ssh_tunnel

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

...to the ssh child process, where the tunnel is dynamically allocated, its tunnel name is lost. This patch remedies this. It is very simple. All it does is put the tunnel name in the environment if one is set up. IE ssh to a server with "-w any" and the executed command will have (e.g.) SSH_TUNNEL=tun1 if tun1 was allocated. On *BSD, this will look more like '/dev/tun1'. I have tested this patch on Linux. It should work equally well on OpenBSD and FreeBSD (it's really very simple) but someone should test this. Patch is against 5.1p1. [this is my first patch against openssh so...

...b3 ~]# cat /etc/rc.local* " THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES" It is highly advisable to create own systemd services or udev rules to run scripts during boot instead of using this file. Usually I was added my script to /etc/rc.local *[root at lab3 ~]# echo /usr/bin/bash /opt/ssh_tunnel.sh >> /etc/rc.local* And it was working perfect. What I should do in new Centos 7, please help. *--* *Best regards.* *Alex Berber* *+9 72 54 285 952 3* *www.linuxspace.org* <http://www.linuxspace.org/>

...on-root users are able to open tunnels as long as the sshd_config has The setting UsePrivilegeSeparation=no. All is well, but I wonder what security risks I am taking by disabling the separation. Also, I would like to update to a more current version of the server for security as well as for the SSH_TUNNEL environment variable introduced in 7.7, but the UsePrivilegeSeparation option has been deprecated and a current version (8.3p) refuses to run with that option present in the config file. Removing the option, the ioctl() to create the tun/tap interface fails, just like with 7.4. Now that privilege...

...#39;s address (basically a more usable BindAddress) * ssh(1): Expose device allocated for tun/tap forwarding via a new %T expansion for LocalCommand. This allows LocalCommand to be used to prepare the interface. * sshd(8): Expose the device allocated for tun/tap forwarding via a new SSH_TUNNEL environment variable. This allows automatic setup of the interface and surrounding network configuration automatically on the server. * ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp, e.g. ssh://user at host or sftp://user at host/path. Additional connection parameters d...

...#39;s address (basically a more usable BindAddress) * ssh(1): Expose device allocated for tun/tap forwarding via a new %T expansion for LocalCommand. This allows LocalCommand to be used to prepare the interface. * sshd(8): Expose the device allocated for tun/tap forwarding via a new SSH_TUNNEL environment variable. This allows automatic setup of the interface and surrounding network configuration automatically on the server. * ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp, e.g. ssh://user at host or sftp://user at host/path. Additional connection parameters d...

...#39;s address (basically a more usable BindAddress) * ssh(1): Expose device allocated for tun/tap forwarding via a new %T expansion for LocalCommand. This allows LocalCommand to be used to prepare the interface. * sshd(8): Expose the device allocated for tun/tap forwarding via a new SSH_TUNNEL environment variable. This allows automatic setup of the interface and surrounding network configuration automatically on the server. * ssh(1)/scp(1)/sftp(1): Add URI support to ssh, sftp and scp, e.g. ssh://user at host or sftp://user at host/path. Additional connection parameters d...