similar to: RFC: non-root ssh tun access

hi, the following patch adds ssh tun support for Darwin/MacOS X (layer 2+3). I tested it with Darwin 8.0.1 x86 and MacOS X 10.4 Tiger PPC, I would like to see any tests from MacOS X users. It requires an external tun/tap driver, see below. reyk --- README.platform.orig 2006-02-13 20:22:04.000000000 -0800 +++ README.platform 2006-02-13 20:21:45.000000000 -0800 @@ -30,6 +30,18 @@ gcc,

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

It would be useful to allow matching HostName entries against Host entries. That's to say, I would find it very convenient to have an ssh_config like: Host zeus HostName zeus.greek.gods User hades Host hera HostName hera.greek.gods # [ ... ] Host *.greek.gods User poseidon UserKnownHostsFile ~/.ssh/known_hosts.d/athens # [ Default settings for *.greek.gods ] where I

http://bugzilla.mindrot.org/show_bug.cgi?id=1223 Summary: tun/tap capability only works with root login (openssh- 4.3_p2) Product: Portable OpenSSH Version: 4.3p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at

Honestly, I'm probably not the best person to ask this. I really just deal with network performance issues. You should try the OpenSSH development group. I've cc:'d that group on this message. However, a quick look at the code shows that you'd only be getting that warning if both CUSTOM_SYS_TUN_OPEN and SSH_TUN_OPENBSD are not defined. Grep on the first define we find the

https://bugzilla.mindrot.org/show_bug.cgi?id=1561 Summary: Check for up on open tap device Product: Portable OpenSSH Version: 5.1p1 Platform: Other OS/Version: FreeBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=1231 Summary: "Tunnel ethernet" always uses next tap-device Product: Portable OpenSSH Version: 4.3p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=1232 Summary: "LocalCommand" is executed before "Tunnel" is set up Product: Portable OpenSSH Version: 4.3p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org

Hello! I've configured SSH-VPN between two subnets and it works fine. Option Tunnel=yes in config file is set. The problem I run into is that normal SSH login to root account does not terminate on "exit" command. > ssh root at pig pig> exit ;; screen is cleared but does not return to prompt <ctrl-C> Killed by signal 2. ctrl-D does not work. Running ssh with -vvv has

The problem with introducing checksum offload and gso to tun is they need to set dev->features to enable GSO and/or checksumming, which is supposed to be done before register_netdevice(), ie. as part of TUNSETIFF. Unfortunately, TUNSETIFF has always just ignored flags it doesn't understand, so there's no good way of detecting whether the kernel supports new IFF_ flags. This patch

The problem with introducing checksum offload and gso to tun is they need to set dev->features to enable GSO and/or checksumming, which is supposed to be done before register_netdevice(), ie. as part of TUNSETIFF. Unfortunately, TUNSETIFF has always just ignored flags it doesn't understand, so there's no good way of detecting whether the kernel supports new IFF_ flags. This patch

http://bugzilla.mindrot.org/show_bug.cgi?id=1223 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|tun/tap capability only |tun/tap capability requires |works with root login |root privileges

FreeBSD's <net/if_tap.h> requires u_char to be defined: checking net/if_tap.h usability... no checking net/if_tap.h presence... yes configure: WARNING: net/if_tap.h: present but cannot be compiled configure: WARNING: net/if_tap.h: check for missing prerequisite headers? configure: WARNING: net/if_tap.h: see the Autoconf documentation configure: WARNING: net/if_tap.h: section

The problem with introducing checksum offload and gso to tun is they need to set dev->features to enable GSO and/or checksumming, which is supposed to be done before register_netdevice(), ie. as part of TUNSETIFF. Unfortunately, TUNSETIFF has always just ignored flags it doesn't understand, so there's no good way of detecting whether the kernel supports new IFF_ flags. This patch

The problem with introducing checksum offload and gso to tun is they need to set dev->features to enable GSO and/or checksumming, which is supposed to be done before register_netdevice(), ie. as part of TUNSETIFF. Unfortunately, TUNSETIFF has always just ignored flags it doesn't understand, so there's no good way of detecting whether the kernel supports new IFF_ flags. This patch

After upgrading to openssh-2.5.2p2, my users were unable to login using ssh Protocol 1. Entries like this were showing up in syslog: Apr 5 19:29:45 maple sshd[16726]: Accepted password for anthonyu from ::ffff:192.168.0.2 port 1019 Apr 5 19:29:45 maple sshd[16726]: fatal: stat(/dev/pts/1 19:29:45 sshd[16726]: Accepted password for anthonyu) failed: No such file or directory Apr 5 19:29:45

If an ssh server receives a successful inbound ssh connection with 'ssh -w' without a tunnel number specified (i.e. in 'any' mode), it allocates the next tunnel device available on the server. The next thing the server needs to do is to set up the tunnel device. How does the server know which tunnel device was set up by the current connection? I'd really like something

Hi, I am currently using the L2 tunnel feature of ssh between two Linux machines, and it works beautifully! As a result, I have come to prefer a workflow that uses an L2 tunnel, but I can't seem to find a long-term solution for this workflow on macOS. At the moment, tap devices on macOS can be generated using a kernel extension like tuntaposx <http://tuntaposx.sourceforge.net/>;

When running "configure" for openssh-6.0p1 , I got the following output from "configure": configure: WARNING: linux/filter.h: present but cannot be compiled configure: WARNING: linux/filter.h: check for missing prerequisite headers? configure: WARNING: linux/filter.h: see the Autoconf documentation configure: WARNING: linux/filter.h: section "Present But Cannot

On Thu, Dec 15, 2016 at 4:22 PM, Zev Weiss <zev at bewilderbeest.net> wrote: [...] > I tested (or tried) git commit b737e4d7 on three systems, with somewhat > mixed results. Thanks for the comprehensive testing! > On Mac OSX (macOS?) 10.9, configure failed with: > > ... > checking OpenSSL header version... 1000208f (OpenSSL 1.0.2h 3 May 2016) > checking