similar to: [patch] RFC: put server tunnel name in environment

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

Hi, the following patch changes the Cygwin specific function copy_environment() to not restricting the strlen of a single environment variable to 512 byte. The PAM specific function do_pam_environment() (also in session.c) has the same problem but I don't know if that's important for PAM since only PAM specific environment variables are copied in that function. The below patch fixes

Hi! Can I create the unnumbered GRE tunnel with iproute2 utility? Can someone provide me a link/howto/example_config how to do it? The topology is one tunnel between two linux boxes: -- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 -- I''m trying now with: ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0 ip addr add tun1 0.0.0.0 ip link set tun1 up but it

Hi, I'm trying a VPN via ssh between Linux (Suse 10.3, 5.0) and OpenBSD (4.2, 4.7). But it doesn't work... On Linux: sudo ssh -v -f -w 0:1 $OPENBSD true sudo /sbin/ifconfig tun0 10.1.1.1 10.1.1.2 sudo /sbin/route add -net 192.168.17.0 netmask 255.255.255.0 dev tun0 On OBSD: sudo ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.0 sudo /sbin/route add 10.0.3.0/24 10.1.1.1 And add a

Hi all, I have succesfully joined together three LANs using OpenVPN over Linux (Debian) gateways at the 'exit' of each one of these LANs. The VPN seems to be OK, as I can ping network hosts from one LAN to another using their private IP addresses with no problem at all. However network browsing through the VPN is not working. The network diagram for my setup is at

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

Hello, in the BSD Authentication system the login script can request environment variables to be set/unset. The call to auth_close() in auth-passwd.c does change the current environment, but those changes are lost for the child environment. It would be really useful to add some kind of mechanism to get those changes into the child environment. I've added two possible solutions. Both

I am not 100% positive of the security implications of this, but I really can't see any potential for harm. If this patch is applied (I coded it against the now-current openssh-2.2.0p1), then if (a) the authorized_keys entry has command="whatever" to force a specific command, and also (b) the invoker specified some command on their ssh cmdline, then the invoked command will be

This is the 1st revision of the Advisory. This document can be found at: http://www.openssh.com/txt/buffer.adv 1. Versions affected: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. 2. Solution: Upgrade to OpenSSH

Dear list, I am having a problem with openvpn. I have the following arrangement, running two instances of openvpn on "home fw". I want to protect my WLAN in back of the home fw and that works fine. I can see "Peer connection initiated with 192.168.1.3:5000" in daemon.log on homefw. Nothing gets initiated with officefw, nor can I ping the other end of the tunnel at officefw.

[192.168.0.0/24 Lan] v [Shorewall box ''Curtain'', 192.168.0.254, DHCP to ISP, and a OpenVPN tunnel 10.4.0.2] v [Internet] v [Shorewall box ''statler'' 130.241.25.165, and an OpenVPN tunnel 10.4.0.1] Now, i have set a rule on statler ACCEPT vpn $FW tcp smtp and i have as below. root@statler:/etc/shorewall# cat zones | grep -v ^# net Net Internet

Specifying a RemoteForward of 0:example.com:1234 dynamically allocates the listen port on the server, and then reports it to ... the client! Where it is practically useless. Was this someone's idea of a joke? Presumably not--there are some technical obstacles to reporting it to the remote process. I'd like to help solve that problem. The natural way to me would be to extend the syntax

Hi, I'm sure I'll get a few "RTFM", but I hope I'll allay those feelings. I'm getting the "scp: command not found". I've read the FAQ. I've read bugs 42 and 82 in bugzilla. Hopefully, I didn't overlook something. At a minimum, defines.h has : #ifdef USER_PATH # ifdef _PATH_STDPATH # undef _PATH_STDPATH # endif # define _PATH_STDPATH

Hi folks, I have three network cards on my Slackware box and eth0 and eth1 are for two Internet connections. They have imq0 and imq1. All traffic shaping works fine. Internal eth2 does no traffic shaping. But recently I have put two OpenVPN tunnels (tun devices) and both work via eth0. So my question is - how to shape the traffic on these tun0 and tun1 devices? Thanks Remus

BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable

Friends-- I'm stumped! Cannot get mount.cifs to work over a tun connection. How would you trouble-shoot this? 1. It cannot be openvpn causing the problem: I can ping across the connection both directions on all machines. 2. It cannot be samba causing the problem: I can mount.cifs the smb shares on the lan (using the identical credentials file) without any issue. 3. Have iptables

Dear Sirs, on my Linux (distribution Slackware 3.9), I have installed the ``openssh-1.2.2.tar.gz'' package into the /usr/local/bin directory. In the ``sshd.c'' file, the PATH variable is set up: child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); (line no. 2405). I am unable to connect to my machine using scp. _PATH_STDPATH is

Hello, I am using OpenSSH-3.8p1 on HP-UX machine with USE_POSIX_THREADS option. This is for making the kerberos credentials file to be created in the system with PAM. In OpenSSH versions 3.5 when authentication is done with pam kerberos, a /tmp/krb5cc_X_Y file is created on the server side. But the KRB5CCNAME variable is not set by default. So, after we manually set this environment variable, the

Hi ! I haven't found an easy solution to determine the local IP to which the remote SSH client is connected to the local SSHD. We use MC/Serviceguard which can create many Interfaces where a remote client could connect and we like to know within .profile which interface the client has connected to. I've looked at the sourcecode and maybe the following could do something I described :

Is there a way to get rid of all the routes in a routing table ? This is more or less what I do: route add 146.64.80.0/24 192.168.0.100 route add 146.141.0.0 -interface tun1 route add 146.182.0.0 -interface tun1 route add 146.230.0.0 -interface tun1 netstat -rn inet 146.64.80.0/24 192.168.0.100 UGS 0 0 sis0 146.141.0.0/16 tun1 US 0