similar to: Tunneling as a non-root user

If an ssh server receives a tun/tap tunnel request and sets up the tunnel concerned, as far as I can see there is currently no way for the server to configure the tunnel in a manner dependent upon (e.g) the key used to set up the ssh session. Whilst an id based on the key can be passed to the ssh child process, where the tunnel is dynamically allocated, its tunnel name is lost. This patch

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

Hi, I had some performance problems with TINC running on Windows XP. I had a VPN tunnel running over a wireless network to a Linux VPN server. Web browsing through the tunnel was a pain. Big web pages with lots of pictures loaded very slow compared to a plain network connection. When the VPN client was running on a Linux computer, and a Windows computer was browsing the web through the VPN

I just upgraded to OpenSSH3.2.3p1 as it seemed that UsePrivilegeSeparation yes might help with my problem (connections forwarded are owned by root instead of the user I logged in as on the server), but instead, sshd barfs on receiving a connection. Without UsePrivilegeSeparation the server works fine. # strace -o /tmp/sshd.str sshd -d debug1: sshd version OpenSSH_3.2.3p1 debug1: private host

Hi, I am new to VPN an OpenVPN with shorewal. I tryed a lot and read a bounch of howto''s but nothing helped so I came here. I want to tunnel all request to my server 141.48.XXX.XXX from my home network throu port 443. I want to do this because this is the only way I can connect to my server using ssh or ony other tool or port. On Port 80 Apache is running, so I only have the https port

Hello, I just install the newest version of Centos 7 and I am a bit disappointed with new /etc/rc/local file I found that it's not usable anymore. *[root at lab3 ~]# cat /etc/rc.local* " THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES" It is highly advisable to create own systemd services or udev rules to run scripts during boot instead of using this file. Usually I was added my

Greetings, me again. I''m starting to feel miff now. If I have a few vpn tunnels with different tun interfaces. And all this tunnel traffic is coming in on my eth0 interface, it also leave via eth0 again. I would like to share the available bandwidth evenly with tunnel clients. Would applying the bandwidth rule on eth0 with htb & sfq work for sharing the bandwidth or will

I've been testing tunneling on Linux with openssh-SNAP-20060116.tar.gz and found a problem. When I use LocalCommand for doing ifconfig stuff, the command line was executed before a tunneling interface is opened. This causes errors on Linux and the interface is not automatically set up. This is not a problem on *BSD because you can do ifconfig for unopened tun/tap interfaces. But in Linux,

Hello I have /25 addressed on a box (virtual devices on eth0) and I want to tunnel some of these addresses to my home network. One address to my gateway (a.b.c.d, external IP) and one address to my internal network (192.168.0.0/24-style). I will use the tunnels for irc, smtp and surfing. What protocol and which technique is easiest and best to use? One more thing. I don''t want to set up

Hello, First, my apologies: It's -practically- sure this ML is not the good place to, but I don't find better for now. I jumped from an OS to an other since few days. On the new one, openssh comes in a much newer version (good thing): 7.6p1 sshd lets me know that there are two depreciated options: - KeyRegenerationInterval - UsePrivilegeSeparation I search for a place where I can find

Hi, would you mind to apply the below patch? It fixes Cygwin's ssh-host-config script in various ways: - Remove old code to remove the "sshd/22" entry from /etc/services. This code fixes a problem which only existed in installations which are more than 10 years old. - Handle the StrictMode setting interactively. - Fix regular expressions looking for white spaces. - Make the

Hi, I'm attempting to get openssh-3.4p1 up and running on our DEC/Compaq Alpa workstations. They are running Tru64 Unix 5.1A. I compile the package myself. Openssh-3.1 worked perfectly, with the default sshd_config file. Openssh-3.4p1 works, if I set UsePrivilegeSeparation to "no" in the sshd_config file. NOTE: I have a secondary issue with the ListenAddress default setting

[ Sorry for the length of this; I felt it better to provide potentially too much info, rather than not enough. I've probably missed something that's important, though! ] I have an odd problem with 5.1p on RHEL3 if "UsePAM yes" and "UsePrivilegeSeparation no" is set. The code detects that the user password is aged (according to shadow) but then fails to let me

Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only does not work if UsePrivilegeSeparation is enabled; but it does work if privsep is disabled. Here are excerpts of debug from the server. -----------UsePrivilegeSeparation DISABLED------- ... Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M debug1: restore_uid^M debug1: ssh_dss_verify:

https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #26 from Paul Sery <pgsery at swcp.com> 2010-01-08 08:09:14 EST --- The configuration below is incorrect. When using protocol 2, it should read: ... RequiredAuthentications2 password Also, there's no need to specify publickey in conjunction with other authentication methods because it will always be tried first (as specified

Hi all. I have an old windows VM with an oldish cygwin that I use for the regression tests. Investigating one of the test failures, I see that it's for UsePrivilegeSeparation=sandbox, and it seems to be because setrlimit(RLIMIT_FSIZE, ...) is not supported. IMO, this isn't a big loss, since the most useful thing in the rlimit "sandbox" is the descriptor limits. Can anyone see

http://bugzilla.mindrot.org/show_bug.cgi?id=285 ------- Additional Comments From dtucker at zip.com.au 2002-06-23 20:31 ------- Disabling PrivSep (add "UsePrivilegeSeparation no" to sshd_config) should get it working on 2.2 kernels. 3.3p1 defaults PrivSep to on. Previous releases (that supported it) defaulted to off. ------- You are receiving this mail because: ------- You

Hello, I would like to point to this problem again as I have not seen a reply to my original posting: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106458208520320&w=2 and the problem still exists in version 3.9p1. After closing a ssh-session the pam_close_session() function is not invoked. Enabling PrivilegeSeparation (UsePrivilegeSeparation yes) does not help. Could someone

On 11/15/2023 04:40, Mika Westerberg wrote: > Hi Mario, > > On Tue, Nov 14, 2023 at 02:07:53PM -0600, Mario Limonciello wrote: >> USB4 routers support a feature called "PCIe tunneling". This >> allows PCIe traffic to be transmitted over USB4 fabric. >> >> PCIe root ports that are used in this fashion can be discovered >> by device specific data

Hi folks, I have three network cards on my Slackware box and eth0 and eth1 are for two Internet connections. They have imq0 and imq1. All traffic shaping works fine. Internal eth2 does no traffic shaping. But recently I have put two OpenVPN tunnels (tun devices) and both work via eth0. So my question is - how to shape the traffic on these tun0 and tun1 devices? Thanks Remus