Evaggelos Balaskas - System Engineer

The sky above the port was the color of television, tuned to a dead channel

Blog
Posts
Wiki
About
Contact
rss.png twitter linkedin github gitlab profile for ebal on Stack Exchange

Next Page »
  -  
Feb
21
2011
vpn over ssh
Posted by ebal at 22:01:19 in planet_ellak, planet_Sysadmin

It’s super easy to setup a vpn connection over an ssh access.

You dont believe me ?
You can try it by your self in only a few seconds away.

You have to be root on your local machine and you have to ssh as root to your remote machine.
To do that, change your remote /etc/ssh/sshd_config with the below values:

AllowUsers root
PermitRootLogin yes
PermitTunnel = yes

restart your ssh daemon: /etc/init.d/sshd restart

After that, copy the below shell script : ssh.vpn.sh

This is ssh.vpn.sh code:



#!/bin/sh

# Evaggelos Balaskas < ebalaskas _AT_ ebalaskas _DOT_ gr >
# Last change: Mon Feb 21 23:48:53 GMT-2 2011
# If you can spare a dollar, plz donate !

clear
echo "Give me server's name: "
read SERVER
echo "Give me ssh port: "
read PORT
SIP=`host $SERVER|tail -1 | awk '{print $NF}'`
DGW=`ip route show | grep default | awk '{print $3}'`

ssh -fw any:any $SIP -p $PORT 'ifconfig tun0 down; 
ifconfig tun0 10.20.30.40 pointopoint 10.20.30.41; 
echo 1 > /proc/sys/net/ipv4/ip_forward;
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
grep nameserver /etc/resolv.conf ' > /etc/resolv.conf

# Configure  Client tun0 --> point-to-point with server tun0
ifconfig tun0 down
ifconfig tun0 10.20.30.41 pointopoint 10.20.30.40

# Configure Routing
route add -host $SIP dev eth0
route add default gw 10.20.30.40 dev tun0
route del default gw $DGW dev eth0

Make this file executable: chmod +x ssh.vpn.sh
and run it # ./ssh.vpn.sh !!!

You should asked to write the server’s name (eg. ssh.example.com) and the ssh port (eg. 22) and of course your root remote password.

Everything else is automate to make your life

Simple as that.

Open whatismyip to see your new ip address!

  • 6 comments
Feb
21
2011
vpn over ssh
Posted by ebal at 22:01:02

It’s super easy to setup a vpn connection over an ssh access.

You dont believe me ?
You can try it by your self in only a few seconds away.

You have to be root on your local machine and you have to ssh as root to your remote machine.
To do that, change your remote /etc/ssh/sshd_config with the below values:

AllowUsers root
PermitRootLogin yes
PermitTunnel = yes

restart your ssh daemon: /etc/init.d/sshd restart

After that, copy the below shell script : ssh.vpn.sh

This is ssh.vpn.sh code:



#!/bin/sh

# Evaggelos Balaskas < ebalaskas _AT_ ebalaskas _DOT_ gr >
# Last change: Mon Feb 21 23:48:53 GMT-2 2011
# If you can spare a dollar, plz donate !

clear
echo "Give me server's name: "
read SERVER
echo "Give me ssh port: "
read PORT
SIP=`host $SERVER|tail -1 | awk '{print $NF}'`
DGW=`ip route show | grep default | awk '{print $3}'`

ssh -fw any:any $SIP -p $PORT 'ifconfig tun0 down; 
ifconfig tun0 10.20.30.40 pointopoint 10.20.30.41; 
echo 1 > /proc/sys/net/ipv4/ip_forward;
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
grep nameserver /etc/resolv.conf ' > /etc/resolv.conf

# Configure  Client tun0 --> point-to-point with server tun0
ifconfig tun0 down
ifconfig tun0 10.20.30.41 pointopoint 10.20.30.40

# Configure Routing
route add -host $SIP dev eth0
route add default gw 10.20.30.40 dev tun0
route del default gw $DGW dev eth0

Make this file executable: chmod +x ssh.vpn.sh
and run it !!!

You should asked to write the server’s name (eg. ssh.example.com) and the ssh port (eg. 22).
Everything else is automate to make your life

Simple as that.

Open whatismyip to see your new ip address!

  • Add a comment
Feb
14
2011
URL Shortener. Solution or Security Risk ?
Posted by ebal at 18:12:28 in planet_ellak, planet_Sysadmin

Ok i have to admit that large urls are un-friendly, difficult to share and sometimes have privacy info.
Url shorteners provide anonymity and a short-friendly url to use and share.

But they are also a security risk! Browser security is something that we take very light, but we shouldn’t!

When someone sends me a url shortener i have to use a web browser to click on it and see the destination page. With simple urls i have to just mouse over (firefox 3) to see the destination.
Sometimes people send me spam or urls that i dont wish to open or see.

I believe that the design of url shorteners is just wrong!
People should be able to see or even test the urls before they click and open on them.
Browser hijacking is one form of malicious code that url shorteners make it extremely easy !

An idea:

Like google’s “Instant is on”, a similar action should be done with url shorteners.
With mouse over (or whatever else you like) the destination domain/url should reveal to the client.
And then if he/she agrees to verify for open the destination url to a new tab/window.

A simple chrome/firefox extension shouldn’t be that hard.

Or you have a different opinion ?

  • 1 comment
Feb
02
2011
Linux Events 2011
Posted by ebal at 12:39:24 in planet_ellak, planet_Sysadmin

Very Interesting Linux Events & Confs that you should be there:

Fosdem
http://fosdem.org
05 - 06 Feb 2011
Brussels, Belgium

Open Source Days
http://opensourcedays.org
05 Mar 2011
Copenhagen, Denmark

OpenFest
http://openfest.teipir.gr
9th to 10th of April 2011
Piraeus, Greece

Linux Open Administration Days
http://loadays.org
16th - 17th April 2011
Wilrijk, Belgium

Infosecurity
http://www.infosec.co.uk
19th - 21st April 2011
London, England

Fosscomm
http://fosscomm.gr
7th - 8th May 2011
Patra, Greece

Solutions Linux OpenSource
http://www.solutionslinux.fr/?lg=en
10 - 12 May 2011
Paris, France

Linux Tag
http://www.linuxtag.org
11 - 14 May 2011
Berlin, German

Desktop Summit
http://desktopsummit.org
06 - 12th August 2011
Berlin, German

FrOSCon
http://www.froscon.de
20st - 21nd August 2011
Bonn, Germany

FrOSCamp
http://froscamp.org
17 - 18 Sep 2010
Zurich, Switzerland

T-DOSE
http://www.t-dose.org
05 - 06 November 2011
Eindhoven, Netherlands

  -  

Search

Admin area

  • Login

Categories

  • blog
  • wiki
  • pirsynd
  • midori
  • books
  • archlinux
  • movies
  • xfce
  • code
  • beer
  • planet_ellak
  • planet_Sysadmin
  • microblogging
  • UH572
  • KoboGlo
  • planet_fsfe

Archives

  • 2025
    • October
    • September
    • April
    • March
    • February
  • 2024
    • November
    • October
    • August
    • April
    • March
  • 2023
    • May
    • April
  • 2022
    • November
    • October
    • August
    • February
  • 2021
    • November
    • July
    • June
    • May
    • April
    • March
    • February
  • 2020
    • December
    • November
    • September
    • August
    • June
    • May
    • April
    • March
    • January
  • 2019
    • December
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2018
    • December
    • November
    • October
    • September
    • August
    • June
    • May
    • April
    • March
    • February
    • January
  • 2017
    • December
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2016
    • December
    • November
    • October
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2015
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • January
  • 2014
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2013
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2012
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2011
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2010
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2009
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
Ευάγγελος.Μπαλάσκας.gr

License GNU FDL 1.3 - CC BY-SA 3.0