It’s super easy to setup a vpn connection over an ssh access.
You dont believe me ?
You can try it by your self in only a few seconds away.
You have to be root on your local machine and you have to ssh as root to your remote machine.
To do that, change your remote /etc/ssh/sshd_config with the below values:
AllowUsers root
PermitRootLogin yes
PermitTunnel = yes
restart your ssh daemon: /etc/init.d/sshd restart
After that, copy the below shell script : ssh.vpn.sh
This is ssh.vpn.sh code:
#!/bin/sh
# Evaggelos Balaskas < ebalaskas _AT_ ebalaskas _DOT_ gr >
# Last change: Mon Feb 21 23:48:53 GMT-2 2011
# If you can spare a dollar, plz donate !
clear
echo "Give me server's name: "
read SERVER
echo "Give me ssh port: "
read PORT
SIP=`host $SERVER|tail -1 | awk '{print $NF}'`
DGW=`ip route show | grep default | awk '{print $3}'`
ssh -fw any:any $SIP -p $PORT 'ifconfig tun0 down;
ifconfig tun0 10.20.30.40 pointopoint 10.20.30.41;
echo 1 > /proc/sys/net/ipv4/ip_forward;
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
grep nameserver /etc/resolv.conf ' > /etc/resolv.conf
# Configure Client tun0 --> point-to-point with server tun0
ifconfig tun0 down
ifconfig tun0 10.20.30.41 pointopoint 10.20.30.40
# Configure Routing
route add -host $SIP dev eth0
route add default gw 10.20.30.40 dev tun0
route del default gw $DGW dev eth0
Make this file executable: chmod +x ssh.vpn.sh
and run it # ./ssh.vpn.sh !!!
You should asked to write the server’s name (eg. ssh.example.com) and the ssh port (eg. 22) and of course your root remote password.
Everything else is automate to make your life
Simple as that.
Open whatismyip to see your new ip address!
It’s super easy to setup a vpn connection over an ssh access.
You dont believe me ?
You can try it by your self in only a few seconds away.
You have to be root on your local machine and you have to ssh as root to your remote machine.
To do that, change your remote /etc/ssh/sshd_config with the below values:
AllowUsers root
PermitRootLogin yes
PermitTunnel = yes
restart your ssh daemon: /etc/init.d/sshd restart
After that, copy the below shell script : ssh.vpn.sh
This is ssh.vpn.sh code:
#!/bin/sh
# Evaggelos Balaskas < ebalaskas _AT_ ebalaskas _DOT_ gr >
# Last change: Mon Feb 21 23:48:53 GMT-2 2011
# If you can spare a dollar, plz donate !
clear
echo "Give me server's name: "
read SERVER
echo "Give me ssh port: "
read PORT
SIP=`host $SERVER|tail -1 | awk '{print $NF}'`
DGW=`ip route show | grep default | awk '{print $3}'`
ssh -fw any:any $SIP -p $PORT 'ifconfig tun0 down;
ifconfig tun0 10.20.30.40 pointopoint 10.20.30.41;
echo 1 > /proc/sys/net/ipv4/ip_forward;
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
grep nameserver /etc/resolv.conf ' > /etc/resolv.conf
# Configure Client tun0 --> point-to-point with server tun0
ifconfig tun0 down
ifconfig tun0 10.20.30.41 pointopoint 10.20.30.40
# Configure Routing
route add -host $SIP dev eth0
route add default gw 10.20.30.40 dev tun0
route del default gw $DGW dev eth0
Make this file executable: chmod +x ssh.vpn.sh
and run it !!!
You should asked to write the server’s name (eg. ssh.example.com) and the ssh port (eg. 22).
Everything else is automate to make your life
Simple as that.
Open whatismyip to see your new ip address!
Ok i have to admit that large urls are un-friendly, difficult to share and sometimes have privacy info.
Url shorteners provide anonymity and a short-friendly url to use and share.
But they are also a security risk! Browser security is something that we take very light, but we shouldn’t!
When someone sends me a url shortener i have to use a web browser to click on it and see the destination page. With simple urls i have to just mouse over (firefox 3) to see the destination.
Sometimes people send me spam or urls that i dont wish to open or see.
I believe that the design of url shorteners is just wrong!
People should be able to see or even test the urls before they click and open on them.
Browser hijacking is one form of malicious code that url shorteners make it extremely easy !
An idea:
Like google’s “Instant is on”, a similar action should be done with url shorteners.
With mouse over (or whatever else you like) the destination domain/url should reveal to the client.
And then if he/she agrees to verify for open the destination url to a new tab/window.
A simple chrome/firefox extension shouldn’t be that hard.
Or you have a different opinion ?
Very Interesting Linux Events & Confs that you should be there:
Fosdem
http://fosdem.org
05 - 06 Feb 2011
Brussels, Belgium
Open Source Days
http://opensourcedays.org
05 Mar 2011
Copenhagen, Denmark
OpenFest
http://openfest.teipir.gr
9th to 10th of April 2011
Piraeus, Greece
Linux Open Administration Days
http://loadays.org
16th - 17th April 2011
Wilrijk, Belgium
Infosecurity
http://www.infosec.co.uk
19th - 21st April 2011
London, England
Fosscomm
http://fosscomm.gr
7th - 8th May 2011
Patra, Greece
Solutions Linux OpenSource
http://www.solutionslinux.fr/?lg=en
10 - 12 May 2011
Paris, France
Linux Tag
http://www.linuxtag.org
11 - 14 May 2011
Berlin, German
Desktop Summit
http://desktopsummit.org
06 - 12th August 2011
Berlin, German
FrOSCon
http://www.froscon.de
20st - 21nd August 2011
Bonn, Germany
FrOSCamp
http://froscamp.org
17 - 18 Sep 2010
Zurich, Switzerland
T-DOSE
http://www.t-dose.org
05 - 06 November 2011
Eindhoven, Netherlands