Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
F
F
fogx2010-12-29 13:01:20
SSH
fogx, 2010-12-29 13:01:20

SSH Tunneling or VPN?

There is a rented VPS in another country. I want to go from my home computer to the Internet through it.

I see two options:
1) Install and configure OpenVPN, as described in the article
"Free VPN from Amazon" habrahabr.ru/blogs/infosecurity/107631/

2) Forward the ssh tunnel and tell all programs to go through it. More about the ssh tunnel here: habrahabr.ru/blogs/linux/102828/

Of the advantages of the second method, its obvious simplicity - you do not need to install anything, the browser and ICQ work immediately, and even if there is some exotic program that cannot work through Socks5 Proxy, it doesn't matter, wrapping it through the same SocksCap or Proxifier is a matter of two minutes.

Can you tell me about the cons? Why do you need to fence this whole garden with OpenVPN? In what cases does it make sense? There, one description of the settings occupies five screens. So maybe this is a better way? What does an SSH tunnel not give, why is OpenVPN necessary?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
D
darkdimius, 2010-12-29
@darkdimius

ssh can make its own "vpn" and not just socks proxy.

echo "Starting VPN tunnel ..."
modprobe tun
ssh -w ${TUN_LOCAL}:${TUN_REMOTE} -f ${HOST} -p ${HOST_PORT} "\
ip addr add ${IP_REMOTE}/${IP_MASK} dev tun${TUN_REMOTE} \
&& ip link set tun${TUN_REMOTE} up \
&& sleep 2\
&& echo "slept"\
&& iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -s ${IP_LOCAL}\
&& echo "masq"\
&& iptables -I INPUT -i tun${TUN_REMOTE} -j ACCEPT \
&& iptables -I FORWARD -i tun${TUN_REMOTE} -j ACCEPT \
&& iptables -t nat -I PREROUTING -i tun${TUN_REMOTE } -j ACCEPT \
&& echo "serv done"\
&& true"
sleep 5
echo "local"
ip addr add ${IP_LOCAL}/${IP_MASK} dev tun${TUN_LOCAL}
ip link set tun${TUN_LOCAL} up
ip route del default
ip route add default dev tun${TUN_LOCAL}
#echo "search ${PRIVATE_DOMAIN}
#echo "nameserver ${PRIVATE_NAMESERVER}
#" >/etc/resolv.conf
echo » …done."
<\blockquote>

Report
A
Antelle, 2010-12-29
@Antelle

Setting up each program every time is not an option (and many do not want to set up for fundamental reasons)
> wrapping it through the same SocksCap or Proxifier is a matter of two minutes
Proxifier is paid. SocksCap is bad, I didn't even get up on win7x64.
OpenVpn set up once and forgot.

Report
N
NanoDragon, 2010-12-29
@NanoDragon

It is probably more difficult to build a VPN on SHH.
And what card did you use for Amazon, a regular one or a Visa Virtual type?

Report
A
admin4eg, 2010-12-29
@admin4eg

I myself go to tyrnets according to a similar scheme.
Everything is set up simply, even very much, you don’t need to retrain anyone, the default route becomes vpn
www.odmin4eg.ru/tag/openvpn/

Similar questions
I
igor11122018-10-11 17:13:40
Sshfs: Connection reset by peer? 1Reply
D
Denis2014-03-19 08:40:39
How to make an OpenVPN connection through an SSH tunnel? 4Reply
A
Alexey Yarkov2016-05-19 20:36:32
What ssh client for windows with multiple tabs would you recommend? 5Reply
M
Maxim Lesnikov2014-04-07 10:19:27
Connecting via Putty to ubuntu (Hyper-V)? 3Reply
T
T_y_l_e_r2016-05-28 15:30:26
How to run all installed software in Tails through Tor? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question