SSH Tunneling or VPN?


Warning: count(): Parameter must be an array or an object that implements Countable in /home/styllloz/public_html/qa-theme/donut-theme/qa-donut-layer.php on line 274
0 like 0 dislike
38 views
There is a rented VPS in a different country. Want to go to the home PC to the Internet through it.

I see two options:
1) Install and configure OpenVPN as described in the article
"Free VPN from Amazon" habrahabr.ru/blogs/infosecurity/107631/

2) Traverse the ssh tunnel and tell all programs to go through it. Read more about ssh tunneling here: habrahabr.ru/blogs/linux/102828/

One of the advantages of the second method is its obvious simplicity — nothing to install, brovzer and ICQ work immediately, and even if there are some exotic program that is not able to work through Socks5 Proxy, anyway, to wrap it through the same SocksCap or Proxifier — a matter of two minutes.

And tell us about the cons? What for to fence all this kitchen garden with OpenVPN? In some cases this makes sense? There is one description of the settings takes five screens. So, I guess that something is this way better? Why not give the SSH tunnel, why the need for OpenVPN to be sure?
by | 38 views

4 Answers

0 like 0 dislike
ssh knows how to make himself a "vpn" and not just a socks proxy.
\r
echo "Starting VPN tunnel ..."
modprobe tun
ssh -w ${TUN_LOCAL}:${TUN_REMOTE} -f ${HOST} -p ${HOST_PORT} "\\
ip addr add ${IP_REMOTE}/${IP_MASK} dev tun${TUN_REMOTE} \\
&& ip link set tun${TUN_REMOTE} up \\
&& sleep 2\\
&& echo "slept"\\
&& iptables-t nat -A POSTROUTING -o eth0 -j MASQUERADE-s ${IP_LOCAL}\\
&& echo "masq"\\
&& iptables-I INPUT-i tun${TUN_REMOTE} -j ACCEPT \\
&& iptables-I FORWARD -i tun${TUN_REMOTE} -j ACCEPT \\
&& iptables-t nat -I PREROUTING policy -i tun${TUN_REMOTE} -j ACCEPT \\
&& echo "done."\\
&& true"
sleep 5
echo "local"
\r
ip addr add ${IP_LOCAL}/${IP_MASK} dev tun${TUN_LOCAL}
ip link set tun${TUN_LOCAL} up
ip route del default
ip route add default dev tun${TUN_LOCAL}
#echo "search ${PRIVATE_DOMAIN}
#echo "nameserver ${PRIVATE_NAMESERVER}
#“ >/etc/resolv.conf
echo "... done."
\r<\\blockquote>
by
0 like 0 dislike
Each program to set up each time is not an option (and many do not want to tune in for reasons of principle)
> wrap it through the same SocksCap or Proxifier — a matter of two minutes
Proxifier pay. It was buggy, on win7x64 I have not even stood up.
OpenVpn set up once and forgotten.
by
0 like 0 dislike
On SHH I guess VPN more difficult to build.
And what card you used for Amazon or the usual type is Visa Virtual?
by
0 like 0 dislike
Himself on such a scheme go in tyrnete.
Nastraivatsa all we know, even very, no one to retrain it is not necessary, default route becomes VPN
\r
\rwww.odmin4eg.ru/tag/openvpn/
by

Related questions

0 like 0 dislike
4 answers
0 like 0 dislike
3 answers
asked Mar 21, 2019 by BigD
0 like 0 dislike
3 answers
0 like 0 dislike
4 answers
0 like 0 dislike
1 answer
asked Jun 14, 2019 by Galdar
110,608 questions
257,186 answers
0 comments
27,835 users