Tunnel

IP over SSH

wanna tunnel IP over SSH ? give a try ? Tested for you with … OpenBSD :) Host1 do the following as root echo "net.inet.ip.forwarding=1" >> /etc/sysctl.conf sysctl net.inet.ip.forwarding=1 echo "inet 10.0.0.1 255.255.255.0 10.0.0.2" >> /etc/hostname.tun0 sh /etc/netstart tun0 sed -i '/PermitTunnel .*/PermitTunnel yes/' /etc/ssh/sshd_config rcctl restart sshd ssh-copy-id root@host2 Host2 do the following as root echo "net.inet.ip.forwarding=1" >> /etc/sysctl.conf sysctl net.inet.ip.forwarding=1 echo "inet 10.0.0.2 255.255.255.0 10.0.0.1" >> /etc/hostname.tun0 sh /etc/netstart tun0 sed -i '/PermitTunnel .

SSH Server behind Firewall

got a Server behing NAT / Firewall ? Need Shell access to … ? Server behind NAT/FW user@server$ ssh -R 1234:localhost:22 my.public.jumpbox Access Server ssh my.public.jumpbox user@jumpbox$ ssh -p 1234 localhost user@server$ and you’re in :) Any Comments ? sha256: 81b4dc1d84f9f8bcbf5060f382853759fffa1e5824e2ae98ad5508a082db5dfd

Tunnel IPv4 over IPv6

let’s do the opposite. you have some ipv6 connectifity and need to transport ipv4 Host A (IPv6 only) root@hosta ~# ifconfig vio0 vio0: flags=208843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF6> mtu 1500 lladdr 56:00:02:e7:9d:e5 index 1 priority 0 llprio 3 groups: egress media: Ethernet autoselect status: active inet6 fe80::5400:2ff:fee7:9de5%vio0 prefixlen 64 scopeid 0x1 inet6 2a05:f480:1400:7b6:a9e0:6a15:217:cc5c prefixlen 64 autoconf pltime 604627 vltime 2591827 inet6 2a05:f480:1400:7b6:446d:acb7:5fe4:450f prefixlen 64 autoconf autoconfprivacy pltime 86046 vltime 172537 root@hosta ~# i3 IPv4: !

Tunnel IPv6 over IPv4

let’s assume you need ipv6 connectifity somewhere … You can use some Tunnelbrokers or your run OpenBSD on your Boxes and want todo it on your own. Here some hints. Server with DualStack you need a Maschine out in the Internet which is DualStacked stoege@dualstack$ i3 IPv4: 11.22.33.44 IPv6: 2001:db8:100::100 Host with IPv4 only stoege@ipv4 host ~# i3 IPv4: 55.66.77.88 IPv6: !NETWORK and you want to bring IPv4 to the second host