How to configure SSH to connect through an OpenVPN?

ssh openvpn openssh
15,137

Several options come to my mind.

Shell Script

you could write a shell script which

  • starts openVPN
  • starts SSH

  • stops openVPN when SSH disconnects

    #!/bin/bash /usr/bin/openvpn /home/user/ovpn/config.ovpn ssh user@host pkill -SIGTERM -f 'openvpn --conf /home/user/ovpn/config.ovpn'

After that, you can alias that, e.g. alias vpnssh='/home/scriptname.sh', and/or add that to your .bashrc.

Proxycommand

You can try to use openSSH's proxycommandfor that:

ssh -o ProxyCommand="/usr/bin/openvpn /home/user/ovpn/config.ovpn" user@host

in both cases

you need to tell openVPN that you do not want to route everything through the tunnel. So, given that 192.168.0.1 is your work desktop, add the following to your openVPN config file

route-nopull route 192.168.0.1 255.255.255.255

use route 192.168.0.0 255.255.255.0 if you want to reach the whole subnet.

Share:
15,137

Related videos on Youtube

evencoil
Author by

evencoil

Updated on September 18, 2022

Comments

  • evencoil
    evencoil almost 2 years

    I have a desktop at work that I like to keep synchronized with my home computers using Unison, which connects through SSH. I also sometimes like to remote in to the work computer using SSH.

    My work network is starting a new policy that will only allow connections from outside the network if they are over a VPN.

    Is there a way that I can adjust my SSH configuration so that whenever it tries to log in to the work computer, it goes through the work VPN?

    To be clear, I do not want to have to manually connect to the work VPN each time I want SSH to connect to the work computer. I also do not want to be permanently connected to the work VPN.

    Note that I can freely change both the client (my home computers) and server (work computer) SSH configurations. Also, I don't think it should matter, but all machines in question are Linux boxes. I am using OpenSSH and the work VPN is openVPN.

    Clarification: The main reason I want to not be permanently connected to the work VPN is to not have to worry about following their terms of service. So I want only the SSH traffic to be sent through the VPN and nothing else.

  • evencoil
    evencoil almost 8 years
    Are these solutions going to make my entire connection go through the VPN? I don't want that to happen because I don't want to be subject to my work's terms of service.
  • stueja
    stueja almost 8 years
    Ah, I'm sorry, I literally knew that I forgot something. Thanks for the reminder. I will update my answer accordingly.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

svn: E170013: Unable to connect to a repository at URL
Docker SSH Server Connection Refused
Cannot get git extensions to push something to github SSH problems
id_rsa.pub is not a public key file
Command not found: ssh OpenSSH not found on your computer
SSH connection screwed up after VPN connection established
How do I get SSH server to work with putty client?
Given keys in ~/.ssh/authorized_keys format, can you determine key strength easily?
openssh-server can't connect remotely
ssh-add -l Error connecting to agent: Connection refused