Shostack + Friends Blog Archive


New OpenSSH, with nifty feature

OpenSSH 4.3 is out. It has one new feature:

Add support for tunneling arbitrary network packets over a
connection between an OpenSSH client and server via tun(4) virtual
network interfaces. This allows the use of OpenSSH (4.3+) to create
a true VPN between the client and server providing real network
connectivity at layer 2 or 3. This feature is experimental and is
currently supported on OpenBSD, Linux, NetBSD (IPv4 only) and
FreeBSD. Other operating systems with tun/tap interface capability
may be added in future portable OpenSSH releases. Please refer to
the README.tun file in the source distribution for further details
and usage examples.

I know this is Bejtlich’s turf, so see his blog in a day or two for a way better post on this :^).