Whats the best solution?
Tuc at the Beach House
tuc at tucs-beachin-obx-house.com
Thu Feb 5 11:59:46 PST 2004
>
> SSH :-)
>
Um, yea?
>
> Have a look at the ssh(1) manpage.
>
Ok, I have.
>
> The port forwarding should be able to do
> what you are looking for.
>
But I want EVERY port forwarded. The -L/-R seems to be on a per
port basis.
>
> Also, to get the authentication to be automatic,
> set up your SSH to use public keys, and use a passphraseless public key on
> your laptop. This will let it automatically log in and set up the tunnel.
> You can then tunnel any TCP traffic through a secure channel to your server.
> This is all described in the man page.
>
But on a per port basis, right? The -D, isn't that for SOCKS4? Wouldn't
I have to make everything SOCKS4 aware? I don't want that...
>
> For DNS, use the IP address of the server you plan to use for the other end
> of the tunnel. As long as you open only UDP port 53 and configure it
> sensibly, there should be no security risk to running a DNS that accepts
> from any IP, all proper DNS servers need to do this anyway. This way, you
> can run your own DNS, and possibly even put in some private DNS tricks to
> make working with the tunnel easier.
>
What about all the other ports?
Is there something that is more "overall" and I can "default route"
through?
Thanks, Tuc/TTSG Internet Services, Inc.
More information about the freebsd-net
mailing list