Website Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • August 31, 2015, 05:52:20 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: VPN/SSH Tunneling software  (Read 23440 times)

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,365
    • View Profile
    • Donate to Member
VPN/SSH Tunneling software
« on: May 23, 2006, 05:52:41 AM »
I am looking for a VPN or SSH Tunnel software that I can use to secure my remote desktop session (as suggested by f0dder in the remote control thread). Does anyone have any that they particularly prefer?

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #1 on: May 23, 2006, 06:30:50 AM »
VPN sorta requires custom hardware - or perhaps a BSD (or linux) box. Or perhaps some (commercial?) windows (server?) software. We got a CISCO PIX 501 at work, which works pretty well. Not exactly cheap, but the VPN on it is easy to set up and works very well (can't say I'm too happy about the cisco vpn client though, it causes some hiccups with vmware networking every now and then - still researching into that one).

As for SSH tunnelling, I haven't gotten around to playing with it yet :(. I think the nice PuTTY software can handle it on the client side, and at the serverside I'd recommend some bsd/linux/unix box running OpenSSH. Something that seems a bit problematic to me in the case of RDP is that the default client won't let you specify a port number to connect to... so you'll only be able to access one machine behind the SSH wall, unless you manually remap the tunnel...
- carpe noctem

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,365
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #2 on: May 23, 2006, 06:33:28 AM »
In RDP, you can use a :PORTNUMBER at the end of the hostname/ip to connect to a specific port :) so HOSTNAME:PORT

Also, dont they have VPN software so you can run a VPN server on a windows pc? I have a spare pc, and once its up and running again, I plan to install ubuntu to run as a firewall and a few various other tasks (plus a general workstation for my wife to use).
« Last Edit: May 23, 2006, 06:36:03 AM by Josh »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #3 on: May 23, 2006, 06:39:41 AM »
Ah great, didn't know that! Then it should be quite possible to access multiple internal RDP machines through a single server/IP. I'd have to do some research to figure out how to do it, though - hardware assisted VPN is so easy ;)
- carpe noctem

Rover

  • Master of Smilies
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 630
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #4 on: May 23, 2006, 09:38:52 AM »
Josh,

If you are accessing a Linux box from windows, you must use PuTTY.   :)

Once you are using (and Loving) PuTTY, you can looking in the Connection Settings, under SSH at the Tunnels section.  From there you can Turn on X Windows forwarding.  You can also tunnel ports.

For example:  I have a server that can SSH to via port 22.  For our discussion, that is the only open port in the firewall.  I want to use VNC on port 5901, so I add the following to my session:
Source Port: 5901
Desitnation: remote.server.ip:5901
 - remote.server.ip is either the ip address or hostname form the REMOTE server's perspective.
And click the Add button.

Once I SSH to my remote server using my username/password or Pub Key, I can connect to my VNCServer using the tunnel.  I fireup VNCviewer and browse to the tunneled address:
127.0.0.1:5901

Notice that to my vncviewer, it looks like I should be connecting back to my local PC, using the loop-back address.  But PuTTY is listening on port 5901 and taking my connection through the tunnel to the remote server. 

Result, I end up using the VNC Desktop on my remote box without exposing port 5901 to the outside world.

Yea for SSH Tunnels  :Thmbsup:
Insert Brilliant Sig line here
« Last Edit: May 23, 2006, 09:40:42 AM by Rover »

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,365
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #5 on: May 23, 2006, 10:15:46 AM »
What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #6 on: May 23, 2006, 10:59:58 AM »
What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.

You will need, ta-da, a SSH server :)
I think there's a win32 port of the OpenSSH project, but I don't know how well it works. There's probably some commercial offerings too, though.

I'm afraid I can't say "it doesn't matter much for a home setting", with the recent exploits for VNC... one of my friends got hacked because of it, but fortunately the hackers were kind enough to shut the VNC ports down in his firewall. He still needs to reinstall a couple of machines though, just in case they have been rootkitted >_<
- carpe noctem

OGroeger

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 76
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #7 on: May 23, 2006, 12:32:02 PM »
You have serveral more possibilities:
  • IPSec: Win2k and XP support this, as well as most Linux distribs and Mac Os. But it is complicated.
  • OpenVPN (www.openvpn.net): You have one vpn server and vpn clients. It is easier to configure and very flexible. It runs on Win2k and above + Linux + Mac Os.
  • hamachi (www.hamachi.cc): The company Applied Networking plays the role of the vpn server for you (not charge). You (the client) define what other clients share an isolated "network". This is the most easy method, but you must believe in Applied network.

Olaf

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #8 on: May 23, 2006, 12:49:10 PM »
I'm not too fond of hamachi - central point of failure, and some of their claims sound a bit weird...
- carpe noctem

taichimaster

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 160
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #9 on: May 25, 2006, 11:21:20 PM »
What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.

I use WinSSHD from http://www.bitvise.com

Works great and extremely easy to use, check it out :)
« Last Edit: May 25, 2006, 11:22:52 PM by taichimaster »

Rover

  • Master of Smilies
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 630
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #10 on: May 25, 2006, 11:25:19 PM »
I have a spare pc, and once its up and running again, I plan to install ubuntu to run as a firewall
For some reason I read this and thought it said you have a linux box... sorry for the confusion.  Once you have ubuntu installed, sshd should be available :)
Insert Brilliant Sig line here

jlogic77

  • Participant
  • Joined in 2007
  • *
  • Posts: 13
    • View Profile
    • UberNote
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #11 on: December 17, 2007, 06:33:17 PM »
putty and plink.

I create a batch file with all the credentials:

i.e.:
"plink -batch -ssh -l NAME -pw PASSWORD -L PORT:HOST:PORT HOST"

Then i just click and am connected...  Just leave the window open.


f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #12 on: December 17, 2007, 06:46:11 PM »
Ugh, passphrase in plaintext in a batch file? Baaad bad. You should use pageant and pubkey auth instead. Btw, MyEnTunnel is okay handy for managing SSH tunnels.
- carpe noctem

tinjaw

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,927
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #13 on: December 17, 2007, 07:39:50 PM »
I create a batch file with all the credentials:

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #14 on: December 18, 2007, 04:54:44 AM »
What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp?

I use copSSH on XP x64 back home and it seems to work perfectly. Easy to setup and free free free :)

jlogic77

  • Participant
  • Joined in 2007
  • *
  • Posts: 13
    • View Profile
    • UberNote
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #15 on: December 19, 2007, 02:39:08 PM »
Ugh, passphrase in plaintext in a batch file? Baaad bad. You should use pageant and pubkey auth instead. Btw, MyEnTunnel is okay handy for managing SSH tunnels.


Really think it's that bad on my laptop?  Just use it to connect to my svn server.

jlogic77

  • Participant
  • Joined in 2007
  • *
  • Posts: 13
    • View Profile
    • UberNote
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #16 on: December 19, 2007, 02:52:27 PM »
eh probably right.  can't be too careful.  I'll look to change it to a prompt for pwd

tinjaw

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,927
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #17 on: December 19, 2007, 04:26:44 PM »
You can use a private key and set your SSHD to only accept keys as login. Then you need not worry about somebody getting your password. You just need to keep your password to your private key a secret. And, if you store your key on a usb stick, then you keep the key separate from the laptop. This way nobody ever has both. And your key is passPHRASE (hint hint) protected, so even if you lose the usb stick, your key is protected long enough to give you time to notice and generate a new one.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #18 on: December 20, 2007, 09:12:50 AM »
...and combined with putty's pageant, you only need to provide passphrase once per boot, so it's not too much of a hassle :)
- carpe noctem

wilfrednilsen

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 22
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #19 on: February 24, 2008, 09:53:36 PM »
You can also check out the integrated BarracudaDrive HTTPS tunnel server plugin and the 3 HTTPS tunnel clients: GetMyLAN, BdProxy, and HTTPS tunnel. The GetMyLAN client is similar to SSL VPN.

Server:
http://barracudaserv...ucts/BarracudaDrive/

Clients:
http://barracudaserv...cudaDrive/sslvpn.lsp

There is also a remote desktop solution (external plugin):
http://barracudaserv...cts/GoToMyWebServer/

« Last Edit: February 24, 2008, 09:56:30 PM by wilfrednilsen »

Kamel

  • Honorary Member
  • Joined in 2006
  • **
  • Posts: 138
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #20 on: January 01, 2009, 02:23:42 PM »
I can't believe that hamachi has not been mentioned in this post. It is free, and the best VPN software out there when it comes to 0-configuration

Edit: I'm an idiot, just overlooked it.

Weird how people have bashed it here though o_O. I know the creator of hamachi personally and I can personally verify that the software is 100% legitimate (as is the company that acquired it, LogMeIn) and has not made any claims that it does not back up 100%. If you have any questions about it, I'd be very glad to assist you with it. Anything I couldn't answer, I could ask Alex, the creator, but I seriously doubt there are questions about it that I couldn't answer myself as I did support for hamachi for nearly a year.
I'm the guy you yell at when your DSL goes down...
« Last Edit: January 01, 2009, 02:27:15 PM by Kamel »

kartal

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 1,529
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #21 on: July 29, 2009, 09:21:53 PM »
Bump
Hi
I have been setting up some ssh tunneling, seems to be working fine. But I am afraid I will end up running alot of putty sessions to cover all. What would be the proper way to run all these different sessions nowadays?

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #22 on: July 29, 2009, 09:27:58 PM »
Kartal: you might want to check out MyEnTunnel.
- carpe noctem

kartal

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 1,529
    • View Profile
    • Donate to Member
Re: VPN/SSH Tunneling software
« Reply #23 on: July 30, 2009, 01:04:10 AM »
Hi
thanks for the recommendation but I cannot figure out how to use it. Is this something that goes along with Putty or a toally seperate tunneling app?