Welcome Guest.   Make a donation to an author on the site July 24, 2014, 09:44:45 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Read the Practical Guide to DonationCoder.com Forum Search Features
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: VPN/SSH Tunneling software  (Read 21387 times)
Josh
Charter Honorary Member
***
Posts: 3,316



View Profile Give some DonationCredits to this forum member
« on: May 23, 2006, 05:52:41 AM »

I am looking for a VPN or SSH Tunnel software that I can use to secure my remote desktop session (as suggested by f0dder in the remote control thread). Does anyone have any that they particularly prefer?
Logged

Strength in Knowledge
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #1 on: May 23, 2006, 06:30:50 AM »

VPN sorta requires custom hardware - or perhaps a BSD (or linux) box. Or perhaps some (commercial?) windows (server?) software. We got a CISCO PIX 501 at work, which works pretty well. Not exactly cheap, but the VPN on it is easy to set up and works very well (can't say I'm too happy about the cisco vpn client though, it causes some hiccups with vmware networking every now and then - still researching into that one).

As for SSH tunnelling, I haven't gotten around to playing with it yet Sad. I think the nice PuTTY software can handle it on the client side, and at the serverside I'd recommend some bsd/linux/unix box running OpenSSH. Something that seems a bit problematic to me in the case of RDP is that the default client won't let you specify a port number to connect to... so you'll only be able to access one machine behind the SSH wall, unless you manually remap the tunnel...
Logged

- carpe noctem
Josh
Charter Honorary Member
***
Posts: 3,316



View Profile Give some DonationCredits to this forum member
« Reply #2 on: May 23, 2006, 06:33:28 AM »

In RDP, you can use a :PORTNUMBER at the end of the hostname/ip to connect to a specific port smiley so HOSTNAME:PORT

Also, dont they have VPN software so you can run a VPN server on a windows pc? I have a spare pc, and once its up and running again, I plan to install ubuntu to run as a firewall and a few various other tasks (plus a general workstation for my wife to use).
« Last Edit: May 23, 2006, 06:36:03 AM by Josh » Logged

Strength in Knowledge
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #3 on: May 23, 2006, 06:39:41 AM »

Ah great, didn't know that! Then it should be quite possible to access multiple internal RDP machines through a single server/IP. I'd have to do some research to figure out how to do it, though - hardware assisted VPN is so easy Wink
Logged

- carpe noctem
Rover
Master of Smilies
Charter Member
***
Posts: 628



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #4 on: May 23, 2006, 09:38:52 AM »

Josh,

If you are accessing a Linux box from windows, you must use PuTTY.   smiley

Once you are using (and Loving) PuTTY, you can looking in the Connection Settings, under SSH at the Tunnels section.  From there you can Turn on X Windows forwarding.  You can also tunnel ports.

For example:  I have a server that can SSH to via port 22.  For our discussion, that is the only open port in the firewall.  I want to use VNC on port 5901, so I add the following to my session:
Source Port: 5901
Desitnation: remote.server.ip:5901
 - remote.server.ip is either the ip address or hostname form the REMOTE server's perspective.
And click the Add button.

Once I SSH to my remote server using my username/password or Pub Key, I can connect to my VNCServer using the tunnel.  I fireup VNCviewer and browse to the tunneled address:
127.0.0.1:5901

Notice that to my vncviewer, it looks like I should be connecting back to my local PC, using the loop-back address.  But PuTTY is listening on port 5901 and taking my connection through the tunnel to the remote server. 

Result, I end up using the VNC Desktop on my remote box without exposing port 5901 to the outside world.

Yea for SSH Tunnels  Thmbsup


* putty.jpg (85.95 KB, 426x435 - viewed 733 times.)
« Last Edit: May 23, 2006, 09:40:42 AM by Rover » Logged

Insert Brilliant Sig line here
Josh
Charter Honorary Member
***
Posts: 3,316



View Profile Give some DonationCredits to this forum member
« Reply #5 on: May 23, 2006, 10:15:46 AM »

What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.
Logged

Strength in Knowledge
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #6 on: May 23, 2006, 10:59:58 AM »

What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.

You will need, ta-da, a SSH server smiley
I think there's a win32 port of the OpenSSH project, but I don't know how well it works. There's probably some commercial offerings too, though.

I'm afraid I can't say "it doesn't matter much for a home setting", with the recent exploits for VNC... one of my friends got hacked because of it, but fortunately the hackers were kind enough to shut the VNC ports down in his firewall. He still needs to reinstall a couple of machines though, just in case they have been rootkitted >_<
Logged

- carpe noctem
OGroeger
Charter Member
***
Posts: 76


View Profile Give some DonationCredits to this forum member
« Reply #7 on: May 23, 2006, 12:32:02 PM »

You have serveral more possibilities:
  • IPSec: Win2k and XP support this, as well as most Linux distribs and Mac Os. But it is complicated.
  • OpenVPN (www.openvpn.net): You have one vpn server and vpn clients. It is easier to configure and very flexible. It runs on Win2k and above + Linux + Mac Os.
  • hamachi (www.hamachi.cc): The company Applied Networking plays the role of the vpn server for you (not charge). You (the client) define what other clients share an isolated "network". This is the most easy method, but you must believe in Applied network.

Olaf
Logged
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #8 on: May 23, 2006, 12:49:10 PM »

I'm not too fond of hamachi - central point of failure, and some of their claims sound a bit weird...
Logged

- carpe noctem
taichimaster
Charter Member
***
Posts: 159



View Profile WWW Give some DonationCredits to this forum member
« Reply #9 on: May 25, 2006, 11:21:20 PM »

What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp? I understand how ssh operates, but at the moment I do not have access to a linux box with an ssh server.

I use WinSSHD from http://www.bitvise.com

Works great and extremely easy to use, check it out smiley
« Last Edit: May 25, 2006, 11:22:52 PM by taichimaster » Logged

Rover
Master of Smilies
Charter Member
***
Posts: 628



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #10 on: May 25, 2006, 11:25:19 PM »

I have a spare pc, and once its up and running again, I plan to install ubuntu to run as a firewall
For some reason I read this and thought it said you have a linux box... sorry for the confusion.  Once you have ubuntu installed, sshd should be available smiley
Logged

Insert Brilliant Sig line here
jlogic77
Participant
*
Posts: 13


View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #11 on: December 17, 2007, 06:33:17 PM »

putty and plink.

I create a batch file with all the credentials:

i.e.:
"plink -batch -ssh -l NAME -pw PASSWORD -L PORT:HOST:PORT HOST"

Then i just click and am connected...  Just leave the window open.

Logged

f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #12 on: December 17, 2007, 06:46:11 PM »

Ugh, passphrase in plaintext in a batch file? Baaad bad. You should use pageant and pubkey auth instead. Btw, MyEnTunnel is okay handy for managing SSH tunnels.
Logged

- carpe noctem
tinjaw
Supporting Member
**
Posts: 1,926



I'm so glad breakbeat techno isn't an illegal drug

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #13 on: December 17, 2007, 07:39:50 PM »

I create a batch file with all the credentials:
Logged

 
EĆ³in
Charter Member
***
Posts: 1,400


O'Callaghan

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #14 on: December 18, 2007, 04:54:44 AM »

What type of server would I need to setup on my pc to allow me to use tunneling like that in windows xp?

I use copSSH on XP x64 back home and it seems to work perfectly. Easy to setup and free free free smiley
Logged

Interviewer: Is there anything you don't like?
Bjarne Stroustrup: Marketing hype as a substitute for technical argument. Thoughtless adherence to dogma. Pride in ignorance.
jlogic77
Participant
*
Posts: 13


View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #15 on: December 19, 2007, 02:39:08 PM »

Ugh, passphrase in plaintext in a batch file? Baaad bad. You should use pageant and pubkey auth instead. Btw, MyEnTunnel is okay handy for managing SSH tunnels.


Really think it's that bad on my laptop?  Just use it to connect to my svn server.
Logged

jlogic77
Participant
*
Posts: 13


View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #16 on: December 19, 2007, 02:52:27 PM »

eh probably right.  can't be too careful.  I'll look to change it to a prompt for pwd
Logged

tinjaw
Supporting Member
**
Posts: 1,926



I'm so glad breakbeat techno isn't an illegal drug

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #17 on: December 19, 2007, 04:26:44 PM »

You can use a private key and set your SSHD to only accept keys as login. Then you need not worry about somebody getting your password. You just need to keep your password to your private key a secret. And, if you store your key on a usb stick, then you keep the key separate from the laptop. This way nobody ever has both. And your key is passPHRASE (hint hint) protected, so even if you lose the usb stick, your key is protected long enough to give you time to notice and generate a new one.
Logged

 
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #18 on: December 20, 2007, 09:12:50 AM »

...and combined with putty's pageant, you only need to provide passphrase once per boot, so it's not too much of a hassle smiley
Logged

- carpe noctem
wilfrednilsen
Charter Honorary Member
***
Posts: 22


View Profile Give some DonationCredits to this forum member
« Reply #19 on: February 24, 2008, 09:53:36 PM »

You can also check out the integrated BarracudaDrive HTTPS tunnel server plugin and the 3 HTTPS tunnel clients: GetMyLAN, BdProxy, and HTTPS tunnel. The GetMyLAN client is similar to SSL VPN.

Server:
http://barracudaserver.co.../products/BarracudaDrive/

Clients:
http://barracudaserver.co...BarracudaDrive/sslvpn.lsp

There is also a remote desktop solution (external plugin):
http://barracudaserver.co...products/GoToMyWebServer/

« Last Edit: February 24, 2008, 09:56:30 PM by wilfrednilsen » Logged
Kamel
Honorary Member
**
Posts: 138


View Profile Give some DonationCredits to this forum member
« Reply #20 on: January 01, 2009, 02:23:42 PM »

I can't believe that hamachi has not been mentioned in this post. It is free, and the best VPN software out there when it comes to 0-configuration

Edit: I'm an idiot, just overlooked it.

Weird how people have bashed it here though o_O. I know the creator of hamachi personally and I can personally verify that the software is 100% legitimate (as is the company that acquired it, LogMeIn) and has not made any claims that it does not back up 100%. If you have any questions about it, I'd be very glad to assist you with it. Anything I couldn't answer, I could ask Alex, the creator, but I seriously doubt there are questions about it that I couldn't answer myself as I did support for hamachi for nearly a year.
« Last Edit: January 01, 2009, 02:27:15 PM by Kamel » Logged

I'm the guy you yell at when your DSL goes down...
kartal
Supporting Member
**
Posts: 1,529


View Profile Give some DonationCredits to this forum member
« Reply #21 on: July 29, 2009, 09:21:53 PM »

Bump
Hi
I have been setting up some ssh tunneling, seems to be working fine. But I am afraid I will end up running alot of putty sessions to cover all. What would be the proper way to run all these different sessions nowadays?
Logged
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #22 on: July 29, 2009, 09:27:58 PM »

Kartal: you might want to check out MyEnTunnel.
Logged

- carpe noctem
kartal
Supporting Member
**
Posts: 1,529


View Profile Give some DonationCredits to this forum member
« Reply #23 on: July 30, 2009, 01:04:10 AM »

Hi
thanks for the recommendation but I cannot figure out how to use it. Is this something that goes along with Putty or a toally seperate tunneling app?
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.053s | Server load: 0.04 ]