...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
ifc tap0 192.168.1.1/24 up sshd tunnel add ssh_tun $ecRet tap0 sshd -window=128000 -keepalive=30 sshd start |
Configure secind Configure the second device same way, create the "tap0" interface and assign the "192.168.1.2/24" IP address to it. Set the parameters of internal window, check duration and server interface value, if "tap0" interface was created on server, "-remote-if=0" command should be used. Login and password must match those on the remote side. Optionally, we can specify the encryption algorithm, the key exchange algorithm and other tunnel parameters, a . A list of supported algorithms is displayed by the command: "sshtun tap0 -algo-list", where "kex" - SSH key exchange algorithms, "hostkey" - authentication, "cipher" - data coding, "hash" - data verification and "compress" - data compression. Enable SSH daemon. In order to enable SSH tunnel, enter the "sshtun start" command.
...
- At opposite ends of the tunnel is possible to configure IP addresses from different subnets on tap interfaces (for example 192.168.1.1/24 and 192.168.100.1/24). However, this configuration require requires static routes on the both sides configured by the command:
...