AW: PPP through ssh?

Frame Peter peter.frame at softlab.ch
Wed Nov 10 11:24:43 EST 1999


This reply has been bothering me for some time, at the risk of looking
foolish here goes:

PPP is a Layer 2 protocol while ssh is used to secure TCP connections. I can
imagine that you could possibly encapsulate PPP and send it via ssh but why
would you want to?

Peter

> ----------
> Von: 	Brad Kemp[SMTP:kemp at indusriver.com]
> Gesendet: 	Mittwoch, 3. November 1999 23:24
> An: 	hheller at gmx.de; vpn at listserv.secnetgroup.com
> Cc: 	heller at localnet.hh
> Betreff: 	Re: PPP through ssh?
> 
> Helmut,
> There has been work on tunnels using ssh and using ssl/tls. 
> You can run PPP through ssh, ssl/tls and have a working VPN. One problem
> you may find is that performance suffers greatly when the internet
> experiences congestion or starts dropping packets.
> What happens in this scenario is that the ssh, ssl/tls tcp session
> retransmits
> and your applications tcp session retransmits. This doubles the packets
> sent up the link so your effective throughput is halved. Additionally, you
> add
> to the congestion which cause the problem in the first place.
> There is a debian linux add-on that tunnels over https. (see httpstunnel)
> 
> For ssh/ssl/tls tunnels check out
> http://www.csee.uq.edu.au/~leonard/software/
> http://mike.daewoo.com.pl/computer/stunnel/
> 
> At 06:25 AM 10/29/99 +0200, Helmut Heller wrote:
> >Hello,
> >
> >I am rather new to the VPN field, so please excuse my ignorance.
> >
> >To couple two sites through a secure internet connection (without paying
> big  
> >bucks, read: for free), shouldn't it be OK to use PPP via an ssh tunnel?
> Are  
> >there any known drawbacks to that approach?
> >
> >Are there any documents out there describing what one has to do to make
> it
> work?
> >
> >Thanks for any pointers and infos!
> >
> >Helmut
> >
> >---
> >Servus, Helmut  (DH0MAD)   ______________NeXT-mail
> accepted________________
> >Phone: +49-8671-881665     "Knowledge must be gathered and cannot be
> given"
> >hheller at gmx.de                     ZEN, one of BLAKES7
> >FAX:   +49-8671-881665
> ------------------------------------------------
> >Dr. Helmut Heller, Muehldorfer Str. 72, 84503 Altoetting, GERMANY
> >
> >****************************************************************
> >TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
> >
> >The VPN FAQ (under construction) is available at
> >http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
> >
> >We are currently experiencing "unsubscribe" difficulties.  If you
> >wish to unsubscribe, please send a message containing the single line
> >"unsubscribe vpn your-e-mail-address" to
> owner-vpn at listserv.secnetgroup.com
> >
> >****************************************************************
> >
> --- -- --
> Brad Kemp
> Indus River Networks, Inc.                   BradKemp at indusriver.com
> 31 Nagog Park						 978-266-8122
> Acton, MA 01720                              fax 978-266-8111
> 
> ****************************************************************
> TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
> 
> The VPN FAQ (under construction) is available at
> http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
> 
> We are currently experiencing "unsubscribe" difficulties.  If you
> wish to unsubscribe, please send a message containing the single line
> "unsubscribe vpn your-e-mail-address" to
> owner-vpn at listserv.secnetgroup.com
> 
> ****************************************************************
> 

****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************




More information about the VPN mailing list