Hello
A short time ago I was going to try and install a VPN for work, using
ssh and ppp on our Linux box. I started with the VPN-mini howto by
Arpad Magosanyi, and I found it well thought out, and well
constructed. However I did have a problem with one piece of it: the
pty-redir program. No offense, but it really struck me as a bit of a
kludge.
The actual project is delayed indefenetly, but in trying to figuring
out how to do a VPN, I had an idea of how to do it better. So I wanted
to run by people who ahead a bit more clue than I do. Since the
project is on hold I won't actually be able to experiment with this
any time soon.
Here's my idea:
Instead of pty-redir, put a dedicated getty program on to the slave
side of the pseudo-tty, setup up so that it calls ssh instead of
login. I know mgetty at least can do this. In this way, from the
master side of the pseudo-tty, it just looks like another modem, and
all you need is pppd and a simple chat script. I think one of the
advantages of this is that you can then use any of the ppp tools on
the VPN, like using diald so the VPN is only active when need.
I know I'm only giving a rather general description, but think it
should be enough to see if I've overlooked anything important. And if
anyone wants a more details, I'll be happy to write it out in more
detail.
Thanks
Martyn Peck