Outbound commercial vpn

From SkullSpace Wiki
Revision as of 14:54, 23 May 2019 by Markjenkinsparit (talk | contribs) (connect instructions)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

An outbound VPN using a commercial service is provided to the space by Mark Jenkins <mark@parit.ca> . Ask for access.

Both styles of TCP port tunneling through ssh are supported:

  • SOCKS proxy (-D in openssh), which many applications can be configured to use
  • local port forwarding (-L in openssh)

This service is hosted on vmsrv . Because an ip address is shared with vmsrv.skullspace.ca, you have to connect your ssh client to port 6001, not port 22. A openssh command line example:

$ ssh -D SOCKSPORT -L LOCALPORT:SOMEREMOTESERVER:SOMEREMOTEPORT -p 6001 username@vpnout.skull.space

The distinct vpnout.skull.space domain name can help you avoid typing the port each time you login, just put

Host vpnout.skull.space
    HostName vpnout.skull.space
    Port 6001

in your ~/.ssh/config file (openssh) or equivilent profile feature in other ssh clients.

ssh host key hashes

signed by mark@markjenkins.ca

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MD5:03:12:87:3f:4a:7d:e0:28:1e:c0:fd:89:10:90:f9:e1 (RSA)
SHA256:VWrigNiYjqCMbbGxREHNvZfUYaj8W8xCiD2wmLlHBC8 (RSA)
MD5:6f:37:2b:c9:bd:7c:bb:ff:f3:eb:73:a5:3d:76:50:1d (ECDSA)
SHA256:2s7PWA9IBj4DAV0eEbeibTFyk5860Yg+XLX5EodXK+8 (ECDSA)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJc5q6VAAoJEKj4ZJOqTbH7Mn4IAINHEXigTjKPL3d77h161IsA
U9Iflef13zZ4klalbe65hzxo1ncjI8AT/r28nKbLATaQxpszn8vUQZfhKL3StANC
ylptUPFzIPlVMFYP8mQ1fhwwylZgGPJ7G7mb3AxQ7iJL5cTmPqEP0ZFzTOESZvhf
73XlKUehhkakppcV+Mjt388em7XQSzpw7pq7PfUgCRdkNCGtb3qv1fHErhgN0KvM
N18D5/SFZdScuuddyVpLXelBvksMtd0VBRqNbz8b8K6wfkrrJf0Qf8TdPGCNExq9
Ozh6AOwnutC5oI+IEJpUWlrFkqyakAj8GHWU5Kh29SYUg3qJBu5ixVJI/qoHmMs=
=Dpw/
-----END PGP SIGNATURE-----