Closed GoogleCodeExporter closed 9 years ago
This is something you can already do, really. You simply need to establish an
SSH tunnel, forward the needed ports, and then apply a proper openvpn
configuration to use localhost. This isn't an OpenVPN function, per-se.
Original comment by mnsli...@gmail.com
on 15 Nov 2012 at 3:34
It is not that easy. The ssh connection would be routed over the VPN and
OpenVPN would stop working. I think the OpenVPN app should not include a ssh
client but provide a API that allows this kind of tunneling. Contact me if you
want to work on this.
Original comment by arne@rfc2549.org
on 19 Nov 2012 at 5:59
I have a script to do that on linux. Before establishing the tunnel you need to
get the current routing table and save it. Then you explicitly set the route
for the ssh server using the old gateway.... then openvpn is not stopping
after setting the new default gw....
Original comment by sebastia...@gmail.com
on 20 Feb 2013 at 8:08
Yeah things are different in Android land. I know how to implement this in
theory but since I don't use openvpn over ssh myself and I don't believe many
people use openvpn over ssh I did not have motivation to implement the feature
yet.
Original comment by arne@rfc2549.org
on 20 Feb 2013 at 9:18
Well If you know how ever-popular openVPN now has been blocked severely in
internet censorship countries like China for its vulnerable fingerprint, you
should understand why people ask you do such a favor. Microsoft's SSTP doesn't
have such drawback but unfortunately it has no open source implementation.
Protecting privacy and interest freedom is really worth to do it. Please hear
more users voice before rejecting the suggestion. Thanks.
Original comment by shifeng....@gmail.com
on 20 Feb 2013 at 12:10
I don't reject the idea. It is just a hobby project and I wanted to explain why
my motivation to do this *right now* is low.
Original comment by arne@rfc2549.org
on 20 Feb 2013 at 12:25
I would also love to have OpenVPN working over an ssh tunnel on jellybean. I
have been trying server options with no luck:
local 127.0.0.1
push "redirect-gateway local def1 bypass-dhcp"
push "route SERVER_IP_ADDRESS 255.255.255.255 net_gateway 1"
For some reason the last route push has no effect on Android and the ssh tunnel
breaks when the OpenVPN connects.
Original comment by corley.k...@gmail.com
on 3 Apr 2013 at 11:11
Yeah. See the last FAQ entry why the route command does not work.
Original comment by arne@rfc2549.org
on 3 Apr 2013 at 11:31
Is there any way to use the VPNService API to setup a dummy service direct to
the server at the same time or just prior to setting up OpenVPN over SSH ?
Original comment by corley.k...@gmail.com
on 4 Apr 2013 at 3:12
[deleted comment]
With the newest you should be able to specify the ip of the ssh server as
excluded ip as a workaround
Original comment by arne@rfc2549.org
on 26 Sep 2014 at 9:10
Also there is a protect call in the AIDL that can be used to protect the ssh
connection.
Closing that as WONTFIX since I will not build a tight ssh implementation into
ics-openvpn (lack of time/interest)
Original comment by arne@rfc2549.org
on 9 Jan 2015 at 1:39
Original issue reported on code.google.com by
tom.tomo...@gmail.com
on 15 Nov 2012 at 3:04