You might look at this program AlmostVPN. I have been trying to figure out how to use it because my school has a server that us students are allowed to use to compile things and what not. But it also stores all our files on it so I have been trying to setup [AlmostVPN][2] to forward the Apple File Share that has our home directories on it. Unfortunately, I have not gotten it to work yet, but that is mostly because I have very limited knowledge of SSH. I use it in place of telnet but that is all I know how to do right now.

What autossh does is start an SSH connection and monitor it continuously to be sure it’s up. If the connection ever goes down, autossh starts it up again.

So, instead of the usually SSH command to connect to a server at home, I use autossh. When I open my PowerBook in a new location, autossh sees that it’s lost the connection to home and automatically reconnects. This way, I always have a terminal window to home—along with a handful of forwarded ports—even after travelling between networks. And, since I’m running screen at home, everything I was doing before travelling is all in the same state I left it.

Do you run it on the computer you want to connect to or on the computer you are connecting from? I understand the screen part, that just allows your terminal session to keep running when the terminal is disconnected. Why do you need to force on this persistent connection?

I think I like this blogging thing. :)

Aristotle: Thanks for the pointer. I think while [ 1 ] is just one of those things I came to by trial-and-error.

while : ; do foo ; done

According to bash(1):

: [arguments]

No effect; the command does nothing beyond expanding arguments and performing any specified redirections. A zero exit code is returned.

So say I have two boxes at work – work-box-1 and work-box-2, running SMB and a web server, respectively. I create a host file that points the host names to IPs on my home lan:

/etc/hosts.ssh-vip-vpn:

 192.168.1.130  work-box-1
 192.168.1.131  work-box-2

Next, I have a little script that ups the VIPs using ifconfig, symlinks the hosts file, and opens the tunnels:

~/bin/open-vpn:

#!/bin/bash
ifconfig en1 inet 192.168.1.130 netmask 255.255.255.255 alias
ifconfig en1 inet 192.168.1.131 netmask 255.255.255.255 alias
ln -s /etc/hosts /etc/hosts.ssh-vip-vpn
ssh -L192.168.1.130:445:real-work-ip1:445 \
      -L192.168.1.130:137:real-work-ip1:137 \
      -L192.168.1.131:80:real-work-ip2:80 external-work-hostname

The cool thing is that everything pretty much looks exactly as it does at work. It’s quite a lot to maintain and a real VPN would be a ton easier but what fun is that?

Now you have another IP that you can bring stuff up on that won’t collide with other stuff running on the same port.

Speaking of this, I was messing around the other day and found that it’s really easy to create VIPs in OS X. Combine your above example with these directions for creating VIPs and you can set up a pretty functional VPN. I create VIPs for the hosts that are most interesting at work and have a custom hosts file map the work hostnames to the local IPs. Then when I open the tunnel with ssh I bind to the VIP IPs. It takes a little while to set everything up but the result is very nice.

I’m in the process of building up a simple config file syntax for specifying which hosts/ports should be tunneled and a little script that does all the dirty work of creating the VIPs and opening the ssh connection.