xiringuito

SSH-based "VPN for poors"
授权协议 Apache-2.0 License
开发语言 SHELL
所属分类 应用工具、 终端/远程登录
软件类型 开源软件
地区 不详
投 递 者 闾丘高峰
操作系统 跨平台
开源组织
适用人群 未知
 软件概览

xiringuito

SSH-based "VPN for poors" ��

VPN made easy! No configuration. No VPN servers. No hassle. Just plug and use!

This is the "VPN without VPN" software done using nice built-in capabilities of SSH.

Install (just download it)

git clone https://github.com/ivanilves/xiringuito.git

Use (just run it ...)

cd xiringuito
./xiringuito user@your.ssh.server 10.0.0.0/8 192.168.0.0/16

... or install it globally and run from any working directory:

cd xiringuito
sudo make install
xiringuito user@your.ssh.server 10.0.0.0/8 192.168.0.0/16

Yes! That easy - just pass an SSH server and the list of networks your want to access through this server.

You will need:

  • Linux or Mac system
  • Local sudo privileges
  • Remote sudo privileges

Xaval: connection manager

NB! To ease xiringuito configuration, xaval connection manager (script inside the project) could be used.

Mac note

Install TunTap for Mac OS X first.

Server-side sudo note

If you do not have passwordless sudo on the side of SSH server, you will need to enter sudo password every time you connect to this server. You will be also unable to use xaval "background" connect option (see xaval toggle).

Route discovery

Specifying routes by hand is not bad. But we could make it better by creating an executable discover-routes script in the project directory. If no routes are passed by hand, xiringuito will run discover-routes, pass SSH server hostname to it and use script output as a list of routes, so you may have per-host or per-domain route lists instead of boring manual typing. More information is available in AWS example which uses AWS CLI to discover VPC subnets and route traffic to them through our VPN tunnel.

You can have many of them!

As long as your routes do not overlap, you can run as many xiringuito tunnels as you want. Simultaneously!

xirin... WHAT?

"xiringuito" is a Catalan way of saying popular Spanish word "chiringuito", which usually means a beach bar in a more or less provisional building. As long as such places usually stand on a loose surface, operate without license and work only with cash, in urban dictionary "chiringuito" could mean any dodgy business, any activity of questionable legality and confidence. I've picked up this name because I've wrote this as a quick temporary hack, partially in a bus, partially in a train, while travelling back and forth between job and home. But ... nothing is more permanent than the temporary, right? ��

Future?

For now we can do bug fixes and minor UX improvements, however we see rewriting xiringuito in statically typed language as the major goal and a prerequirement before anything else.

What's the difference between xiringuito and sshuttle?

sshuttle is a very popular SSH over VPN client. Though both projects look similar, there are at least three differences:

  • xiringuito works well with RTP (Real-time Transport Protocol). This is a UDP-based protocol, the key difference between RTP and most of other UDP protocols - it used bi-directional media transport with random ports assigned on both ends. For me sshuttle was unable to correctly to handle RTP traffic, while xiringuito due to utilization of tun/tap devices, does it transparently w/o issues.

  • For the same reason xiringuito works with low-level (non-TCP & non-UDP) IP protocols like OSPF, L2TP, PPP, IGMP, IPSec, ARP, etc. While nobody should use SSH tun/tap to tunnel these protocols on production, xiringuito may serve you great to do some remote testing of these protocols with SSH-only connection to the infrastructure.

  • No Python required! Well, this is not a solid reason to use xiringuito, but not everybody likes Python.

sshuttle is a great piece of software. It suits web developers and DevOps/SysAdmins of typical web-centric projects very well. However, if you work with less typical services, or you hate Python (or love Bash), xiringuito may be a great choice ��

 相关资料
  • @AspectJ指的是将方面声明为使用Java 5注释注释的常规Java类的样式。 通过在基于XML模式的配置文件中包含以下元素来启用@AspectJ支持。 <aop:aspectj-autoproxy/> 您还需要在应用程序的类路径上使用以下AspectJ库。 这些库位于AspectJ安装的“lib”目录中,否则您可以从Internet下载它们。 aspectjrt.jar aspectjwe

  • 到目前为止,您已经了解了我们如何使用XML配置文件配置Spring bean。 如果您对XML配置感到满意,那么实际上不需要了解如何继续使用基于Java的配置,因为您将使用任一可用配置获得相同的结果。 基于Java的配置选项使您可以在没有XML的情况下编写大部分Spring配置,但是在本章中介绍的几个基于Java的注释的帮助下。 @Configuration&@Bean Annotations 使

  • 最近Clear应用很火,有一部分原因是其超炫的列表交互效果,用户可以用手指手势来直接对列表进行编辑。这份代码实现了Clear应用中大部分的列表交互效果,包括,手指划动列表行来更新列表,手指划动列表行来删除列表行,下拉新增列表行,pinch移动列表来插入列表行等等。 [Code4App.com]

  • 问题内容: 我希望能够自动连接单例bean() 由另一个单例方法()创建 使用xml就是。我该如何使用注释? 问题答案: 尝试使用Java

  • Tiny Drive is a premium TinyMCE plugin for cloud-based asset management and storage solution. Tiny Drive is a solution for creating rich text by attaching and embedding images, videos, and other files

  • FaceNet based Attendance System A Deep Learning based Web Application for marking attendance of students by recognizing the student's faces from the surveillance video footage of classroom. Getting St

  • ember-class-based-modifier ⚠️ �� This addon has been deprecated in favor of the official ember-modifier addon. See the upgrade guide. This is the next iteration of ember-oo-modifiers with some breakin

  • This sample demonstrates how to use redis to route incoming requests to different HTTP backends based on the requests' User-Agent header. This demo uses the modules Redis2 Nginx Module, Lua Nginx Modu

相关阅读

相关文章

相关问答

相关文档