Hi, You song, Thank you for working on this, with PPPoSSH, we can setup a poor man's VPN in minutes, that would be more convenience that other real VPN solutions, I am very glad to see this being merge upstream.
Thanks, Li Wei On 05/19/2014 10:11 AM, Yousong Zhou wrote: > Hi, > > On 19 May 2014 09:55, Yousong Zhou <[email protected]> wrote: >> This patch adds protocol support for PPP over SSH. The protocol name is >> 'pppossh' with the following options. > > I am not sure whether such a non-standardized protocol will be > accepted into the OpenWrt trunk. I have been using this for the last > month and it worked fine with online video streaming and simple web > browsing. The box I am using is a TL-WR720N-v3 with AR9331 at 400Mhz. > The last-one-minute system load could be as high as 1.3~1.6 when the > peak speed reaches about 600KB/s (the speed on the remote server is > much higher than this). Not that impressive but fine :) > > Regards. > > > yousong > >> >> - server, required, SSH server name. >> - port, SSH server port. >> - sshuser, required, SSH login username. >> - identity, list of client private key files. ~/.ssh/id_{rsa,dsa} will >> be used if no identity file was specified. At least one of them must >> be valid key file for the public key authentication to proceed. >> - ipaddr, local ip address to be assigned. >> - peeraddr, peer ip address to be assigned. >> - ssh_options, extra ssh client options. >> >> Because the protocol script file ppp.sh will be called with $HOME set to >> '/', we need to explicitly set it to the right value so that dropbear >> client can read '~/known_hosts' correctly. >> >> Signed-off-by: Yousong Zhou <[email protected]> >> --- >> v1 -> v2 >> >> - Use common option names as suggested by jow and nbd. >> - Default to using ~/.ssh/id_{rsa,dsa} as the identity file. >> - Set $HOME to correct value for the current user instead of unset it. >> >> v2 -> v3 >> >> - Change type of acceptunknown to boolean. >> - Squeeze multiple calls to proto_config_add_string to one. >> >> v3 -> v4 >> >> - Use default identity files only when no explicit key files were >> specified. >> - Added a new option `ssh_options' which will be added as part of ssh >> client options. >> - Change the type of `port' option to int. >> - Change the type of `identity` option to array type. >> >> v4 -> v5 >> >> - Remove `acceptunknown' option. For dropbear client `-y' option can be >> used, and for OpenSSH client it's '-o StrictHostKeyChecking xx'. Both >> of >> them can be specified through the `ssh_options'. >> - Make variable `pty' local. >> >> package/network/services/ppp/Makefile | 2 +- >> package/network/services/ppp/files/ppp.sh | 55 >> +++++++++++++++++++++++++++++ >> 2 files changed, 56 insertions(+), 1 deletions(-) >> >> diff --git a/package/network/services/ppp/Makefile >> b/package/network/services/ppp/Makefile >> index 9bf9616..a707985 100644 >> --- a/package/network/services/ppp/Makefile >> +++ b/package/network/services/ppp/Makefile >> @@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk >> >> PKG_NAME:=ppp >> PKG_VERSION:=2.4.5 >> -PKG_RELEASE:=10 >> +PKG_RELEASE:=11 >> >> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz >> PKG_SOURCE_URL:=ftp://ftp.samba.org/pub/ppp/ >> diff --git a/package/network/services/ppp/files/ppp.sh >> b/package/network/services/ppp/files/ppp.sh >> index 8824409..19825b1 100755 >> --- a/package/network/services/ppp/files/ppp.sh >> +++ b/package/network/services/ppp/files/ppp.sh >> @@ -206,10 +206,65 @@ proto_pptp_teardown() { >> ppp_generic_teardown "$@" >> } >> >> +proto_pppossh_init_config() { >> + ppp_generic_init_config >> + proto_config_add_string server sshuser ipaddr peeraddr ssh_options >> + proto_config_add_string 'identity:list(string)' >> + proto_config_add_int port >> + available=1 >> + no_device=1 >> +} >> + >> +proto_pppossh_setup() { >> + local config="$1" >> + local iface="$2" >> + local user="$(id -nu)" >> + local home=$(sh -c "echo ~$user") >> + local ip serv_addr errmsg >> + local opts pty >> + >> + json_get_vars port sshuser identity ipaddr peeraddr ssh_options >> + json_get_var server server && { >> + for ip in $(resolveip -t 5 "$server"); do >> + ( proto_add_host_dependency "$config" "$ip" ) >> + serv_addr=1 >> + done >> + } >> + [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n" >> + [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n" >> + [ -z "$identity" ] && identity="'$home/.ssh/id_rsa' >> '$home/.ssh/id_dsa'" >> + { >> + local fn >> + for fn in $identity; do >> + [ -f "$fn" ] && opts="$opts -i $fn" >> + done >> + [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid >> identity file.\n" >> + } >> + [ -n "$errmsg" ] && { >> + echo -ne "$errmsg" >> + sleep 5 >> + proto_setup_failed "$config" >> + exit 1 >> + } >> + opts="$opts ${port:+-p $port}" >> + opts="$opts ${ssh_options}" >> + opts="$opts $sshuser@$server" >> + pty="env 'HOME=$home' /usr/bin/ssh $opts pppd nodetach notty noauth" >> + ippair="$ipaddr:$peeraddr" >> + >> + ppp_generic_setup "$config" \ >> + noauth pty "$pty" "$ippair" >> +} >> + >> +proto_pppossh_teardown() { >> + ppp_generic_teardown "$@" >> +} >> + >> [ -n "$INCLUDE_ONLY" ] || { >> add_protocol ppp >> [ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe >> [ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa >> [ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp >> + [ -x /usr/bin/ssh ] && add_protocol pppossh >> } >> >> -- >> 1.7.2.5 >> > _______________________________________________ > openwrt-devel mailing list > [email protected] > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > . > _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
