@@ -4,48 +4,48 @@ sshuttle: where transparent proxy meets VPN meets ssh
44As far as I know, sshuttle is the only program that solves the following
55common case:
66
7- - Your client machine (or router) is Linux, FreeBSD, or MacOS.
7+ - Your client machine (or router) is Linux, FreeBSD, or MacOS.
88
9- - You have access to a remote network via ssh.
9+ - You have access to a remote network via ssh.
1010
11- - You don't necessarily have admin access on the remote network.
11+ - You don't necessarily have admin access on the remote network.
1212
13- - The remote network has no VPN, or only stupid/complex VPN
14- protocols (IPsec, PPTP, etc). Or maybe you *are * the
15- admin and you just got frustrated with the awful state of
16- VPN tools.
13+ - The remote network has no VPN, or only stupid/complex VPN
14+ protocols (IPsec, PPTP, etc). Or maybe you *are * the
15+ admin and you just got frustrated with the awful state of
16+ VPN tools.
1717
18- - You don't want to create an ssh port forward for every
19- single host/port on the remote network.
18+ - You don't want to create an ssh port forward for every
19+ single host/port on the remote network.
2020
21- - You hate openssh's port forwarding because it's randomly
22- slow and/or stupid.
21+ - You hate openssh's port forwarding because it's randomly
22+ slow and/or stupid.
2323
24- - You can't use openssh's PermitTunnel feature because
25- it's disabled by default on openssh servers; plus it does
26- TCP-over-TCP, which has terrible performance (see below).
24+ - You can't use openssh's PermitTunnel feature because
25+ it's disabled by default on openssh servers; plus it does
26+ TCP-over-TCP, which has terrible performance (see below).
2727
2828
2929Prerequisites
3030-------------
3131
32- - sudo, su, or logged in as root on your client machine.
33- (The server doesn't need admin access.)
32+ - sudo, su, or logged in as root on your client machine.
33+ (The server doesn't need admin access.)
3434
35- - If you use Linux on your client machine:
36- iptables installed on the client, including at
37- least the iptables DNAT, REDIRECT, and ttl modules.
38- These are installed by default on most Linux distributions.
39- (The server doesn't need iptables and doesn't need to be
40- Linux.)
35+ - If you use Linux on your client machine:
36+ iptables installed on the client, including at
37+ least the iptables DNAT, REDIRECT, and ttl modules.
38+ These are installed by default on most Linux distributions.
39+ (The server doesn't need iptables and doesn't need to be
40+ Linux.)
4141
42- - If you use MacOS or BSD on your client machine:
43- Your kernel needs to be compiled with `IPFIREWALL_FORWARD `
44- (MacOS has this by default) and you need to have ipfw
45- available. (The server doesn't need to be MacOS or BSD.)
42+ - If you use MacOS or BSD on your client machine:
43+ Your kernel needs to be compiled with `IPFIREWALL_FORWARD `
44+ (MacOS has this by default) and you need to have ipfw
45+ available. (The server doesn't need to be MacOS or BSD.)
4646
47-
48- - Python 2.x, both locally and the remote system. Python 3.x is not yet supported.
47+ - Python 2.x, both locally and the remote system. Python 3.x is not yet
48+ supported.
4949
5050*WARNING *:
5151On MacOS 10.6 (at least up to 10.6.6), your network will
@@ -60,45 +60,45 @@ again, even after a reboot.
6060Additional Suggested Software
6161-----------------------------
6262
63- - You may want to need autossh, available in various package management
64- systems
63+ - You may want to need autossh, available in various package management
64+ systems
6565
66- - For Linux only tproxy support, you need PyXAPI, available here:
67- http://www.pps.univ-paris-diderot.fr/~ylg/PyXAPI/
66+ - For Linux only tproxy support, you need PyXAPI, available here:
67+ http://www.pps.univ-paris-diderot.fr/~ylg/PyXAPI/
6868
6969
7070Obtaining sshuttle
7171------------------
7272
73- - Clone::
73+ - Clone::
7474
75- git clone https://github.com/sshuttle/sshuttle.git
76- ./setup.py install
75+ git clone https://github.com/sshuttle/sshuttle.git
76+ ./setup.py install
7777
78- - From PyPI::
78+ - From PyPI::
7979
80- pip install sshuttle
80+ pip install sshuttle
8181
8282
8383Usage
8484-----
8585
86- - Forward all traffic::
86+ - Forward all traffic::
8787
88- sshuttle -r username@sshserver 0.0.0.0/0 -vv
88+ sshuttle -r username@sshserver 0.0.0.0/0 -vv
8989
90- - There is a shortcut for 0.0.0.0/0 for those that value
91- their wrists::
90+ - There is a shortcut for 0.0.0.0/0 for those that value
91+ their wrists::
9292
93- sshuttle -r username@sshserver 0/0 -vv
93+ sshuttle -r username@sshserver 0/0 -vv
9494
95- - If you would also like your DNS queries to be proxied
96- through the DNS server of the server you are connect to::
95+ - If you would also like your DNS queries to be proxied
96+ through the DNS server of the server you are connect to::
9797
98- sshuttle --dns -vvr username@sshserver 0/0
98+ sshuttle --dns -vvr username@sshserver 0/0
9999
100- The above is probably what you want to use to prevent
101- local network attacks such as Firesheep and friends.
100+ The above is probably what you want to use to prevent
101+ local network attacks such as Firesheep and friends.
102102
103103(You may be prompted for one or more passwords; first, the
104104local password to become root using either sudo or su, and
0 commit comments