1. Introduction

The technique described in this HOWTO uses PPP to convert packets into a character stream and SSH to encrypt it and transmit it to the remote computer. Most system administrators are well acquainted with the tools and configuration files needed to set up a PPP-SSH VPN.

While it works well with moderate loads over a reliable connection, be warned that a PPP-SSH VPN is subject to some scalability problems. I've included a list of benefits in Section 2.1 and drawbacks in Section 2.2 so you can decide for yourself if a PPP-SSH VPN is a good fit for your needs.

1.1. Copyright

Copyright 2001 Scott Bronson. This document may be distributed under the terms set forth in the GNU Free Documentation License. A copy of this license can be found at http://www.fsf.org/licenses/fdl.html.

1.2. Disclaimer

You use the information in this document entirely at your own risk. I especially make no guarantees as to the legality or cryptographic strength of the techniques described here. If you feel that you cannot take full responsibility for your setup, then you need to put down this HOWTO and hire one of the many excellent companies who provide accountable, professional VPN service.

1.3. Credits

I took some notes as I adapted Bart Trojanowski's excellent instructions to a newer version of PPP running on my Debian system. A few weeks later, I converted the notes into SGML. Eventually, those evolved into this HOWTO.

Bart's instructions were based on Arpad Magosanyi's good but now fairly dated VPN Mini-HOWTO. If you run into troubles and my document doesn't seem to help, or if you're running an older version of the Linux kernel or PPP, you'll definitely want to give his HOWTO a read.