Running TCP over TCP (for example, TCP over an SSH tunnel) results in poor performance and reliability. There’s several ways to do this; for example basic port forwarding in ssh or via pppd over ssh.
However, there’s a much nicer solution: sshuttle!
From GitHub:
“As far as I know, sshuttle is the only program that solves the following common case:
- Your client machine (or router) is Linux, FreeBSD, or MacOS.
- You have access to a remote network via ssh.
- You don’t necessarily have admin access on the remote network.
- The remote network has no VPN, or only stupid/complex VPN protocols (IPsec, PPTP, etc). Or maybe you are the admin and you just got frustrated with the awful state of VPN tools.
- You don’t want to create an ssh port forward for every single host/port on the remote network.
- You hate openssh’s port forwarding because it’s randomly slow and/or stupid.
- You can’t use openssh’s PermitTunnel feature because it’s disabled by default on openssh servers; plus it does TCP-over-TCP, which has terrible performance (see below).”
‘sshuttle’ appears to be available in both in the standard debian/ubuntu repos and the RHEL/Centos EPEL repo.
The following creates ane then routes all traffic (including DNS lookuos) over a ‘VPN-like’ ssh tunnel.
sudo sshuttle --dns -r <user>@<target host>:<port> 0/0 -vv
Once this is working you can drop the -vv (verbose level 2). Also, if you’re not concerned about DNS hijacking you can omit the –dns to speed up DNS lookups (resolve locally). To stop the tunnel just CTRL-C.
The man page for sshuttle is quite detailed; check there for more information.