The link is created by running pppd through a pseudo terminal that is
created by pty-redir and connected to ssh. This is done with
something similar to the following sequence of commands:
# /usr/sbin/pty-redir /usr/bin/ssh -t -e none -o 'Batchmode yes' -c blowfish -i /root/.ssh/identity.vpn -l joe > /tmp/vpn-device
# sleep 10
# /usr/sbin/pppd `cat /tmp/vpn-device`
# sleep 15
# /sbin/route add -net 172.16.0.0 gw vpn-internal.mycompany.com netmask 255.240.0.0
# /sbin/route add -net 192.168.0.0 gw vpn-internal.mycompany.com netmask 255.255.0.0
|
What this does is run ssh, redirecting the input and output to
pppd. The options passed to ssh configure it to run without escape
characters (-e), using the blowfish crypto algorithm (-c), using the
identity file specified (-i), in terminal mode (-t), with the options
'Batchmode yes' (-o). The sleep commands are used to space out the
executions of the commands so that each can complete their
startup before the next is run.