diff options
Diffstat (limited to 'posts/201502-ssh-tunnel-and-postfix.rst')
| -rw-r--r-- | posts/201502-ssh-tunnel-and-postfix.rst | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/posts/201502-ssh-tunnel-and-postfix.rst b/posts/201502-ssh-tunnel-and-postfix.rst index 9249f65..9fa9eb2 100644 --- a/posts/201502-ssh-tunnel-and-postfix.rst +++ b/posts/201502-ssh-tunnel-and-postfix.rst @@ -7,7 +7,7 @@ .. summary: HOWTO on setting up a SSH tunnel with the help of a systemd-networkd between two machines, with no direct access to each other and modifying Postfix to use that tunnel. .. authors: David Runge -| Recently I had the pleasure of setting up a :abbr:`SSH (Secure Shell)` tunnel between two virtual machines that share no route and are located in two different subnets. +| Recently I had the pleasure of setting up a |abbr_ssh| tunnel between two virtual machines that share no route and are located in two different subnets. | They can however reach each other via SSH, hopping their host. | Let's assume the following setup: @@ -15,7 +15,7 @@ * **client2** (Arch Linux) has *10.0.6.2/24* * **host** (Debian) is *10.0.5.1/24* to **client1** and *10.0.6.1/24* to **client2** -| As I needed the two clients to be able to send mail to each other and reach each others' services, I did some digging and opted for a SSH connection using :abbr:`TUN (network TUNnel (virtual-network kernel devices))` devices (aka. "poor man's :abbr:`VPN (Virtual Private Network)`"). +| As I needed the two clients to be able to send mail to each other and reach each others' services, I did some digging and opted for a SSH connection using |abbr_tun| devices (aka. "poor man's |abbr_vpn|"). | The following is needed to set this up: * root access on both virtual machines (**client1** & **client2**) @@ -151,7 +151,7 @@ Setting up the TUN devices systemctl restart systemd-networkd -| Now starting the tunnel again should give a fully working point-to-point :abbr:`TCP (Transmission Control Protocol)` connection between the two (virtual) machines using the TUN devices. +| Now starting the tunnel again should give a fully working point-to-point |abbr_tcp| connection between the two (virtual) machines using the TUN devices. | If you need a more complex setup (i.e. to access the other clients' subnet), you will have to apply some routes (either using |netfilter| or |systemd-networkd|), depending on your individual setup. | @@ -174,7 +174,7 @@ _____ Postfix _______ -| If using |postfix| as :abbr:`MTA (Message Transfer Agent)`, the service has to be configured to use */etc/hosts* before resolving to your networks DNS resolving. +| If using |postfix| as |abbr_mta|, the service has to be configured to use */etc/hosts* before resolving to your networks DNS resolving. | On **client1** and **client2** (*/etc/postfix/main.cf*): .. code:: ini @@ -243,3 +243,23 @@ _______________________ .. |postfix| raw:: html <a href="http://www.postfix.org/" target="_blank">postfix</a> + +.. |abbr_ssh| raw:: html + + <abbr title="Secure Shell" >SSH</abbr> + +.. |abbr_tun| raw:: html + + <abbr title="network TUNnel (virtual-network kernel devices)" >TUN</abbr> + +.. |abbr_vpn| raw:: html + + <abbr title="Virtual Private Network" >VPN</abbr> + +.. |abbr_tcp| raw:: html + + <abbr title="Transmission Control Protocol" >TCP</abbr> + +.. |abbr_mta| raw:: html + + <abbr title="Message Transfer Agent" >MTA</abbr> |