First I did this as root:
Code:
lorentz/root /root 576# tunctl -u phil -t tun0
Set 'tun0' persistent and owned by uid 600
lorentz/root /root 577# ls -dl /dev/net/tun
crw-rw-rw- 1 root root 10, 200 Jan 31 16:46 /dev/net/tun
lorentz/root /root 578# ifconfig tun0 up 192.168.100.1 netmask 255.255.255.0
lorentz/root /root 579# ifconfig tun0
tun0 Link encap:Ethernet HWaddr ee:e9:84:2b:cb:8d
inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::ece9:84ff:fe2b:cb8d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:34 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lorentz/root /root 580#
My understanding is that leaves the device permanently present and controllable by the specified user. So next I tried ssh with the -w option:
Code:
lorentz/phil /home/phil 612> ssh -w tun0 phil@fw1
Bad tun device 'tun0'
lorentz/phil /home/phil 613>
I tried the later under strace and see that ssh is not even opening the /dev/net/tun device to get a descriptor that can be associated with the device side of the tun0 interface.
Code:
lorentz/phil /home/phil 616> ssh -V
OpenSSH_5.5p1 Debian-4ubuntu5, OpenSSL 0.9.8o 01 Jun 2010
lorentz/phil /home/phil 617>
Is this version just not ready to do tunneling?
BTW, I've looked for online HOWTOs to do this, but everything is describing -L and -R type port forwarding, and mislabeling it as tunneling (but I have been guilty of doing that, too).