Can I use ssh to securely connect two subnets across the Internet?
You can run PPP over a regular ssh connection. See http://www.inka.de/~bigred/sw/ssh-ppp-new.txt for a working solution. It’s a good idea to enable compression for this. Another implementation of this is available at http://www.linuxdoc.org/HOWTO/mini/VPN.html. However, this may cause problems for forwarding TCP connections, because both the TCP connection over which ssh runs and a TCP connection forwarded over the PPP/ssh tunnel may retransmit at the same time. In this case, it is better to use encrypted IP tunneling via UDP. A possible implementation of this is http://www.inka.de/~bigred/devel/cipe.html . Also look into Magnus Lundstrm’s replacement for ssh-ppp in C for Linux, which is now being ported to other OS’s. See http://detached.net/vpnstarter. The vpnstarter is more reliable (and easier to set up) than ssh-ppp.
