I've been trying to setup a VPN SSH tunnel and I've had success executing
ssh -Nv -w 0:0 root@192.168.2.2 -p 50
However, what I am wondering is, can I do the tunneling without having root unlocked?
When I try
ssh -Nv -w 0:0 $username@192.168.2.2 -p 50
and have root account disabled while $username is set in sudoers, I get an administratively prohibited.
So my question is, can I do the tunnel without having root enabled?
Best Answer
Normally on most distributions of Linux you can't bind to ports lower than 1024 without privileges.
It may however be that what you want to do can be achieved a different way. For example, if you are a web developer trying to work remotely you may want to use a Dynamic tunnel in Putty as a SOCKs proxy to have your browser requests come out at the destination server's end. Also any local port forwarding done with an SSH tunnel is reliant on permissions at the connecting user's end, not the server end. The only time permissions becomes an issue is when doing a Remote tunnel.
If you want to fully VPN over SSH, some customisation will be required at both ends. See this guide for quite a thorough walk through. That guide describes the process with a Linux remote user connecting to a Linux server. The process is not as simple (I don't even know how you'd do it nicely!) if the remote user is running Windows.