I took this Howto:
VPN PPP-SSH Mini-HOWTO
and adapted it for use on OpenSuse 12.3:
#you need a hostname for the server . I solved this by using no-ip.biz free hostname updater
#server: waits for connection
#client: makes connection
#on client & server, do:
zypper install ppp
chmod +s /usr/sbin/pppd
useradd -m pppssh
passwd pppssh
chown -R pppssh:users /etc/ppp
#do this and also add to /etc/rc.d/boot.local:
modprobe drivers/net/slip/slhc.ko
modprobe drivers/net/ppp/ppp_generic.ko
modprobe drivers/net/ppp/ppp_deflate.ko
visudo
pppssh ALL = (ALL) NOPASSWD:/usr/sbin/pppd
su - pppssh
sudo /usr/sbin/pppd
#you should see garbled information which exits after a minute
#client:
su - pppssh
ssh-keygen
#on server, do
su - pppssh
mkdir .ssh
chmod 700 .ssh
#client:
#use scp to copy /home/pppssh/.ssh/id_rsa.pub to the server in /home/pppssh/.ssh/id_rsa_client.pub and add to authorized_keys
#server:
cd /home/pppssh/.ssh/
cat id_rsa_client.pub >> authorized_keys
chown pppssh:users /home/pppssh/.ssh/authorized_keys
chmod 600 /home/pppssh/.ssh/authorized_keys
#client check:
ssh -l pppssh <server_hostname>
#you should be able to login without password
#client:
su - pppssh
mkdir -p /home/pppssh/sbin
vi /home/pppssh/sbin/vpn-pppssh
#copypaste from Configure the Client
#fill $SERVER_HOSTNAME
#fill $SERVER_USERNAME
#edit to delete ‘noauth’ entries inside the script:
#change LOCAL_SSH_OPTS=" "
#change ${PPPD} updetach passive pty “${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Batchmode=yes ${PPPD} nodetach notty” ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR}
chmod 600 /home/pppssh/sbin/vpn-pppssh
/home/pppssh/sbin/vpn-pppssh start
#should see this:
#Using interface ppp0
#Connect: ppp0 <–> /dev/pts/3
#Deflate (15) compression enabled
#local IP address 192.168.3.1
#remote IP address 192.168.3.2
ping 192.168.3.2
#should see a reply:
#PING 192.168.3.2 (192.168.3.2) 56(84) bytes of data.
#64 bytes from 192.168.3.2: icmp_seq=1 ttl=64 time=37.3 ms
#still network settings might require adding a gateway if you are already using 192.168.0.0/16 network on server or client:
#if required, add to /etc/rc.d/boot.local:
ip route add 192.168.3.0/24 dev ppp0