@ockham Hey! Thanks for the feedback. You can virtually use any command line parameter with NetworkManager-ssh, however it will still open a tun or tap device with it. So you can use it for port binding for instance (I tested it) and it should also work as a SOCKS proxy. Give it a go and see how you go...

I've now set the "Gateway" field to proxy.com, an in the "Advanced" dialog:
Extra SSH options: -Nf -D 8080
Remote username: myusername
But unfortunately, it fails to connect. I'm obviously not an SSH expert -- is it failing because I need to change the "Network Settings (Remote and local IP address, network mask)? I was hoping I don't have to change those as the ssh command doesn't require them either, but I can't just set those fields to blank, it seems...

I've now noticed the "Authentication" dropdown and tentatively set it to "Key Authentication", choosing my key file, but still no luck connecting :-(

@ockham Try without -Nf, but just -D 8080.

And yes, you will have to specify a remote IP address etc, as I said, NetworkManager requires a full device to be opened up, so NetworkManager-ssh has to comply with that. You can leave the defaults as is. In addition, you have to make sure the remote user can open a tun/tap device. By default only root can do that.

Hopefully at some point, when NetworkManager allows opening VPNs without setting up full devices - I can amend NetworkManager-ssh to just run a SOCKS proxy or port binding, without needing a privileged users on the other end of the connection.

Seems related to #66

And also got the answer why can't you make it that simple.

My idea is to bind a local device - which is mandatory, but not bind a remote device. That way one can:

• Connect with a non-root user
• Bind a single port for use

My idea is to allow either "full SSH" or "port binding only" - in the main screen.

Just a check button that would say "SSH as proxy" would be enough ...
That checkbox would

• Disable IP requirement
• Disable tap/tun

We could also think of an other feature to route all the traffic to that proxy with iptables/redsocks/tcpsocks

Or we could keep the tap/tun thing for a full redirection with ssh server that are not setup to use tap/tun and use https://code.google.com/archive/p/badvpn/wikis/tun2socks.wiki to do that... but indeed that would be an other feature

Also if we have multiple proxy tunnel may be adding an icon for each one in the tray but once again this is a whole other topic...

i'll may be fork this to do that lol i am hesitating on working in this or https://github.com/intika/tunnel-manager

In the other hand i would like to know what the future of that project ? is it meant to become more general about ssh or just keep the status-co ?

This big plus here is the kde integration...

Arrf or may be just a plasmoid that would do all this would be maybe easier... plus we could add as many widget as used server and leave networkmanager in peace with main network stuff lol

Edit : i think plasmoid is the good way to go neither nm / tunnel-manager / etc.. would match my needs... any way just thinking out loud lol

In the other hand i would like to know what the future of that project ? is it meant to become more general about ssh or just keep the status-co ?

I haven't put that much thought into that. But specifically the SOCKS option is definitely a go. I've implemented the backend, but didn't quite get to the UI. I'm very open to new ideas and more contributions.

In the other hand i would like to know what the future of that project ? is it meant to become more general about ssh or just keep the status-co ?

I haven't put that much thought into that. But specifically the SOCKS option is definitely a go. I've implemented the backend, but didn't quite get to the UI. I'm very open to new ideas and more contributions.

Cool thanks for the answer i ll see if i can help ;)

Any chance this is ready since extra options are now gone (regression) so it's not possible atm to use -D