OpenSSH 4.2 and above now have true vpn functionality using tun(4) devices. Unfortunately this functionality has not yet made it into the portable version (not in Linux at least). Don't panic though, you don't need tun to use SSH as a VPN
UPDATE
* OpenSSH 4.3p1 added support for FreeBSD, NetBSD and Linux tun devices.
* OpenSSH 4.4p1 added support for MacOS/X and Darwin (via 3r party tun driver).
GPGSesame is a perl script that collects and verifies Open PGP signed / encrypted mail and allows access through a Linux Netfilter firewall. This enables you to remotely open holes in your iptables by simply sending a GPG email to authenticate yourself. The version here opens acess to the SSH port, but you're free to modify the script if you want to change that.
If signed / encrypted email seems a bit too complicated or you don't fancy carrying a GPG key around with you for authentication, you could use a dynamic dns account instead. See ddns holes
One method I've used for accessing my home box from the interweb is to use a dynamic DNS account. I have a script that is run from cron that does a lookup on a certain hostname and updates an iptables chain whenever the IP changes.
The table below shows the control keys you need to use when using a PS/2 keyboard with a sparc. This holds true for Belkin sun adapters and probably others?
For "STOP A" you would use "Right Ctrl + F1 + A". See below for more...
BSM auditing is a great tool and it does it's job well. However I had a need to process the audit events in real time for intrusion detection purposes so I used Snare from Intersect Alliance to convert the logging data into something I could parse with my IDS.
