Ssh should be configured to log in with keyfiles(not password)
And then this script will do the trick, should explain itself.
#!/bin/sh SERVER_HOSTNAME=geekhosting.dk SERVER_USERNAME=root SERVER_IFIPADDR=10.20.1.1 CLIENT_IFIPADDR=10.20.1.2 MYSUBNET=10.1.0.0/16 LOCAL_SSH_OPTS="-P" PATH=/usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11/: PPPD=/usr/sbin/pppd SSH=/usr/bin/ssh ROUTE=/sbin/route if ! test -f $PPPD ; then echo "can't find $PPPD"; exit 3; fi if ! test -f $SSH ; then echo "can't find $SSH"; exit 4; fi case "$1" in start) # echo -n "Starting vpn to $SERVER_HOSTNAME: " ${PPPD} updetach noauth passive pty "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o Ba tchmode=yes sudo ${PPPD} nodetach notty noauth" ipparam vpn ${CLIENT_IFIPADDR}:${SERVER_IFIPADDR} # echo "connected." ${ROUTE} add -net 10.0.0.0/8 gw ${CLIENT_IFIPADDR} ssh ${SERVER_HOSTNAME} route add -net ${MYSUBNET} gw ${SERVER_IFIPADDR} ;; stop) # echo -n "Stopping vpn to $SERVER_HOSTNAME: " PID=`ps ax | grep "${SSH} ${LOCAL_SSH_OPTS} ${SERVER_HOSTNAME} -l${SERVER_USERNAME} -o" | grep -v ' pas sive ' | grep -v 'grep ' | awk '{print $1}'` if [ "${PID}" != "" ]; then kill $PID echo "disconnected." else echo "Failed to find PID for the connection" fi ;; config) echo "SERVER_HOSTNAME=$SERVER_HOSTNAME" echo "SERVER_USERNAME=$SERVER_USERNAME" echo "SERVER_IFIPADDR=$SERVER_IFIPADDR" echo "CLIENT_IFIPADDR=$CLIENT_IFIPADDR" ;; *) echo "Usage: vpn {start|stop|config}" exit 1 ;; esac exit 0