[warning]After all, you need openssh v4.3 and tuntap installed on both machines.[/warning]

Steps:

server1 # ssh [email protected] -NTCf -w 0:0

 -N Do not execute a remote command. This is useful for just forwarding ports.
-T Disable pseudo-tty allocation.
-C Requests compression of all data 
-f Requests ssh to go to background just before command execution.

[notice]

You need this options on sshd_config

PermitRootLogin yes

PermitTunnel yes

[/notice]

Configure the interfaces:

On the server1

server1 # ip link set tun0 up

server 1 # ip addr add 10.10.10.1/32 peer 10.10.10.2 dev tun0

On the server2

server2 # ip link set tun0 up

server2 # ip addr add 10.10.10.2/32 peer 10.10.10.1 dev tun0

 

And this moment, you have connection btw two servers, you can do ping 10.10.10.2 on the server1

 

now, you need configure the routing table

if you want routed all traffic

on the server1:

server1 # route add -host ip_server1 gw gateway_on_your_network

server1 # route del default gw gateway_on_your_network

server1 # route add default gw 10.10.10.2

on the server2:

server2 # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

(eth0 are connected to internet/lan)

server2 # echo 1 > /proc/sys/net/ipv4/ip_forward

 

Now, all traffic btw server1 and server2 are encripted 🙂