free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Mention TLS wrapper

This commit is contained in:
Bob Mottram 2017-09-27 17:58:18 +01:00
parent a326d38eba
commit 0359de62c1
2 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/EN/app_vpn.org
View File

@ -24,6 +24,8 @@ A Virtual Private Network (VPN) allows you to move your internet traffic to a di
Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser. Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
* Installation * Installation
ssh into the system with: ssh into the system with:

34
website/EN/app_vpn.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-09-27 Wed 17:43 --> <!-- 2017-09-27 Wed 17:58 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title> <title>&lrm;</title>
@ -262,9 +262,13 @@ A Virtual Private Network (VPN) allows you to move your internet traffic to a di
Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser. Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
</p> </p>
<div id="outline-container-org74feb72" class="outline-2"> <p>
<h2 id="org74feb72">Installation</h2> On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
<div class="outline-text-2" id="text-org74feb72"> </p>
<div id="outline-container-org778c839" class="outline-2">
<h2 id="org778c839">Installation</h2>
<div class="outline-text-2" id="text-org778c839">
<p> <p>
ssh into the system with: ssh into the system with:
</p> </p>
@ -284,9 +288,9 @@ Only use ports 443 or 80 for VPN as an <i>absolute last resort</i>, since doing
</div> </div>
</div> </div>
<div id="outline-container-org1a94be0" class="outline-2"> <div id="outline-container-org2cfcc49" class="outline-2">
<h2 id="org1a94be0">Usage</h2> <h2 id="org2cfcc49">Usage</h2>
<div class="outline-text-2" id="text-org1a94be0"> <div class="outline-text-2" id="text-org2cfcc49">
<p> <p>
When the installation is complete you can download your VPN keys and configuration files onto your local machine. When the installation is complete you can download your VPN keys and configuration files onto your local machine.
</p> </p>
@ -331,9 +335,9 @@ You should see a series of messages with "<i>Initialization Sequence Completed</
</div> </div>
</div> </div>
<div id="outline-container-orgf3e0fef" class="outline-2"> <div id="outline-container-orgc7282cd" class="outline-2">
<h2 id="orgf3e0fef">Changing port number</h2> <h2 id="orgc7282cd">Changing port number</h2>
<div class="outline-text-2" id="text-orgf3e0fef"> <div class="outline-text-2" id="text-orgc7282cd">
<p> <p>
Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it. Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
</p> </p>
@ -344,16 +348,16 @@ Avoiding censorship can be a cat and mouse game, and so if the port you're using
</div> </div>
<p> <p>
Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org1a94be0">Usage</a> section above. Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org2cfcc49">Usage</a> section above.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org98985f3" class="outline-2"> <div id="outline-container-orgbe4ddea" class="outline-2">
<h2 id="org98985f3">Generating new keys</h2> <h2 id="orgbe4ddea">Generating new keys</h2>
<div class="outline-text-2" id="text-org98985f3"> <div class="outline-text-2" id="text-orgbe4ddea">
<p> <p>
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org1a94be0">Usage</a> section above. It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org2cfcc49">Usage</a> section above.
</p> </p>
</div> </div>
</div> </div>