free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Mention TLS wrapper

This commit is contained in:
Bob Mottram 2017-09-27 17:58:18 +01:00
parent a326d38eba
commit 0359de62c1
2 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/EN/app_vpn.org
View File

@ -24,6 +24,8 @@ A Virtual Private Network (VPN) allows you to move your internet traffic to a di
Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
* Installation
ssh into the system with:

34
website/EN/app_vpn.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2017-09-27 Wed 17:43 -->
<!-- 2017-09-27 Wed 17:58 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title>
@ -262,9 +262,13 @@ A Virtual Private Network (VPN) allows you to move your internet traffic to a di
Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
</p>
<div id="outline-container-org74feb72" class="outline-2">
<h2 id="org74feb72">Installation</h2>
<div class="outline-text-2" id="text-org74feb72">
<p>
On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
</p>
<div id="outline-container-org778c839" class="outline-2">
<h2 id="org778c839">Installation</h2>
<div class="outline-text-2" id="text-org778c839">
<p>
ssh into the system with:
</p>
@ -284,9 +288,9 @@ Only use ports 443 or 80 for VPN as an <i>absolute last resort</i>, since doing
</div>
</div>
<div id="outline-container-org1a94be0" class="outline-2">
<h2 id="org1a94be0">Usage</h2>
<div class="outline-text-2" id="text-org1a94be0">
<div id="outline-container-org2cfcc49" class="outline-2">
<h2 id="org2cfcc49">Usage</h2>
<div class="outline-text-2" id="text-org2cfcc49">
<p>
When the installation is complete you can download your VPN keys and configuration files onto your local machine.
</p>
@ -331,9 +335,9 @@ You should see a series of messages with "<i>Initialization Sequence Completed</
</div>
</div>
<div id="outline-container-orgf3e0fef" class="outline-2">
<h2 id="orgf3e0fef">Changing port number</h2>
<div class="outline-text-2" id="text-orgf3e0fef">
<div id="outline-container-orgc7282cd" class="outline-2">
<h2 id="orgc7282cd">Changing port number</h2>
<div class="outline-text-2" id="text-orgc7282cd">
<p>
Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
</p>
@ -344,16 +348,16 @@ Avoiding censorship can be a cat and mouse game, and so if the port you're using
</div>
<p>
Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org1a94be0">Usage</a> section above.
Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org2cfcc49">Usage</a> section above.
</p>
</div>
</div>
<div id="outline-container-org98985f3" class="outline-2">
<h2 id="org98985f3">Generating new keys</h2>
<div class="outline-text-2" id="text-org98985f3">
<div id="outline-container-orgbe4ddea" class="outline-2">
<h2 id="orgbe4ddea">Generating new keys</h2>
<div class="outline-text-2" id="text-orgbe4ddea">
<p>
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org1a94be0">Usage</a> section above.
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org2cfcc49">Usage</a> section above.
</p>
</div>
</div>