+
+OpenVPN
+++ ++"The Net interprets censorship as damage and routes around it." – John Gilmore +
+
+A Virtual Private Network (VPN) allows you to move your internet traffic to a different machine in a different geographical location by creating a private cryptographically protected route to that location. The usual use cases are to get around local censorship of the internet such as when you see the message "this content is not available in your area" when trying to play a video. Maybe you're on holiday and your hotel or workplace internet connection is censored. Using a VPN you can connect to your home server and then use the internet normally. +
+ ++Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser. +
+ +Installation
++ssh into the system with: +
+ +ssh myusername@mydomainname -p 2222 ++
+Select Administrator controls then Add/Remove apps then vpn. Choose the port which you want the VPN to operate on and then the install will continue. +
+ ++Only use ports 443 or 80 for VPN as an absolute last resort, since doing so will prevent other web based apps from running on your server. +
+Usage
++When the installation is complete you can download your VPN keys and configuration files onto your local machine. +
+ +scp -P 2222 myusername@mydomainname:/home/myusername/client.ovpn . +scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* . ++
+You will need to ensure that the openvpn and stunnel packages are installed. On an Arch based system: +
+ +sudp pacman -S openvpn stunnel4 ++
+Or on a Debian based system: +
+ +sudo apt-get install openvpn stunnel4 ++
+Now you can connect to your VPN with: +
+ +sudo stunnel stunnel-client.conf +sudo openvpn client.ovpn ++
+You should see a series of messages with "Initialization Sequence Completed" showing at the end. Leave the terminal open and perhaps minimize it to remain connected to the VPN. To leave the VPN close the terminal window. +
+Changing port number
++Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it. +
+ +ssh myusername@mydomainname -p 2222 ++
+Select Administrator controls then App Settings then vpn. Choose Change TLS port and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the Usage section above. +
+Generating new keys
++It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the Administrator controls by going to App Settings then vpn then choosing Regenerate keys for a user and downloading the new keys as described in the Usage section above. +
+