Poor Man’s VPN With a Cheap VPS

SONY DSC

sshuttle is what makes me love the Internet

It really is awesome, sshuttle basically allows you to browse the web via your VPS, in my case, a DigitalOcean VPS. It works on Linux and MacOS.

The GitHub repo explains it better than I can.

Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling.

It hasn’t been updated in two years, but, no need to fix or change something that doesn’t need fixing or changing.

So, Why? What’s the point?

I run some Tor relays, one out of my house, thanks Mediacom! ;)

Because of this, many websites block my. Kohl’s, Best Buy, no posting on 4Chan (understandable), even healthcare.gov is blocked. I don’t want to pay for one of the many VPN services. Here’s the message I get at healthcare.gov without sshuttle.

Access Denied

You don’t have permission to access “http://www.healthcare.gov/” on this server.
Reference #18.22ea4d17.1397361569.6bb6afe

VPN’s even provide vital Internet access to those facing government censorship, and worse.

Options

Setting up a secure VPN server on a linux box can be a pain, and definitely takes longer than 5 minutes. sshuttle takes about that, maybe, if you type really slow.

So, for me, when I found sshuttle, my heart was set, the other options didn’t matter.

Setting Up sshuttle On Ubuntu Flavors

Doesn’t get any easier than this. Run the following in a terminal:

Now, we’re basically going to SSH to our VPS/server. Again, run this in the terminal:

After running sshuttle -r [email protected] 0/0 -vv you’ll be asked for the root password. And sometimes, for whatever reason, it dies immediately after running the sshuttle command.

If sshuttle doesn’t work after running it the first time, run it again! It should work the second time. It could be something with the system I’m on, so hopefully this is isolated to me. :)

Setting Up sshuttle On MacOS

When someone donates me a new Macbook Pro 15″, I’ll start writing this stuff. :)
Update: April 21, 2014 Have a look at this post for using sshuttle with MacOS. Comes courtesy of Aaron Bull Schaefer in the comments.

And if I need a VPS?

You can find a VPS easily with Google. DigitalOcean has them for $5/month, which will be plenty sufficient to use specifically for sshuttle.

Other Options

Lots of other options have been mentioned in the thread at Hacker News. Check em out. Some really good suggestions that are sometimes even cheaper!

Aggregate System and Application Logs with Papertrail

papertrail

Frustration-free log management

I’ve been using Papertrail for a few months now, and absolutely love it. Being able to search logs across all my servers at once is crazy nice.

I can even get alerts when someone logs in via SSH, which, by itself, has made Papertrail well worth it.

A non-production server was compromised, due to a since-rectified configuration issue. Papertrail notified me almost immediately, allowing for immediate action to be taken.

There’s a variety of pricing plans, and there’s even a free for life plan, which includes plenty of features for most folks. I’m currently on the free plan, but plan on upgrading soon. Adding more servers and will need the extra space at Papertrail.

Do you use a log management service?

View Results

Loading ... Loading ...

In addition to collecting logs from your servers, you can also send logs from your applications. Got a PHP application that’s erroring out for some reason? You can send that error to Papertrail for later investigation.

Same deal with Apache logs, MySQL logs, and pretty much every other piece of software that generates logs.

Not many limits on what you can configure Papertrail to do for you. It’s very powerful.

I suggest you give it a try. Installation is super easy, especially if you’re using rsyslog. Below is a screenshot of their installation instructions. Doesn’t get much easier than that.
papertrail-install

Flash TWRP .img File From Ubuntu Using Fastboot

twrp

I use TWRP (TeamWin Recovery Project) on my Nexus 4. Back in the day (read: 3 years ago) I used ClockworkMod Recovery, on my Moto Defy, but have since switched to TWRP. I believe there were some licensing issues that drove a lot of people away from CWM. In any case, you’ll want to install adb and fastboot before proceeding.

From an Ubuntu distribution (Xubuntu in my case):

After adb and fastboot have been installed, boot your Nexus 4 into fastboot mode. Just switch your Nexus 4 off, then turn it back on while holding the volume down button. Keep holding the down button until you see a menu (usually with an Android guy somewhere on the screen). Entering fastboot mode may be different for your device, check the TWRP site, they have instructions for a lot of different devices.

Now, make sure your PC sees your device in fastboot mode. In a terminal window, run fastboot devices. If nothing is printed to the terminal, something is wrong, you probably don’t have fastboot enabled. If you did see some output, you should be good to go.

Download the latest recovery .img file from the TWRP site. Current version as of this post is 2.7.0.0. To flash it using fastboot, do this in a terminal:

If everything goes well, you should see something similar to this:

sending ‘recovery’ (8130 KB)…
OKAY [ 0.510s]
writing ‘recovery’…
OKAY [ 0.476s]
finished. total time: 0.987s

If you see something other than OKAY messages, something is probably wrong, and I have no idea what. If you do see the OKAY messages, you can either reboot your phone to Android or go to recovery which will take you to TWRP. With TWRP you can make a nandroid backup, flash new roms, flash new gapps, and all kinds of other things.