VPN accessibility?
Linux for blind general discussion
blinux-list at redhat.com
Tue Oct 6 14:44:52 UTC 2020
Tim here. There are three major VPN options around and most VPN
providers support one or more of them.
1) OpenVPN: This is the most common, having open-source clients and
servers. It's a bit annoying to configure, but fairly popular. Most
of the free and low-cost VPN providers offer this.
2) openconnect: This is a Cisco technology (which appears to be used
by some other companies too). The openconnect client is open source
but I don't think the server component is. This is frequently used
in corporate environments. This is my least favorite of them.
3) wireguard: this is a new contender. It's smaller, a lot less
complex, and a lot easier to manually configure if all you want is to
link to machines securely (it doesn't scale quite as nicely to having
hundreds or thousands of VPN clients).
4) while not a complete VPN solution, you can also tunnel certain
ports over SSH which can be a fast way to securely connect without
the hassle of setting up a VPN. I use this for connecting from home
to a particular service behind the firewall at my day-job.
You don't fully detail what you're trying to connect to a VPN and why.
Reasons might include
- you trust your VPN provider more than you trust your ISP
- you want to make your connection appear as if you are in a
different location
- you have one or more servers "out there" and want to connect them
as if they're in a local network
- you have a phone or other mobile device and want to connect it back
to a more trusted endpoint even if you're on free/public wifi out
and about
Using a VPN only securely moves the endpoint of your connection to
another location. My preference is to get a small VPS box (I have
one for my website & mail already) and have it act as my VPN
end-point (either using OpenVPN or WireGuard). This lets my home
devices or mobile devices appear to be coming from the data-center
housing my VPS, rather than disclosing my home IP. I like both OVH
and Vultr for a low-end box that can meet these needs for ~$3.50
(USD) per month.
https://us.ovh.com/us/order/vps/?v=3#/vps/build?selection=~(range~'Starter~flavor~'vps-starter-1-2-20~datacenters~(BHS~1)~pricingMode~'default)
https://www.vultr.com/products/cloud-compute/#pricing
(beware that Vultr offers a cheaper IPv6-only server, but you likely
need/want IPv4 too, so don't skimp there) Digital Ocean and Linode
also offer similar systems though tend to be slightly pricier at
$5/mo.
On the flip side, if you want to secure your mobile while out and
about, you can set up either OpenVPN or WireGuard on your home
machine, forward your router's corresponding ports to your interal
machine, and then have your mobile connect via OpenVPN/WireGuard back
to your home machine to at least give you the same security you'd
otherwise have at home.
Funny, as I'm wrapping up typing this, the most recent Hacker Public
Radio podcast episode was about setting up a free/low-cost VPN
http://hackerpublicradio.org/eps.php?id=3177
just in case you want to give that a listen.
Hopefully this gives you some ideas and helps clarify what you're
asking for.
-tim
On October 6, 2020, Linux for blind general discussion wrote:
> Hi everyone,
> I am about to install Slint for the first time, so if all goes
> well, I should be having my first Linux OS up and running soon.
> There might be unexpected challenges as a newbie, but overall, I
> hope it goes well.I'm looking into VPN options for once I get the
> OS installed. I know some VPN services have free trials, but I'd
> rather just ask you guys which VPN do you think has a fairly
> accessible app once you download it on Linux? Thanks, SL
> _______________________________________________ Blinux-list mailing
> list Blinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/blinux-list
>
More information about the Blinux-list
mailing list