Companies everywhere sell VPN services to protect your online activity, But can you really trust a VPN provider? If you wish, you can create your own virtual private network with open source Something Softwareand the cloud hosting provider of your choice.
VPN and trust
Regardless of what the privacy policy on security audits on a company's blog says or presumes, there's nothing stopping a VPN from controlling everything you do online. In the end, selecting a VPN service comes down to trust.
If relying on faceless online services isn't your thing, an alternative is to run your own VPN server. This used to be a daunting task, but thanks to the open source project Something from the security company Bit trace, creating your own VPN is now easy.
By $ 5 per month, you can run and control your own full-time VPN server. Even better, you can use Algo to set up and take down VPN servers when you need them and save money on the procedure.
To configure Something, you must use the command line. If that's unpleasant, do not worry, we will guide you in every step.
These instructions may seem like a lot, but that's just because we're explaining everything we can. Once you've created a VPN with Algo multiple times, it shouldn't take long. At the same time, you only have to configure the Algo installation environment once. Thereafter, you can create a new VPN server with a few keystrokes.
But, Can you trust that the scripts of Something are not doing anything wrong? Well, the good news is Something's code is public on GitHub for anyone to watch. At the same time, many security experts are interested in the Algo project, that makes wrongdoing less likely.
RELATED: What is a VPN and why would you need one?
What something can (and can not) do
A VPN is a good way to protect your online activity, especially on a public Wi-Fi network in an airport or coffee shop. A VPN makes web browsing safer and hampers any malicious actors that may be on the same local Wi-Fi network. A VPN can also help if your ISP restricts certain types of traffic., like torrents.
But beware, pirates! Downloading booty through your own VPN is not a good idea, since the activity can be more easily traced back to you.
At the same time, if you want to watch Netflix through your VPN, will have to look elsewhere; Something is wrong with him. Despite this, there are many commercial services that support Netflix.
Prerequisites for Something
To run an Algo VPN server, need a Unix Bash shell. On a Mac or Linux system, you can use your Terminal program, but in windows, you will have to activate the Subsystem for Linux. Next, explains how to install and use the Linux Bash shell on Windows 10.
You will also need an account at a cloud server hosting provider. Something supports all of the following:
If you have never used any of these services, we suggest DigitalOcean, since it is very easy to use. It is also the service we use in this tutorial. The procedure will be a little different if you use a different provider.
When your DigitalOcean account is ready, login and later, from the main panel, select “API” in the left lane under the header “Bill”.
On the next page, click on “Generate new token”. An access token is a long string of letters and numbers that makes it possible to access the account's resources without a username and password.. You will need to name the new token. Generally, it is a good idea to put the name of the application you are using, like "something" or "ian-something" (if your first name is Ian).
Once the new token is generated, copy and paste it into a text document on your desktop. You will need it in a few minutes.
Setting up your environment
Back at your desk, open a new terminal window, scribe cd (for “change directory”, which is what folders are called in the Unix world), and hit Enter. This will ensure that you are working from the terminal home directory.
At the time of writing this post, Something needs Python 3.6 the later. Type the following in your terminal program:
python3 --version
If you get a reply like Python 3.6.9, you good to go; but, you will have to install python 3.
To install Python 3 and Mac, you can use the Homebrew package manager. When Homebrew is ready, type the following command in a Terminal window:
brew install python3
If you are using Ubuntu Linux or WSL on Windows, they should have python 3 by default. Opposite case, installation methods vary depending on your version of Linux. Search online “install python 3 on [insert your version of Linux here]”For instructions.
Next, You must install Virtualenv from Python3 to create an isolated Python environment for Algo. Type the following in Bash on a Mac:
python3 -m pip install --upgrade virtualenv
On Ubuntu Linux and WSL, the command is as follows:
sudo apt install -y python3-virtualenv
Please note that we are adapting this tutorial for Ubuntu and associated distributions, but these instructions will also work for other versions of Linux with some minor modifications. If you are using CentOS, as an example, will replace the instructions using apt with dnf.
Next, we need to download something with it wget command. Macs don't have wget installed by default, so to get it through Homebrew, write the following:
brew install wget
Now, Let's download the files from Something:
wget https://github.com/trailofbits/algo/archive/master.zip
After wget ends, there will be a compressed file called “master.zip” in your terminal home directory; let's check that with ls.
si and “master.zip” in the list of files and folders that appears, are you ready to start. But, try running wget again.
Now, we need to unzip the file, therefore we write the following:
unzip master.zip
Once this is done, hit ls again. You should now see a new folder in your home directory called “something-master”.
We are almost ready for action, but first, we need to set up our sandbox and install some more dependencies. This time we will work inside the folder “something-master”.
Type the following to switch to the folder:
cd ~/something-master
Make sure you are there with this command:
pwd
This means “print working directory” and it should show something like /home/Bob/algo-master O /Users/Bob/algo-master. Now that we are in the right place, let's prepare everything.
Copy and paste or type the following command on one line (don't press Enter until the end):
python3 -m virtualenv --python="$(command -v python3)" .env && source .env/bin/activate && python3 -m pip install -U pip virtualenv && python3 -m pip install -r requirements.txt
This triggers a large number of actions within the Algo directory to prepare for execution.
Next, you must name your users for the VPN. If you don't name them all now, you will have to keep the security keys (which is less secure) or start a new server from scratch later.
Either way, type the following in the terminal:
nano config.cfg
This opens the easy-to-use command line text editor, Nano. Something's configuration file contains a lot of information, but we are only interested in the part that says “users”. All you have to do is remove the default usernames (telephone, laptop, desktop) and write a name for each device you want on your VPN.
As an example, if I am creating a VPN for myself, Bill y Mary, the config file might look like the following:
users:- Ian_PC- Bill_Mac- Mary_PC- Ian_Android- Bill_iPhone- Mary_iPhone
Once you've named everyone, presione Ctrl + Or to save the file, followed by Ctrl + X to exit.
We are almost ready for action, but first the Windows folks have to take a little detour. WSL generally does not set the correct user permissions for the Something folder, what annoys Ansible (the tool that Algo relies on to implement a server).
and WSL, type the following to go back to your home directory:
cd
After, write the following:
chmod 755 -R~/something-master
To return to the Something folder, scribe:
cd ~/something-master
Running Something
And now is the moment of truth.
From the algo-master file, type the following in the terminal window:
./something
The Algo setup should start running. You'll know it's working when you ask which cloud provider you'd like to use. In our case, we select the number (1) for DigitalOcean.
If something fails, it could be due to a number of reasons that we cannot predict here. If the error says your directory is “configurable by world writing”, follow the instructions above to change the permissions.
If you get a different error, see the troubleshooting page in the Algo project repository on GitHub. You can also copy the error message and paste it into the Google search engine to search for it.. You should find a forum post to help you, since you are unlikely to be the first person to get that error.
Next, you will be asked for the access token that you previously copied from your DigitalOcean account. Copy and paste it in the terminal. You will not see anything because Bash does not display characters for passphrase and passphrase entries. Despite this, whenever you press paste and then press Enter, it should be OK.
If it fails, it is possible that it has spoiled the pasta, what everyone does in bash. Just type the following to try again:
./something
When something is running, answer the questions I ask you. All of these are pretty straightforward., as the name you want to give your server (using "something" in the name is a good idea).
Next, will ask you if you want to enable “Connect on Demand” for Mac and iOS devices. If you are not using any of those devices, write N for no. It will also ask if you want to keep the PKI keys to add more users later.; generally, you will also write N here.
That is all! Something will now take between 15 and 30 minutes to get your server up and running.
Using something
When Something completes its configuration, the terminal returns to the command line, which means the VPN is ready to go. Like many commercial services, Something uses the WireGuard VPN protocol, which is the most current novelty in the world of VPNs. This is because it offers good security, higher speeds and easier to work with.
As an example of what to do next, we will activate Something in Windows. To configure other devices, you can check the Something repository on GitHub.
First, we will install the generic Windows desktop client from the WireGuard site. Next, we have to feed the program with our configuration file for the PC. The configuration files are stored deep in the something-master folder at: ~/algo-master/configs/[VPN server IP address]/wireguard/.
there are two types of files to configure vpn client devices: .CONF and . PNG. The latter are QR codes for devices like phones, that can scan QR codes. The . CONF (setting) are text files for desktop wireguard clients.
On Mac and Ubuntu, it should not be difficult to find the algo-master folder outside the command line. And Mac, algo-master is in the startup folder; simplemente use Finder> Ir> Inicio para llegar allí. In Ubuntu, you can open nautilus and it will be in the startup folder.
In Windows, despite this, WSL is independent of the rest of the operating system. For this reason, it is easier to copy the files with the command line.
Using our example above, let's say we want the "mary-pc.conf" configuration file to be used on a windows pc 10. The command would look like this:
cp ~/algo-master/configs/[VPN server IP address]/wireguard/Mary-PC.conf /mnt/c/Users/[your Windows user account name]/Desktop/
Consider the space between Mary-PC.conf and /mnt/; this is how bash knows where the file to be copied is located and where it is going. The case also matters, therefore be sure to capitalize where specified.
It is natural in Windows to want to capitalize the C on the drive “C: “, but in bash it's not like that. At the same time, don't forget to replace the bits in parentheses with the actual information from your PC.
As an example, if your user folder is on the drive “D: “, not in “C: “, replace /mnt/c/ with /mnt/d/.
Once the file has been copied, open the WireGuard client for Windows. Click on “Import tunnels from file” and then select your configuration file on the desktop. Once this is done, click on “Activate”.
In just a few seconds, you will be connected to your own VPN!
