[NTLUG:Discuss] Free or low cost VPN service for Linux

Ralph Green sfreader at sbcglobal.net
Sat Jul 31 04:40:39 CDT 2010 

On Fri, 2010-07-30 at 20:48 -0600, Russ wrote:
> I'll certainly check it out OpenVPN.
> 
> I'm thinking that I may have to get a desktop PC and run Ubuntu with
> Hamachi as Ralph Green does, though finding a service like Hotspot
> Shield for Linux would be easier for me.
> 
> As I send this I want you to know that I don't email to sites like
> this often so I'm not aware of protocol.  My apologies if I have made
> any error.
> 

Russ,
  No apologies are needed.  We are not offended.  We just did not know
what you wanted to do.  I suggest you start by reading a little on VPNs
and then ask questions.  The wikipedia article is a decent start:
  http://en.wikipedia.org/wiki/Virtual_private_network

 From what you say, I believe your concern is that you want to be able
to browse the web securely using free wifi hotspots and similar sources
of connectivity to the internet.  I believe Hotspot Shield is based on
openvpn.  What happens when you use it, is that an encrypted connection
is made between wherever you are and their server.  You then browse the
web like you were connected to their network at their office.  Every
time you request a web page, your request is encrypted, sent to them,
where they fetch the page, encrypt it and send it back to you.  It adds
a noticeable amount of overhead, but it keeps other people at the free
wifi spot from sniffing your traffic.

 Since they use openvpn, it may well be that you can continue using
their service.  They may not directly support Linux clients, but unless
they are doing something funny with the keys, they should work on Linux
as well as Windows.  I have used keys just this way, since I run Linux
and BSD at home, and I am free of Windows.  My suggestion is that you
bring your Ubuntu laptop and the files you had for connecting with
Windows to the next NTLUG meeting and see if someone can get your Ubuntu
system connecting to their service.

 If that does not work, there are other options.  Dave Simmons did a
presentation on a setup that might work for you to NTLUG on June 21,
2008.  I don't believe he was encrypting his traffic, but that probably
would not be hard to add.  This setup depends on your having a computer
at home connected to the web with some available connection(probably DSL
or cable).  You then use it just like you used Hotspot Shield for
Windows.

 Let me add a couple of words of caution.  With this kind of setup, you
now have all your traffic going through this proxy service.  Be very
sure you trust that service, because they can see everything you do.
Well, almost everything and for the purposes of this caution, I will
simplify and say everything.  One big advantage to running your own
proxy is that you should be able to trust the operator(since it is you).
Secondly, I mention proxy, and so did Wayne Walker.  The openvpn
component is important too.  You want to be able to encrypt all the
traffic back to the proxy and then let the proxy redirect traffic.  If
you don't do both, you have no benefit.  Finally, some wifi hotspots
filter some traffic.  So, if you setup something like this, you probably
want to use a common port, so they won't stop you.  Depending on the
terms of service with your broadband provider, they may not allow
traffic to those common ports.  So, a little research may be needed to
get this all working.
Good luck,
Ralph

More information about the Discuss mailing list