|
|
|
Trying to find good cheap unmanaged VPS hosting seems to be a difficult task. So far I haven’t had much luck. I have found a few fizzers that have wasted my time for various reasons. So far, I have had a couple of refunds. Mainly because even tho I had paid money. I didn’t receive an email from the companies concerned. In the end. It somehow worked out faster to get the refund than it was to get a working VPS from them. (2 cases). I will promote or demote (as required) various VPS suppliers here. 2015-03-27 VPS
Evade Australia's data retention laws with a VPSFirst thing you need to do is realize that this isn’t a free process. You will need to locate a VPS (Virtual Private Server) reseller and get a VPS from them. Paying them either monthly or yearly for the pleasure. Most will accept paypal. Prices charged for VPS’s vary wildly. So you need to determine how much your willing to spend to avoid data retention. The good news is that VPS prices have been steadily getting cheaper and cheaper. So there are some good deals out there. I operate 5 VPS’s scattered around the world. I would recommend picking a VPS reseller who is located in a country that isn’t likely to allow it’s data to be legally collected. Otherwise you may as well forget the concept of avoiding data retention. Step 1: Purchase the VPS.I will supply one of my affiliate URL’s HERE. You can choose to go with another VPS supplier if you wish. I would go for the cheapest option from this supplier. (At time of writing $10 per year) Because a VPN (Virtual Private Networking) equipped VPS really doesn’t need much in the way of resources. During the signup process you will be asked to supply a domain name. If you do not have a domain name available. Simply enter a single word. This will be the “name” of your VPS. For our purposes a domain name really isn’t required. You will also be asked (via a drop down box) What operating system you would like to use. There are many different varieties of Linux available. Chose what version you are comfortable with. But for this tutorial I will be using Debian. Step 2: Check your email for VPS information.The VPS supplier will send you an email. In the email will be information about how to manage your VPS. You will be given the “root” password. (The user called root is the administrator) You will also be given the IP of the VPS. Step 3: Download putty.Putty is a program that allows you to connect to your VPS. Download putty for windows HERE. Once downloaded. You simply insert the IP of your VPS and click OPEN.
The putty terminal window will then open. Putty will connect to your VPS. Note: The first time putty connects to your VPS you will get a warning that the Host Key is not cached. Just click “YES”. Your should only ever see this prompt once. Unless the IP number of your VPS changes. Next you will see a prompt that says “login as:”. Enter root as the login. Use the password supplied to you in the email from your VPS supplier. You will then see various pieces of information about your VPS displayed. Finally you will be presented with a ’#’ prompt. The VPS is now waiting for your input. This is where you are able to install software and perform various other maintenance on the VPS. Step 4: Update & Upgrade the VPS.At the ’#’ prompt enter apt-get update apt-get upgrade apt-get dist-upgrade Step 5: Check if TUN is enabled.Use the following one-liner to verify if TUN support is enabled on the Debian system. if using a VPS (Virtual Private Server), some virtualization layers such as vServers and OpenVZ require TUN to be enabled on/from the host machine. At the ’#’ prompt enter test ! -c /dev/net/tun && echo openvpn requires tun support
Step 6: Install OpenVPN.At the ’#’ prompt enter apt-get install openvpn Step 7: Set-up Easy-RSA.At the ’#’ prompt enter cp -prv /usr/share/doc/openvpn/examples/easy-rsa/2.0 /root/easy-rsa cd /root/easy-rsa cp vars{,.orig} Step 8: Set-up default values in Easy-RSA.At the ’#’ prompt enter vim ./vars You will now be running the vim program. Vim is a text editor. Note: ’#’ in front of a line will cause that line to be ignored. Make the ‘active’ lines look like this.. KEY_SIZE=2048 KEY_COUNTRY="AU" KEY_PROVINCE="AU" KEY_CITY="Canberra" KEY_ORG="The Streets" KEY_EMAIL="webmaster@whoeverwhereever.com" export them Press Esc on your keyboard. Then press “:” then press ‘w’ (writes changes) Press Esc on your keyboard. Then press “:” then press ‘q’ (quits) At the ’#’ prompt enter source ./vars this deletes any previously created certificates At the ’#’ prompt enter ./clean-all Step 9: Generate the CA certificate.At the ’#’ prompt enter ./build-ca Step 10: Generate the server certificate.At the ’#’ prompt enter ./build-key-server myvpn Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Step 11: Generate the Diffie-Hellman PEM certificate.At the ’#’ prompt enter ./build-dh Step 12: Generate client certificate.At the ’#’ prompt enter ./build-key myvpn Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Step 13: Generate (HMAC).At the ’#’ prompt enter openvpn --genkey --secret /root/easy-rsa/keys/ta.key Step 14: Deploy the certificates.Copy the required certificates to the particular machine/device (server or client) The public ca.crt certificate is needed on all servers and clients The private ca.key key is secret and only needed on the key generating machine A server needs server.crt, dh2048.pem (public), server.key and ta.key (private) A client needs client.crt (public), client.key and ta.key (private) Step 15: Set-up certificates and keys on the server.At the ’#’ prompt enter mkdir -p /etc/openvpn/certs cp -pv /root/easy-rsa/keys/{ca.{crt,key},myvpn.{crt,key},ta.key,dh2048.pem} /etc/openvpn/certs/ Step 16: Configure the OpenVPN server.At the ’#’ prompt enter cat > /etc/openvpn/server.conf port 1194 proto udp dev tun ca /etc/openvpn/certs/ca.crt cert /etc/openvpn/certs/myvpn.crt key /etc/openvpn/certs/myvpn.key dh /etc/openvpn/certs/dh2048.pem tls-auth /etc/openvpn/certs/ta.key 0 server 192.168.2.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" client-to-client keepalive 1800 4000 cipher DES-EDE3-CBC # Triple-DES comp-lzo max-clients 10 user nobody group nogroup persist-key persist-tun log openvpn.log status openvpn-status.log verb 5 mute 20 When finished.. Type CONTROL+Z Step 17: Start the OpenVPN server.At the ’#’ prompt enter service openvpn restart update-rc.d -f openvpn defaults Step 18: Enable forwarding and set-up iptables.At the ’#’ prompt enter vim /etc/sysctl.conf :%s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/ sysctl -p set-up the following iptables rules iptables -A INPUT -p udp -m state --state NEW -m udp --dport 1194 -j ACCEPT iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE Note: if using openvz/vservers you may need the following instead iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT --to-source <PUBLIC_VPN_IP> iptables-save > /etc/iptables.rules for persistent firewall rules you may want to use the iptables-persistent package or just set-up a simple script in /etc/network/if-pre-up.d/ which will load the rules in /etc/iptables.rules using iptables-restore for example: cat /etc/network/if-pre-up.d/iptables
Step 19: Set-up OpenVPN client (on your VPS)Deploy the generated certificates to the VPN client/device Install OpenVPN client on the machine/device Create the following client.conf configuration file cat > /etc/openvpn/client.conf client remote <PUBLIC_VPN_IP> ca /home/d/confs/certs/vpn/ca.crt cert /home/d/confs/certs/vpn/blackhole.crt key /home/d/confs/certs/vpn/blackhole.key cipher DES-EDE3-CBC comp-lzo yes dev tun proto udp tls-auth /home/d/confs/certs/vpn/ta.key 1 nobind auth-nocache script-security 2 persist-key persist-tun user nobody group nogroup CONTROL+Z (when finished) Congratulations.. Your VPN on your VPS.. is now setup.. Step 20: Troubleshooting.If you have any errors… like.. us=229735 myvpn4/78.156.78.132:15825 MULTI: bad source address from client [10.10.10.26], packet dropped add following to server.conf client-config-dir ccd then run mkdir /etc/openvpn/ccd cat > /etc/openvpn/ccd/nexus4 iroute 10.10.10.0 255.255.255.0 finally restart openvpn with service openvpn restart Well that completes the installation and configuration of the server.. Now all you have to do is install and configure the Client on your Windows computer. 2013-07-01 VPS
Tags: [[tag:VPS]] Gosh where to start… I have been setting up a couple of VPS’s out there again.. I have found http://www.lowendbox.com/ to be an invaluable resource. I let my old VPS’s go.. One I simply wasn’t using.. Due to it being found mostly unreliable.. The other suffered a major data loss.. (my fault for not backing up my work.. again.. *sigh.. we do live and learn..) Always so much to do on a fresh install.. Data backup needs to become a routine.. Anyway.. This time around we have.. http://au0.org - Centos 32 and http://pchost.org - Centos 32 I have installed Kloxo on both servers. Both servers are now configured to handle unlimited domains via re-seller accounts. I am thinking setting up an automated backup regime for the vps’s I have been looking at: http://www.lowendbox.com/blog/backupsy-5month-250gb-kvm-vps-with-custom-panel-in-4-locations/ for $5 a month (half normal price… sounds good to me..)
Tags: [[tag:VPS]] Gosh where to start… I have been setting up a couple of VPS’s out there again.. I have found http://www.lowendbox.com/ to be an invaluable resource. I let my old VPS’s go.. One I simply wasn’t using.. Due to it being found mostly unreliable.. The other suffered a major data loss.. (my fault for not backing up my work.. again.. *sigh.. we do live and learn..) Always so much to do on a fresh install.. Data backup needs to become a routine.. Anyway.. This time around we have.. http://au0.org - Centos 32 and http://pchost.org - Centos 32 I have installed Kloxo on both servers. Both servers are now configured to handle unlimited domains via re-seller accounts. I am thinking setting up an automated backup regime for the vps’s I have been looking at: http://www.lowendbox.com/blog/backupsy-5month-250gb-kvm-vps-with-custom-panel-in-4-locations/ for $5 a month (half normal price… sounds good to me..) 2010-08-30 VPS
Tags: [[tag:VPS]] What do you get when you sign up for a VPS? After payment.. You should receive an EMAIL similar to this: Hello XXXXX, First and foremost, congratulations on your brand-new Linux-powered vps server. Your server has been successfully provisioned and secured by us. Without further delay, we are pleased to present you with the information you need to access your new server. Important Links:
SolusVM Management Software:
If you are unsure about anything please feel free to open a support ticket and we will be happy to help you. We recommend Putty as an SSH client to access your server using a command similar to: ssh root@71.33.44.22 Your Hosting Provider
Tags: [[tag:VPS]] What do you get when you sign up for a VPS? After payment.. You should receive an EMAIL similar to this: Hello XXXXX, First and foremost, congratulations on your brand-new Linux-powered vps server. Your server has been successfully provisioned and secured by us. Without further delay, we are pleased to present you with the information you need to access your new server. Important Links:
SolusVM Management Software:
If you are unsure about anything please feel free to open a support ticket and we will be happy to help you. We recommend Putty as an SSH client to access your server using a command similar to: ssh root@71.33.44.22 Your Hosting Provider
2010-08-28 VPS
See Also: VPS
See Also: VPS 2010-08-27 VPS
I was on twitter and I mentioned that I needed a bargain priced VPS with low specifications. Next thing @BigWetFish gets me to check this URL. Well, I checked the URL and saw some pretty good deals. In my case I was after the barest minimum nano tiny VPS I could operate with. So I signed up for the VPS 1 deal (as instructed via email) and had it downgraded by the Big Wet Fish staff to: VPS 1/2 (SuperMicro VPS) * CPU - Equal Share
US $2.50 per month. I think a great deal.. And get this.. Because I was only after an evaluation to determine my requirements. Big Wet Fish Hosting were so kind as to give me 1 months FREE trial! (Don’t everyone expect that deal! I think it was a slow day or something.. You need to talk to them..) I needed to setup OpenVPN. As a result it soon became obvious that TUN needed to be turned on by the hosting provider. (This is a common issue with VM VPS) However, Big Wet Fish responded to my email request for TUN to be activated rapidly. The VPS seemed nimble and always responded well compared to a few other VPS’s I have used. Downtime was un-noticable during the evaluation. :) In my case.. I was able to evaluate the specifications of the VPS in comparision to my requirements in a very short amount of time. Because of this.. I have no hesitation recomending Big Wet Fish Hosting to anyone who requires an unmanned VPS. See Also: VPS
I was on twitter and I mentioned that I needed a bargain priced VPS with low specifications. Next thing @BigWetFish gets me to check this URL. Well, I checked the URL and saw some pretty good deals. In my case I was after the barest minimum nano tiny VPS I could operate with. So I signed up for the VPS 1 deal (as instructed via email) and had it downgraded by the Big Wet Fish staff to: VPS 1/2 (SuperMicro VPS) * CPU - Equal Share
US $2.50 per month. I think a great deal.. And get this.. Because I was only after an evaluation to determine my requirements. Big Wet Fish Hosting were so kind as to give me 1 months FREE trial! (Don’t everyone expect that deal! I think it was a slow day or something.. You need to talk to them..) I needed to setup OpenVPN. As a result it soon became obvious that TUN needed to be turned on by the hosting provider. (This is a common issue with VM VPS) However, Big Wet Fish responded to my email request for TUN to be activated rapidly. The VPS seemed nimble and always responded well compared to a few other VPS’s I have used. Downtime was un-noticable during the evaluation. :) In my case.. I was able to evaluate the specifications of the VPS in comparision to my requirements in a very short amount of time. Because of this.. I have no hesitation recomending Big Wet Fish Hosting to anyone who requires an unmanned VPS. See Also: VPS I like this! | ||||||||||||||||||||||||||
Tweet Follow @lazerzap 
| ||||||||||||||||||||||||||
Evade Australia's data retention laws with a VPS
First thing you need to do is realize that this isn’t a free process. You will need to locate a VPS (Virtual Private Server) reseller and get a VPS from them. Paying them either monthly or yearly for the pleasure. Most will accept paypal.
Prices charged for VPS’s vary wildly. So you need to determine how much your willing to spend to avoid data retention. The good news is that VPS prices have been steadily getting cheaper and cheaper. So there are some good deals out there.
I operate 5 VPS’s scattered around the world. I would recommend picking a VPS reseller who is located in a country that isn’t likely to allow it’s data to be legally collected. Otherwise you may as well forget the concept of avoiding data retention.
Zoom in on Image
Step 1: Purchase the VPS.
I will supply one of my affiliate URL’s HERE. You can choose to go with another VPS supplier if you wish.
I would go for the cheapest option from this supplier. (At time of writing $10 per year) Because a VPN (Virtual Private Networking) equipped VPS really doesn’t need much in the way of resources.
During the signup process you will be asked to supply a domain name. If you do not have a domain name available. Simply enter a single word. This will be the “name” of your VPS. For our purposes a domain name really isn’t required.
You will also be asked (via a drop down box) What operating system you would like to use. There are many different varieties of Linux available. Chose what version you are comfortable with. But for this tutorial I will be using Debian.
Step 2: Check your email for VPS information.
The VPS supplier will send you an email. In the email will be information about how to manage your VPS. You will be given the “root” password. (The user called root is the administrator) You will also be given the IP of the VPS.
Step 3: Download putty.
Putty is a program that allows you to connect to your VPS. Download putty for windows HERE. Once downloaded. You simply insert the IP of your VPS and click OPEN.
Zoom in on Image
Zoom in on Image
The putty terminal window will then open. Putty will connect to your VPS. Note: The first time putty connects to your VPS you will get a warning that the Host Key is not cached. Just click “YES”. Your should only ever see this prompt once. Unless the IP number of your VPS changes. Next you will see a prompt that says “login as:”. Enter root as the login. Use the password supplied to you in the email from your VPS supplier.
You will then see various pieces of information about your VPS displayed. Finally you will be presented with a ’#’ prompt. The VPS is now waiting for your input. This is where you are able to install software and perform various other maintenance on the VPS.
Step 4: Update & Upgrade the VPS.
At the ’#’ prompt enter
apt-get update
apt-get upgrade
apt-get dist-upgrade
Step 5: Check if TUN is enabled.
Use the following one-liner to verify if TUN support is enabled on the Debian system. if using a VPS (Virtual Private Server), some virtualization layers such as vServers and OpenVZ require TUN to be enabled on/from the host machine.
At the ’#’ prompt enter
test ! -c /dev/net/tun && echo openvpn requires tun support
Step 6: Install OpenVPN.
At the ’#’ prompt enter
apt-get install openvpn
Step 7: Set-up Easy-RSA.
At the ’#’ prompt enter
cp -prv /usr/share/doc/openvpn/examples/easy-rsa/2.0 /root/easy-rsa
cd /root/easy-rsa
cp vars{,.orig}
Step 8: Set-up default values in Easy-RSA.
At the ’#’ prompt enter
vim ./vars
You will now be running the vim program. Vim is a text editor.
Note: ’#’ in front of a line will cause that line to be ignored.
Make the ‘active’ lines look like this..
Press Esc on your keyboard. Then press “:” then press ‘w’ (writes changes)
Press Esc on your keyboard. Then press “:” then press ‘q’ (quits)
At the ’#’ prompt enter
source ./vars
this deletes any previously created certificates
At the ’#’ prompt enter
./clean-all
Step 9: Generate the CA certificate.
At the ’#’ prompt enter
./build-ca
Step 10: Generate the server certificate.
At the ’#’ prompt enter
./build-key-server myvpn
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Step 11: Generate the Diffie-Hellman PEM certificate.
At the ’#’ prompt enter
./build-dh
Step 12: Generate client certificate.
At the ’#’ prompt enter
./build-key myvpn
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Step 13: Generate (HMAC).
At the ’#’ prompt enter
openvpn --genkey --secret /root/easy-rsa/keys/ta.key
Step 14: Deploy the certificates.
Copy the required certificates to the particular machine/device (server or client)
The public ca.crt certificate is needed on all servers and clients
The private ca.key key is secret and only needed on the key generating machine
A server needs server.crt, dh2048.pem (public), server.key and ta.key (private)
A client needs client.crt (public), client.key and ta.key (private)
Step 15: Set-up certificates and keys on the server.
At the ’#’ prompt enter
mkdir -p /etc/openvpn/certs
cp -pv /root/easy-rsa/keys/{ca.{crt,key},myvpn.{crt,key},ta.key,dh2048.pem} /etc/openvpn/certs/
Step 16: Configure the OpenVPN server.
At the ’#’ prompt enter
cat > /etc/openvpn/server.conf
When finished.. Type CONTROL+Z
Step 17: Start the OpenVPN server.
At the ’#’ prompt enter
service openvpn restart
update-rc.d -f openvpn defaults
Step 18: Enable forwarding and set-up iptables.
At the ’#’ prompt enter
vim /etc/sysctl.conf
set-up the following iptables rules
iptables -A INPUT -p udp -m state --state NEW -m udp --dport 1194 -j ACCEPT
iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE
Note: if using openvz/vservers you may need the following instead
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT --to-source <PUBLIC_VPN_IP>
iptables-save > /etc/iptables.rules
for persistent firewall rules you may want to use the iptables-persistent package or just set-up a simple script in /etc/network/if-pre-up.d/ which will load the rules in /etc/iptables.rules using iptables-restore
for example:
cat /etc/network/if-pre-up.d/iptables
Step 19: Set-up OpenVPN client (on your VPS)
Deploy the generated certificates to the VPN client/device
Install OpenVPN client on the machine/device
Create the following client.conf configuration file
cat > /etc/openvpn/client.conf
CONTROL+Z (when finished)
Congratulations.. Your VPN on your VPS.. is now setup..
Step 20: Troubleshooting.
If you have any errors… like..
us=229735 myvpn4/78.156.78.132:15825 MULTI: bad source address from client [10.10.10.26], packet dropped
add following to server.conf
client-config-dir ccd
then run
mkdir /etc/openvpn/ccd
cat > /etc/openvpn/ccd/nexus4
iroute 10.10.10.0 255.255.255.0
finally restart openvpn with
service openvpn restart
Well that completes the installation and configuration of the server..
Now all you have to do is install and configure the Client on your Windows computer.
Add Comment