CloudVPN

Discussion in 'privacy technology' started by mirimir, Feb 20, 2012.

Thread Status:
Not open for further replies.
  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Anyone used this?

    -http://dev.e-x-a.org/projects/cloudvpn/wiki

    CloudVPN 1.99.x HOW-TO
    -http://dev.e-x-a.org/projects/cloudvpn/wiki/Docs-199

    -http://dev.e-x-a.org/projects/cloudvpn/wiki/Cloudvpn-page
     
    mirimir, Feb 20, 2012
    #1
  2. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,328
    Location:
    Here, There and Everywhere
    I haven't even visited the site yet, but it's great that people are out there THINKING. You just never know. Before I laugh at just about anything, I think of Pasteur and the "establishment" laughing at him (literally in a giant hall where he was speaking) because he dared to suggest that germs might be the cause of certain illnesses. They thought he was a crank! It makes me think of this:

    "All truth passes through three stages. First, it is ridiculed. Second, it is violently opposed. Third, it is accepted as being self-evident."
    Arthur Schopenhauer
     
    LockBox, Feb 21, 2012
    #2
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    There are other mesh VPNs. In the enterprise arena, there's DMVPN (IPsec+GRE+NHRP) that runs on Cisco routers -http://patrickpreuss.wordpress.com/2009/02/14/dmvpn-with-linux/ Patrick explains how to use OpenNHRP for Linux clients. In the less/non/anti enterprise arena, there's WASTE (Again) which is the open-source descendent of the long-ago and short-lived release from Nullsoft -http://waste.sourceforge.net/ and -http://fileforum.betanews.com/detail/WASTE-Unofficial/1057588571/1 Maybe it helped inspire the WiFi mesh network (X-Net) in Cory Doctorow’s Little Brother. Or maybe that honor goes to tinc, which can run on routers in OpenWRT -http://www.tinc-vpn.org/

    Back to CloudVPN, I have a test network running on Ubuntu 10.10 VMs. Compiling it required installing automake, g++ and gnutls-dev. Using it additionally required gnutls-bin. I had to reconfigure as root for it to create links to the binaries (/usr/local/bin/cloud and /usr/local/bin/ether). Otherwise, creating the network was straightforward using -http://dev.e-x-a.org/projects/cloudvpn/wiki/Docs-199

    Basically, you use certtool to generate ca.key, ca.crt, ssl.key and ssl.crt (just like OpenVPN). You keep ca.key private, and distribute ca.crt, ssl.key and ssl.crt to your mesh nodes. You can either generate dh1024.pem for each client node and distribute, or generate them on the clients. The hardest part was generating ssh.crt properly. CloudVPN uses GnuTLS, which is very rigorous about proper certificate usage. The ssh.crt must not have the encipherment bit set (just TLS server and client usage).

    On each node, you run cloud with a configuration script that opens listening ports for other nodes, and connects to all other nodes that are listening. Then you run ether on each node to create a socket, and then run ifconfig on each to create a tap interface.
     
    mirimir, Feb 22, 2012
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...