79.20 VPN

Using a VPN can provide security to protect against linking connections as you browse the Internet directly back to you. A VPN does though also introduce a single point of potential failure if the VPN vendor is compromised. A problem with the VPN provider space is that it is all quite secretive. Who knows if the VPN provider is actually a front for some other agency, nefarious or not. Generally all that there is to go on is the web site advertising the VPNs stance on privacy without open oversight. They have generally not otherwise been audited.

proxy.sh seemed to be a good provider for many years, but seems to have stopped operating at the end of 2019. Potentially they were compromised and unable to communicate that, so simply stopped operating. Or else simply a technical glitch. But we would not know.

vpn.ac offer an opportunity to test them out for $2 for a week. Their closed source client, noted to be in beta, works well on GNU/Linux. Whilst again it is difficult to ascertain the credibility of the vendor, they claim to be based in Romania and hence subject to Romania’s privacy laws.

ProtonVPN is a team originating from CERN and based in Switzerland. There are named people who make up Proton which also covers the ProtonMail product.

To connect to a local network’s VPN using openconnect:

$ sudo openconnect  ktuvpn.ktu.edu
sudo openconnect  ktuvpn.ktu.edu
POST https://ktuvpn.ktu.edu/
Connected to 105.230.220.143:443
SSL negotiation with ktuvpn.ktu.edu
Connected to HTTPS on ktuvpn.ktu.edu
XML POST enabled
Please enter your username and password.
GROUP: [KTU|MAINTENANCE]:KTU
KTU
POST https://ktuvpn.ktu.edu/
XML POST enabled
Please enter your username and password.
Username:fred@DCS
fred@DCS
Password:
POST https://ktuvpn.ktu.edu/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.104.32.211, using SSL, with DTLS in progress
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS0.9)-(RSA)-(AES-128-CBC)-(SHA1).

To avoid all the messages and to paste or type the password through standard input:

$ sudo openconnect --authgroup=DCS --user=fred@DCS --passwd-on-stdin ktuvpn.ktu.edu
mYs3cr3tP8ssw0rd


Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0