User Tools

Site Tools


blog:secure_surf

Secure Surfing

Here is multiple methods to have a secure internet connection :

All these methods can be set up on a Raspberry Pi. Let's assume it can be accessed on domain.net on any ports.

SSH

You need a SSH access on the Pi and an opened port (here, 8080) :

ssh user@domain.net -D 8080

This command opens SOCKS server. You can use it to tunnel your traffic.

Firefox usage

Edit → Preferences → Advanced → Network → Connection → Settings…

Then in the URL bar, go to : about:config

And change “network.proxy.socks_remote_dns” to true. (There is a graphical button for this in Firefox nightly 30.xx next to SOCKS radio buttons)

OpenVPN

I followed this wiki : https://wiki.archlinux.org/index.php/Openvpn

I didn't used everything. I will explain my procedure later.

Once the server is running, generate keys for your clients.

(see this : https://wiki.archlinux.org/index.php/Create_a_Public_Key_Infrastructure_Using_the_easy-rsa_Scripts)

./build-key client-name

Copy for “client-name” :

  • ca.crt
  • ta.key
  • client-name.crt
  • client-name.key

And create client-name.ovpn file :

client
dev tun
proto udp
remote domain.net 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
ca ca.crt
cert client-name.crt
key client-name.key
ns-cert-type server
tls-auth ta.key 1
comp-lzo
verb 3

Put these 5 files in the same folder and load client-name.ovpn in any OpenVPN client :

Privoxy

Install Privoxy :

pacman -S privoxy

Configure it to fit your needs by editing “/etc/privoxy/config”. I only changed “listen-address” parameter. By default it will listen to localhost on port 8118.

Run Privoxy :

systemctl enable privoxy.service
systemctl start privoxy.service

Chromium usage

chromium --proxy-server="domain.net:8118"

Android usage

https://play.google.com/store/apps/details?id=org.proxydroid

In the app, set :

  • Host : domain.net
  • Port : 8118
  • Proxy Type : HTTP

It can be configured to auto connect when using 3G or WIFI connection.

A lot more stuffs about it here : https://wiki.archlinux.org/index.php/Privoxy

blog/secure_surf.txt · Last modified: 2014/02/12 00:50 by popux