Update: See the discussion on Hacker News This is one of those posts that is meant to save time for myself in the future when I’ll have to figure all of this out from scratch.I spend a lot of time in coffee shops and public places with unsecure wifi. Unsecure wifi scares the bejeesus out of me so I wanted to figure out a way to secure any traffic going through. It would also be nice to access things on my home network. It turns out there are a million different ways to do this and I found one that worked for me. Here were the constraints that I imposed. It should be secure (duh !) for coffee-shop, public wifi browsing. This is not designed to hold up to connecting to DefCon/blackhat conference wifi.
It should work from anywhere in the world.
It shouldn’t require me to have any computing devices booted up and running at home apart from my wifi router running a DD-WRT build.
It should work on all my computing devices, especially on iOS.
It shouldn’t use any external VPN/SSH services. No good reason apart from the fact that I’m just masochistic about these things.If you don’t have these constraints, there are many different ways to do this. Here are some alternate options
Alternate paths If you are only using laptops, you should just use SSH using the excellent instructions here. I still use this when I’m using my MBP
If you’re ok with using an external service, you should use something like LogMeIn Hamachi, which is an excellent product and more secure than the setup I lay out below.
If you don’t need to use iOS, you should use OpenVPN instead. OpenVPN is way more secure but not supported by iOS out of the box (but jailbroken iOS will get you support).
If you’re ok with having a machine apart from your DD-WRT router running, there are several options. For example, there are tons of VPN servers that will let you set up a OpenVPN or a L2TP/PPTP server (both protocols supported by iOS out of the box). See this comparison of the various protocols. But if you happen to have these specific set of constraints I do and like DIY-hacks, read on.
Read more: Sriram Krishnan
QR:
It should work from anywhere in the world.
It shouldn’t require me to have any computing devices booted up and running at home apart from my wifi router running a DD-WRT build.
It should work on all my computing devices, especially on iOS.
It shouldn’t use any external VPN/SSH services. No good reason apart from the fact that I’m just masochistic about these things.If you don’t have these constraints, there are many different ways to do this. Here are some alternate options
Alternate paths If you are only using laptops, you should just use SSH using the excellent instructions here. I still use this when I’m using my MBP
If you’re ok with using an external service, you should use something like LogMeIn Hamachi, which is an excellent product and more secure than the setup I lay out below.
If you don’t need to use iOS, you should use OpenVPN instead. OpenVPN is way more secure but not supported by iOS out of the box (but jailbroken iOS will get you support).
If you’re ok with having a machine apart from your DD-WRT router running, there are several options. For example, there are tons of VPN servers that will let you set up a OpenVPN or a L2TP/PPTP server (both protocols supported by iOS out of the box). See this comparison of the various protocols. But if you happen to have these specific set of constraints I do and like DIY-hacks, read on.
Read more: Sriram Krishnan
QR: