Michael wrote: > On Sunday, 20 August 2023 11:49:18 BST Walter Dnes wrote: >> On Sat, Aug 19, 2023 at 10:27:37PM -0500, Dale wrote >> >>> I been using Surfshark and openvpn for over a year. They have a pretty >>> large list of countries, multiple cities in some countries, to pick >>> from. I deal with torrents and that is my reason for the need of a VPN, >>> just in case some may be questionable. >>> >>> I suspect that some features are not available because I use openvpn >>> instead of the software Surfshark provides for other binary distros but >>> it does work with openvpn software. Once I start openvpn and give it a >>> minute to set up the connection and all, it works great. >> ??? You're saying you run Surfshark on top of OpenVPN ??? I'm >> confused here. Why the extra layer? > OpenVPN is a VPN implementation using OpenSSL to encrypt the end-to-end > network connection between client and server. There are other VPN > implementations and client-server applications using different encryption > mechanisms and a wide variety of ciphers/algos. > > OpenVPN is offered as a method to set up a secure connection to an ever > increasing number of VPN ISPs, who are essentially selling an anonymising > service. > > Surfshark happens to be one of these ISPs and OpenVPN is just one of the > methods they offer to secure the connection to their servers. >
Some responses are for the OP, some for the person replying or both. This is correct. Like a lot of VPN providers, Surfshark has their own software you can install however Gentoo doesn't have it in the tree, or a overlay that I know of. So basically I pay for the username, password and access then use my own software for the VPN service. If you can get Surfshark to install on Gentoo, from what I've seen it is pretty nice and highly configurable. I guess there isn't enough demand for it in Gentoo. Either Surfshark would help with a ebuild or someone who knows how would make one. >> OpenVPN looks rather complex. >> According to https://linux.die.net/man/8/openvpn >> >>> OpenVPN is a robust and highly flexible VPN daemon. OpenVPN supports >>> SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport >>> through proxies or NAT, support for dynamic IP addresses and DHCP, >>> scalability to hundreds or thousands of users, and portability to >>> most major OS platforms. > OpenVPN is widely used because it is relatively easy to configure on the > client side and provides binary client applications for every/most OS. Other > VPN methods are IKE/IPSec typically used by corporate setups and the more > recent and arguably better Linux implementation of WireGuard. > This is also true. Basically, I got a copy of the config file from Surfshark for the city I wanted, renamed it and put it in the openvpn directory. I then created a login file with my username and password. After that, from what I recall, just start the service. If it gets any easier, it would be magic. >> I basically want browsers (Pale Moon browser and Google Chrome) to >> show up with an IP address in a different country. The major players >> that "support linux" do Ubuntu/Debian/Mint. I assume we're looking at >> unpacking a .deb. > What you are looking for is an anonymising *browsing* proxy. Assuming this > has no legal implications for your country, i.e. as an end user circumventing > the newly enacted law, the easiest and free from fees approach would be to > download and use the tor browser: > > https://www.torproject.org/download/ > > Or, if you must use your own browsers, then install the net-vpn/tor and > potentially net-proxy/privoxy daemons, start them up and setup your browser > network tab to point it to your localhost:9050. More detail here: > > https://wiki.gentoo.org/wiki/Tor > > There used to be a lot of open proxy HTTP/HTTPS/FTP/SOCKS4/SOCKS5 servers > available in datacenters around the world. Some of them may still be free, > but it is also likely they may full of malware and man-in-the-middle attacks. > > NOTE: depending on your need to protect your anonymity/privacy, you may also > need to configure your DNS resolver connection to take place via the remote > VPN server, than via your local ISP. Most VPN implementations provide this > function. That may be a better option and I think it is a free option at that. As you point out, make sure what is allowed by law and if needed, make sure it is safe to use. I've read that in some countries that even having certain software installed can be illegal. Dale :-) :-)
