Trading a VPN for an SSH Tunnel
-
Watching this; looking to do the same thing to remote access a computer radio combo
-
So, I went to ZeroTier and created myself a free account, created a network, and downloaded a client for my Windows 10 PC, the android app, and installed it on my Debian 9 Linux desktop. Authorized 3 clients onto the network. The network is private, so has to be authorized from the ZeroTier console before allowing communication between the device and the rest of the network.
Once I had 3 devices connected, I began testing communication between devices.
From Windows 10 to Debian 9:
via SSH
via VNC
So, I am able to remote into the computer by both SSH and VNC. However, I am not able to talk on the radio and hear what I receive while I am out and about. This is my next dilemma. How do I have the two-way audio between the ham-shack box and myself when I'm out and about?
-
@NerdyDad VNC should have the option to forward audio as well. Might be in the server or client setting tho, it's been a long time since I had a reason to go look at that.
-
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.All more work and more money than easy and free.
Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!
-
@JaredBusch said in Trading a VPN for an SSH Tunnel:
And a fully open virus network. ZT is at least limited tot he devices it is on.
How so? My VPNs are locked to IP address and/or 2FA.
-
@JasGot said in Trading a VPN for an SSH Tunnel:
@JaredBusch said in Trading a VPN for an SSH Tunnel:
And a fully open virus network. ZT is at least limited tot he devices it is on.
How so? My VPNs are locked to IP address and/or 2FA.
Once something gets onto any node - it can spread the virus to all other VPN nodes... the same applies to ZT, though JB's claim is that ZT won't likely be installed everywhere.
To JB's claim I say - so what? Once a multi-homed computer is infected, it can easily try to infect any other local computers, so... not really much of a saving grace there.
-
@travisdh1 said in Trading a VPN for an SSH Tunnel:
@NerdyDad VNC should have the option to forward audio as well. Might be in the server or client setting tho, it's been a long time since I had a reason to go look at that.
I didn't see it in VNC, but maybe I am using the wrong VNC server (TightVNC vs UltraVNC). Can you send me some more information?
I also found crtmpserver that streams audio both ways and to Android devices. Maybe it will work instead? How hard would it be to setup?
-
@Dashrender said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
@JaredBusch said in Trading a VPN for an SSH Tunnel:
And a fully open virus network. ZT is at least limited tot he devices it is on.
How so? My VPNs are locked to IP address and/or 2FA.
Once something gets onto any node - it can spread the virus to all other VPN nodes... the same applies to ZT, though JB's claim is that ZT won't likely be installed everywhere.
To JB's claim I say - so what? Once a multi-homed computer is infected, it can easily try to infect any other local computers, so... not really much of a saving grace there.
Coorect not much of one but it is a smaller attack surface by a bit
-
@Dashrender said in Trading a VPN for an SSH Tunnel:
Once something gets onto any node - it can spread the virus to all other VPN nodes...
True, hopefully gateway security suites will stop that.
-
@JasGot said in Trading a VPN for an SSH Tunnel:
True, hopefully gateway security suites will stop that.
VPNs bypass those things. At least in most cases. Gateway security is never really where you expect things to be stopped. It's the individual machines where you hope for the real defenses to be sitting. Whether it's because the LAN is breached in some other way, or a hole is punched by the VPN, Gateway security is too far from the main attack points and knows nothing about most attack vectors.
-
@JasGot said in Trading a VPN for an SSH Tunnel:
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.All more work and more money than easy and free.
Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!
$70 for what you are proposing with more hardware and equipment that could fail and I have to maintain in my house that my wife won't like because its more "junk" versus ZeroTier which is free, software only, and my wife won't have to see it.
Hmmm....Decisions, decisions.
-
@NerdyDad You mean there are actual decisions to that lol? ZT for the win
-
@JasGot said in Trading a VPN for an SSH Tunnel:
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.All more work and more money than easy and free.
Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!
Comparing to a bad decision is misleading. You have to throw money away today, and ignore better options, to them create the "savings" of spending money. That's a false decision matrix.
The real comparison is against something free. That's the baseline to beat. Otherwise, nothing is costly compared to any contrived more expensive decision.
Example: I want a laser light show for my house, I don't need it, I just want it. The free option is to not buy one. Buying one is normally $100. But I could find one that is $200 and then say that the $100 is "free" or even "saving me money." But this is false, it's still costing $100 no matter how many more expensive alternatives we find.
It's like the 'sale' problem. The shirt was on sale for 50% off, I saved 50%!! No, you still bought a shirt you didn't need, money was lost versus the free baseline.
-
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.All more work and more money than easy and free.
Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!
Comparing to a bad decision is misleading. You have to throw money away today, and ignore better options, to them create the "savings" of spending money. That's a false decision matrix.
The real comparison is against something free. That's the baseline to beat. Otherwise, nothing is costly compared to any contrived more expensive decision.
Example: I want a laser light show for my house, I don't need it, I just want it. The free option is to not buy one. Buying one is normally $100. But I could find one that is $200 and then say that the $100 is "free" or even "saving me money." But this is false, it's still costing $100 no matter how many more expensive alternatives we find.
It's like the 'sale' problem. The shirt was on sale for 50% off, I saved 50%!! No, you still bought a shirt you didn't need, money was lost versus the free baseline.
Except I need the shirt. No one wants to see me topless. I proved that back in January.
-
Oldish thread looks like you found a solution using ZeroTier. Has anyone done something similar using SoftEther VPN? I am looking at a SoftEther setup (not by me) trying to figure it out; looks likkey they have asome soft of cloud server and are bridging the VPN's to make a large network.
-
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
@scottalanmiller said in Trading a VPN for an SSH Tunnel:
@JasGot said in Trading a VPN for an SSH Tunnel:
Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.All more work and more money than easy and free.
Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!
Comparing to a bad decision is misleading. You have to throw money away today, and ignore better options, to them create the "savings" of spending money. That's a false decision matrix.
The real comparison is against something free. That's the baseline to beat. Otherwise, nothing is costly compared to any contrived more expensive decision.
Example: I want a laser light show for my house, I don't need it, I just want it. The free option is to not buy one. Buying one is normally $100. But I could find one that is $200 and then say that the $100 is "free" or even "saving me money." But this is false, it's still costing $100 no matter how many more expensive alternatives we find.
It's like the 'sale' problem. The shirt was on sale for 50% off, I saved 50%!! No, you still bought a shirt you didn't need, money was lost versus the free baseline.
The wife gets mad when I tell her you save 100% if you don't buy anything.