Dieses Wiki ist ein Archiv bis 2023. Das aktuelle Wiki findet sich unter https://wiki.hamburg.ccc.de/
Difference between revisions of "ChaosVPN:FreeBSDHowto"
m (kategorisieren) |
|||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | [[ChaosVPN|Back]] | ||
+ | |||
+ | {{Template:ChaosVPNBanner}} | ||
+ | |||
The following is a quick tutorial on setting up [[ChaosVPN]] on a FreeBSD machine. | The following is a quick tutorial on setting up [[ChaosVPN]] on a FreeBSD machine. | ||
Latest revision as of 20:33, 24 May 2016
Note:
ChaosVPN is a VPN to connect Hackers and Hackerspaces - it does NOT provide anonymous internet access!
For this look at tor or other similar services.
It will also not help you to reach domains like .rdos, .lll, .clos or any other strange things supposed to be available on the "dark web".
Alternative: If you prefer BGP, you can also connect via https://dn42.net/, we are interconnected.
The following is a quick tutorial on setting up ChaosVPN on a FreeBSD machine.
These instructions ought to work on any BSD machine, including Mac OS X, but this article is specifically for FreeBSD.
Contents
Install tinc
There is only one port you need to install: tinc. Any dependencies ought to be automatically installed when this port is installed. You can find the port in the following directory: /usr/ports/security/tinc
.
Download the ChaosVPN source
Fetch the latest version of ChaosVPN by running the following command:
git clone git://github.com/ryd/chaosvpn.git cd chaosvpn
Build ChaosVPN
Compiling and installing ChaosVPN is a fairly straightforward process:
$ gmake $ su - # gmake bsdinstall
Additional information
Configuring ChaosVPN on FreeBSD is very similar to configuring it on Linux, but here are some FreeBSD-specific options to set in the file /usr/local/etc/tinc/chaosvpn.conf
:
The "gmake bsdinstall" installs a FreeBSD specific default config that should cover most of the specialities.
Post-shutdown commands
ChaosVPN may not automatically remove the tunnel interface once it shuts down. If you notice that a tunX interface with no IP address remains after killing the ChaosVPN process, run the following command:
/sbin/ifconfig tunX destroy
(Replace “tunX” with the actual tunnel name.)
Security concerns
It’s best to create a new, non-root user specifically for running ChaosVPN. This user will need to be listed in the sudoers file, and will need to be a member of the wheel group, so you can run the sudo
and su
commands, respectively. In the file /usr/local/etc/tinc/chaosvpn.conf
, change the option $tincd_user to that new user.