Something I like to use to set up a VPN in a hurry is the OpenVPN install script by nyr
https://github.com/Nyr/openvpn-install
It takes very little time to setup and is easy to use, but I could totally see how someone would want to avoid that script (youre blindly trusting some shell script, curl | sh style) in favour of a solution like the one presented in this post.
I’ve personally used Algo a lot - spins up a quick IPSEC VPN. I’ll trash it and make a new one every few weeks, really well written and good bit of software.
I use Algo by Trail of Bits. It’s super easy to set up (has a command line wizard to walk you through setting up your server on a variety of providers), generates mobile profiles for iOS to connect on demand on unknown networks, and had super secure defaults.
I wanted IKEv2 for performance and security reasons (I won’t elaborate on this here, if you’re curious about the differences, there’s a lot of content out on the web explaining this).
A similar setup and blog post for WireGuard would be even better still, in terms of both performance and security! @zx2c4
Something I like to use to set up a VPN in a hurry is the OpenVPN install script by nyr https://github.com/Nyr/openvpn-install It takes very little time to setup and is easy to use, but I could totally see how someone would want to avoid that script (youre blindly trusting some shell script, curl | sh style) in favour of a solution like the one presented in this post.
I use that script too - spin up a lowendspirit box, run the script and you have a cheap VPN set up in a few minutes.
If you want to do this on FreeBSD with OpenVPN and automate it, I wrote an Ansible role as part of my Bee2 projects that you can look at here:
https://github.com/sumdog/bee2/tree/master/ansible/roles/vpn
I’ve used Streisand to create a VPN endpoint on a Digital Ocean droplet. AWS, Google Cloud and more are supported out of the box.
Streisand looks very cool!
I’ve personally used Algo a lot - spins up a quick IPSEC VPN. I’ll trash it and make a new one every few weeks, really well written and good bit of software.
I use Algo by Trail of Bits. It’s super easy to set up (has a command line wizard to walk you through setting up your server on a variety of providers), generates mobile profiles for iOS to connect on demand on unknown networks, and had super secure defaults.
Algo supports WireGuard now too, which is nice.
A similar setup and blog post for WireGuard would be even better still, in terms of both performance and security! @zx2c4