1. 19

  2. 1

    Your best bet is to just use algo or at the very least steal their configuration

    1. 1

      Is there anything in particular in that configuration that isn’t available in the one I found? I’m intentionally using a pre-shared key for simplicity and because I’m the only user. I did take a look at Algo, but didn’t see anything that would make using it worth the complexity. Is there something I missed?

      1. 2

        It’s not that I think there’s anything wrong with your approach per se, but you mentioned looking for a premade solution for this and algo is that. It’s about as close to turn-key as you can get, and with hardened defaults.

        One reason I would prefer it over your solution is that you appear to be using a preexisting server to provide a VPN, which is fine, but algo allows you to literally generate a new one as needed. Using a freshly made, disposable VPN is probably a step up from a long-running configuration, security-wise.

        It is debian-based, and if you’d prefer OpenBSD I can see the case for that. An OpenBSD distro of algo would be cool.

        1. 1

          That does seem sensible. I’m currently fine with the requirement that I manage my own server, but a quick setup on any cloud platform with sensible defaults seems smart. I also suspect (but am not completely sure) that it would take a fair bit longer to understand exactly what Algo is doing to my server compared to this approach.

          I quite like anything that the OpenBSD people put out, on average, compared to most solutions on Linux, but that’s purely personal preference.