Looking for a lightweight VPN client, but are not ready to spend a monthly recurring amount on a VPN? VPNs can be expensive depending upon the quality of service and amount of privacy you want. A good VPN plan can easily set you back by 10$ a month and even that doesn’t guarantee your privacy. There is no way to be sure whether the VPN is storing your confidential information and traffic logs or not. sshuttle is the answer to your problem it provides VPN over ssh and in this article we’re going to explore this cheap yet powerful alternative to the expensive VPNs. By using open source tools you can control your own privacy.
VPN over SSH – sshuttle
sshuttle is an awesome program that allows you to create a VPN connection from your local machine to any remote server that you have ssh access on. The tunnel established over the ssh connection can then be used to route all your traffic from client machine through the remote machine including all the dns traffic. In the bare bones sshuttle is just a proxy server which runs on the client machine and forwards all the traffic to a ssh tunnel. Since its open source it holds quite a lot of major advantages over traditional VPN.
Advantages of sshuttle:
- Easy setup and light weight
- Open Source (sshuttle GitHub)
- Just needs a remote machine on which you have ssh access
- No root required on the remote machine
- Works on multiple platforms, including FreeBSD, Linux and MacOS
- Encrypted tunnel because ssh (duh..)
- Purely command line VPN tool, no waiting for those GUIs to open up
Prerequisites for sshuttle:
- Root access on client machine (root on remote machine is not required).
- Python 2.3 or higher installed on the remote machine.
Installing sshuttle
# Ubuntu/Debian:
apt-get install sshuttle
# MacOS using Homebrew:
brew install sshuttle
# Installing sshuttle via pip/pip3:
sudo pip install sshuttle
# Arch Linux:
pacman -S sshuttle
# Installing shuttle on NixOS:
nix-env -iA nixos.sshuttle
# Installing sshuttle on Fedora:
dnf install sshuttle
# Building and installing sshuttle from source:
git clone https://github.com/sshuttle/sshuttle.git
cd sshuttle
sudo ./setup.py install
Usage
sshuttle -r user@remote-ip 0.0.0.0/0
Most useful options for sshuttle:
-r
: remote hostname with optional username
-v
: verbose output (you can add additional v to make the output more verbose.
--dns
: Captures all the DNS queries on the client machine and resolves them using the remote machine.
A list of all available options:
-p: port number to forward traffic to
-d: destination port number to forward traffic from
-s: source port number to forward traffic from
-t: timeout in seconds
-f: forward traffic to a different interface
-i: interface to forward traffic from
-b: bind to a specific local address
-l: local port number to forward traffic from
-a: local address to bind to
-n: don't daemonize
-q: quiet mode
-o: log to a file
-c: log to syslog
-u: log to stdout
-k: kill existing sshuttle process
-e: use a specific ssh executable
-m: use a specific ssh command
-w: use a specific ssh command
-x: use a specific ssh command
-y: use a specific ssh command
-z: use a specific ssh command
-h: show this help
-V: show version
-S: show status
-R: restart sshuttle
-P: print configuration
-E: print environment
-B: print build information
-T: print tunnel information
-I: print interface information
-A: print address information
-D: print debug information
-O: print options
-C: print configuration
-M: print memory usage
-L: print log file
-K: print kill command
-U: print usage
-X: print version
-Y: print version
-Z: print version
-H: show this help
-V: show version
-S: show status
-R: restart sshuttle
-P: print configuration
-E: print
Checking Public IP from the Command Line:
curl -s http://ifconfig.me
wget -O - -q http://whatismyip.org/
Sample sshuttle command which forwards all dns requests to remote server and outputs in an extra verbose mode.
sshuttle -r user@remote-ip 0.0.0.0/0 -vvv --dns
You can also create an alias to save sometime in typing the command. Alias in
.bashrc
:
vpn='sshuttle -r user@remote-ip 0.0.0.0/0 -v --dns'
That’s it, now you can connect to your own VPN over ssh with a simple command. It really comes in handy when you’re working on something else but need to access some blocked content in your location, simple, just fire up a terminal and run the command vpn
and voila you are connected to a VPN.
But what if you don’t have a server with ssh access? Frankly it’s not very hard to get a virtual private server for free but it comes with a lot of limitations. The bandwidth maybe limited to 15GB per month or some other similar limitation. If you’re planning to route all your traffic through a VPS then it needs to have a lot of bandwidth, depending on your usage. You can nowadays get a server for very cheap, with good configuration and plenty of bandwidth. A machine with 1 gig, 2 cores, 2TB bandwidth will cost you around 25$ per year. Which is really cheap when compared to 10$ a month VPN plan. And if you really want no traces of your online activities, pay for the server using Bitcoin/Ethereum so that it can’t be traced back to you.
For cheap VPS visit: LowEndBox