iGFW

 Your VPS As A SSH Proxy

If you have a VPS, you can use it to set up a VPN, whether PPTP, L2TP/IPSec or OpenVPN, instead, you can use your VPS as a SSH proxy directly to unblock the internet censorship.

The following will show you how to use your VPS as a SSH proxy in a very easy way:

I. Connect to your VPS

As mentioned before, for Windows, you need to install a SSH client (such as Tunnelier), and for Mac, you can also install a SSH client (such as Issh), but instead, you can just use the Terminal application to connect to your VPS and start the SSH tunnel by just entering the following command in the Terminal window:

ssh -N -D 7070 root@94.249.184.93

Remember to replace “94.249.184.93” with the IP address of your own VPS, and press the “Return” key, then enter your VPS account password, if nothing appear as a result, you are done.

By the way, if you have created a VPN in your VPS, you can still use your VPS as a SSH proxy.

Tips:

Although the above is the easiest way to connect to your VPS, you can only use the SSH yourself, unless you want to share your whole VPS account with others. So, to share a SSH account only with others, you can create a new and limited user with the following 4 steps:

1. Log in your VPS root

Open a Terminal window, and enter the following command:

SSH root@94.249.184.93

Remember to replace “94.249.184.93” with your own VPS IP.

2. Create a group

Enter the following command:

groupadd internetfreedom

You can replace “internetfreedom” with any name you like.

3. Create a limited user

useradd -d /home/freenutsdotcom -m -g internetfreedom -s /bin/false freenutsdotcom

The above command will create a new SSH user “freenutsdotcom” in the “internetfreedom” group, and who can’t log in your VPS.

4. Create a password for the new user

Enter the following command:

passwd freenutsdotcom

You can enter any password (such as “123456”) for the new user.

Now, you can share the username and password with your friends, who can then use your VPS SSH with the following command:

ssh -N -D 7070 freenutsdotcom@94.249.184.93

Remember to replace “freenutsdotcom” with the new user, and “94.249.184.93” with your own VPS IP.

II. Configure the browser’s network

After connecting to your VPS, you need to set the Socks proxy sever IP address to 127.0.0.1 with port 7070 in your browser’s network settings. The following will you how to do that in Firefox and Chrome:

1. For Firefox

In Firefox, you can find the above settings page with the following path:

Preference –> Advanced –> Network –> Settings

2. For Chrome

In Chrome, you can find the above settings page with the following path:

Preference –> Under the Hood –> Network –> Change Proxy Settings

By the way, remember to leave HTTP, SSL, FTP and all the other proxy server configurations empty or unchecked.

Bonus:

The following is a SSH account created according to the above tutorial:

Host: 94.249.184.93

Username: freenutsdotcom

Password: 123456

This test SSH account will be available for 10 days, have fun.

来源：http://freenuts.com/how-to-use-your-vps-as-a-ssh-proxy/

====================================================================

How To Set Up OpenVPN In A VPS

Different from PPTP and L2TP/IPSec, which are mainly based on Xen, OpenVPN is also workable well in the OpenVZ VPS, but you need to install a desktop client to run it.

This post will show you how to set up an OpenVPN in only 10 steps, and what you need are a VPS and a computer. Same as the PPTP and L2TP/IPSec tutorial, the following steps are based on the Ubuntu system of Xen VPS and the Terminal application of Mac, and for Linux, the steps will be nearly the same, but for Windows, you will need to install Putty first. Here we go:

I. Connect to your VPS

Run your Terminal, and enter the following command:

ssh root@xxx.xxx.xxx.xxx

Just replace “xxx.xxx.xxx.xxx” with your VPS’ IP, such as “178.18.17.142″.

Tips: You can check out the PPTP setup tutorial for more details.

II. Install OpenVPN

Enter the following command:

apt-get install openvpn

Press the “Return” key, and enter “y”, then press the “Return” key.

III. Move easy-rsa into the correct place

Enter the following command:

cp -R /usr/share/doc/openvpn/examples/easy-rsa /etc/openvpn

Press the “Return” key, then you can move the easy-rsa folder to the OpenVPN directory.

IV. Generate keys

Enter the following commands one by one, press the “Return” key at each line, and answer “yes” to all “yes/no” questions:

cd /etc/openvpn/easy-rsa/2.0

. ./vars

./clean-all

./build-ca

./build-key-server server

./build-key client

./build-dh

Tips: You can change the “client” to any name you like, but don’t forget to change accordingly in the following steps.

V. Apply iptables rules

This step will let your OpenVPN connect with the whole internet world.

1. Forward the IP

Enter the following command:

vi /etc/sysctl.conf

Press the “Return” key, find the line of “#net.ipv4.ip_forward=1” and press the “x” key to remove the “#”, then enter “:wq” to save it.

2. Run the forward

Enter the following command to make the forward active:

sysctl -p

Then you will see the following message as a result:

net.ipv4.ip_forward=1

3. Create iptables rules

Enter the following command:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 178.18.17.142

Remember to replace “178.18.17.142” with the actual IP address of your VPS.

Tips: For OpenVZ VPS, you need to replace “eth0” with “venet0”.

VI. Create the VPS OpenVPN configuration file

Enter the following command:

# vi /etc/openvpn/server.conf

Press the “Return” key, and press the “i” key, then paste the following contents:

port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
client-to-client
duplicate-cn
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 3

Press the “esc” to quit the insert mode, and enter “:wq” to save the change.

Tips: You can also replace 8.8.8.8 & 8.8.4.4 with 208.67.222.222 & 208.67.220.220.

VII. Start OpenVPN

Enter the following command:

# /etc/init.d/openvpn start

Press the “Return” key.

VIII. Create the PC OpenVPN configuration file

Enter the following command:

vi /etc/openvpn/easy-rsa/2.0/keys/client.conf

Press the “Return” key, and press the “i” key, then paste the following contents:

client
dev tun
proto udp
remote 178.18.17.142 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3
redirect-gateway
script-security 2

Remember to replace “178.18.17.142” with your own VPS’ IP address.

After that, press the “esc” to quit the insert mode, and enter “:wq” to save the file.

IX. For reboot

In order to redo the above iptables settings when you reboot your VPS, you can enter the following command:

vi /etc/rc.local

Press the “Return” key, and press the “i” key, then paste the following contents above the line of “exit 0” :

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 178.18.17.142
openvpn /etc/openvpn/server.conf

Remember to replace “178.18.17.142″ with the actual IP address of your VPS. After that, press the “esc” to quit the insert mode, and enter “:wq” to save the file.

Tips: The above command is for Xen VPS, and for OpenVZ VPS, you need to replace “eth0” with “venet0”.

X. Download some things to your PC

You need to download the following 4 files to your local PC:

• client.conf
• ca.crt
• client.crt
• client.key

To do so, you can use Fetch (for Mac), WinSCP (for Windows) or some other SFTP software, and you can also use your Mac’s Terminal with the following SSH commands:

1. Get into the path

Enter the following command:

cd /etc/openvpn/easy-rsa/2.0/keys/

Press the “Return” key.

2. Download the files

Enter the following content:

scp ca.crt client.crt client.key client.conf air@68.68.40.151:

Remember to replace “air” with your Mac’s user name, and “68.68.40.151” with your local IP, which you can find out by opening a new Terminal window and entering “ifconfig”, if you can see a “ppp0” item like the following:

Then the first inet value will be THE IP, or you can’t download the files with the above scp command.

After that, press the “Return” key, answer “yes” to the question, and enter your Mac password if any, then you can download all the 4 files to the user name’s root.

3. Move the download files

When it is finished, go to the root of your user name, and move the 4 download files to your local OpenVPN configurations folder, then your own OpenVPN is ready.

Bonus:

The following is a configuration package of an OpenVPN created in a Xen VPS according to the above tutorials:

FreeNuts OpenVPN

The OpenVPN will be free and available for a month, you can download it and check out this post for how to use in your computer and mobile phone.

来源：http://freenuts.com/how-to-set-up-openvpn-in-a-vps/