Menu
What's new
By:
Filters Better Search

Meet Algo, the VPN that works

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sfx2000

sfx2000

Part of the Furniture
Quoted from https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/
Today we’re introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need.

And it’s free.

For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you.

Don’t bother with commercial VPNs
They’re crap.

Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data.

Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators.

Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure.
Click to expand...


GitHub Link for the scripts

https://github.com/trailofbits/algo

They recently added Wireguard support to their scripts...

Do this on a DigitalOcean VPS - $5/month with 1TB transfer

https://www.digitalocean.com/pricing/
 
Last edited by a moderator:
Pretty easy setup, on Digital Ocean, I gave it a whirl this evening. I had a couple of failures. (Dingy behind the keyboard). :p

Then succeeded and found my assigned IP was blocked by this very forums. :eek::(:rolleyes: I simply recreated on a different Server with different IP.

Nice learning experience.
 
Most commercial VPN providers basically bullsh*t people about their services - I've seen a lot there, and the routing on the back end usually ends up in China, Russia, or the US after the first link...

https://www.techdirt.com/articles/2...g-ethical-operator-is-comical-shirtshow.shtml

It's not whether the VPN operator keeps logs or not - it's the routing, and that's enough for many 3 letter agencies...

VPN providers, at the end of the day, are a scam with regards to privacy...

I like the AlgoVPN approach as it's almost turn-key...

If one doesn't control both ends of a VPN, it's not a VPN..
 
Last edited by a moderator:
I finalized my setup this evening and let's just say, I am very pleasantly surprised.

Connect on demand works flawlessly on my iOS and Mac devices, including connection/disconnection on preferred networks. Solves the issue, that I was having with connecting/disconnecting to my travel router (openVPN on router and devices causing conflicts).

I can have 1 of my travel router wifi SSID's, set as preferred which disconnects the Wireguard VPN, and then allows my devices to use the Open VPN to the home thru the router if needed.

I don't need VPN service for things like Netflix, I am only looking to keep my traffic away from cell provider, and or ISP and securing the devices on un secure wifi (Hotels mainly as I travel extensively).

Its super cool, I can use this for $5 for all my devices while traveling and still maintain openVPN for my home net access etc. The family is 98% at home so they will not typically use large chunks of data, but even if they leave the house, it does have 1TB of use each month.

Thanks @sfx2000

Again super easy to setup.
 
Last edited:
sfx2000 said:
Quoted from https://blog.trailofbits.com/2016/12/12/meet-algo-the-vpn-that-works/



GitHub Link for the scripts

https://github.com/trailofbits/algo

They recently added Wireguard support to their scripts...

Do this on a DigitalOcean VPS - $5/month with 1TB transfer

https://www.digitalocean.com/pricing/
Click to expand...
So, although this Algo itself is free, at a minimim the cloud hosting costs are USD5/month to operate an ALGO setup?

Also, where is the best place to find a step by step ALGO install guide for non-literate IT savy tech heads...github or whatever it is called? I want to give this Algo a go and see if I can successfully instal and run it.

Thanks in advance and regards,
buk
 
@unclebuk

Im about to walk out the door to work, but I'll post some of my link's this evening. I found a lot from Google but some of them, if not a fair amount were hit and miss. If you have even ran a merlin script and ssh into a machine I think you'll be good to go with relative ease.

Most of the articles I saw mentioned building and uploading from your machine to the server. I actually had better luck doing it on the server. * Though that was likely the crappy internet I was on here (hotel during setup last week).
 
HuskyHerder said:
@unclebuk

Im about to walk out the door to work, but I'll post some of my link's this evening. I found a lot from Google but some of them, if not a fair amount were hit and miss. If you have even ran a merlin script and ssh into a machine I think you'll be good to go with relative ease.

Most of the articles I saw mentioned building and uploading from your machine to the server. I actually had better luck doing it on the server. * Though that was likely the crappy internet I was on here (hotel during setup last week).
Click to expand...
Ok, sounds good.

Actually I got started a few moments ago and made it this far before the wheels fell off:
  1. List the users to create. Open config.cfg in your favorite text editor. Specify the users you wish to create in the users list.
Not sure how to create the "users" in the config.cfg file.

I did sign up with DigitalOcean and received an instant $100 credit but not sure yet what that entitles me to.

Catchya later, thanks!
 
also, now stuck on running ./algo cmd. Instructions "Start the deployment. Return to your terminal. In the Algo directory, run ./algo and follow the instructions."

Unsure how to run ./algo in the Algo directory.

Lost (for now) with this set-up...

I'm still lost BUT I did manage to get this entire exercise up and running and connected to a DigitalOcean server in CA, frisco I think and it is running about 100Mbps which is about 50% of my usual OpenVPN server speeds from locations on the west coast.
 
Last edited:
@unclebuk

Sorry been a long couple of days a work. Are you still hung up ?

If you downloaded it directly to the server rather than a local computer...

Use nano to edit the config file. Make sure you are in the ./algo directory.
Code: 
cd ./algo
You may wish to brush up on the use of nano a bit. That is if your not familiar with it. It's not hard at all. Just don't let it intimidate you. :)
Code: 
nano config.cfg

If you downloaded it to your computer for later upload to your server.

You would locate the download location of the algo file from GitHub. Typically your downloads folder.
Locate the config.cfg file and edit the file. :)
You'll see a section as mine indicates, I left the space between the "-" and the name that existed, and simply changed the name.
You can add as many as you need up to 250, simply keep the same formatting.

Screen Shot 2019-03-14 at 21.15.45.png
 
HuskyHerder said:
@unclebuk

Sorry been a long couple of days a work. Are you still hung up ?

If you downloaded it directly to the server rather than a local computer...

Use nano to edit the config file. Make sure you are in the ./algo directory.
Code: 
cd ./algo
You may wish to brush up on the use of nano a bit. That is if your not familiar with it. It's not hard at all. Just don't let it intimidate you. :)
Code: 
nano config.cfg

If you downloaded it to your computer for later upload to your server.

You would locate the download location of the algo file from GitHub. Typically your downloads folder.
Locate the config.cfg file and edit the file. :)
You'll see a section as mine indicates, I left the space between the "-" and the name that existed, and simply changed the name.
You can add as many as you need up to 250, simply keep the same formatting.

View attachment 16571
Click to expand...
Yes, I have ALGO protocol now running on a cloud server. All seems ok at the moment. Thanks for your guidance, every little bit helps.
Regards, buk
 
SCR 2019-03-15 at 1.05.23 PM.jpg
HuskyHerder said:
@unclebuk

Sorry been a long couple of days a work. Are you still hung up ?

If you downloaded it directly to the server rather than a local computer...

Use nano to edit the config file. Make sure you are in the ./algo directory.
Code: 
cd ./algo
You may wish to brush up on the use of nano a bit. That is if your not familiar with it. It's not hard at all. Just don't let it intimidate you. :)
Code: 
nano config.cfg

If you downloaded it to your computer for later upload to your server.

You would locate the download location of the algo file from GitHub. Typically your downloads folder.
Locate the config.cfg file and edit the file. :)
You'll see a section as mine indicates, I left the space between the "-" and the name that existed, and simply changed the name.
You can add as many as you need up to 250, simply keep the same formatting.

View attachment 16571
Click to expand...
Help..! (LOL) ...now I am trying to set up ALGO on a Vultr server but getting hung up on the in the terminal with this request:

"[cloud-vultr : pause]

Enter the local path to your configuration INI file

(https://trailofbits.github.io/algo/cloud-vultr.html):

I cannot for the life of me dessiminate what this local path to the configuration INI file should be?? This was not asked for during setup using DigitalOcean, only on Vultr server. Can you weigh in on this and provide the necessary details?

Appreciate it ...regards.
 
Last edited:
@unclebuk

No not at the moment, but you have peaked my interest with Vultr. I'm out and about but ill try to give it a shot later on today. I like they have servers in areas closer to me. Pricing looks good too.

I found this via a Google search

https://github.com/trailofbits/algo/issues/979

This user used
Code: 
./vultr.ini
I have no idea if thats correct considering he/she was posting in the issues section. However the script seems to continue on without erring with that location.
 
Last edited:
@unclebuk

Thank you for turning me onto Vultr. I did a little non scientific testing for my instances.

The DigitalOcean instance can sustain a higher throughput over the Vultr. * This was on my home connection 1G/40.
However, once I am out and about on cellular or wifi, they both fare equally well. No big discrepancy in throughput. * This was my primary consideration for using Algo.

It took some experimentation to get it to setup properly on Vultr. I narrowed down my issues to something in the ssh access/user name settings. I had tried a different naming scheme vs what I used over at DO. Once I moved to my old names all went well.
I am going to run both for the next couple of days and see which one /speed I like the most.

* I used the advanced setup and installing directly on the server vs a local download and then a upload/install option. I never needed the INI file.
 
I also wanted to hear more about @unclebuk 's question regarding the difference between running Algo and using a VPN provider. I can understand that there is a big benefit to controlling both ends of the VPN link, but their is still the question of the security of the virtual machine you run the other end on. So if things are locked down pretty well buy the virtual compute provider then it should be a good solution.

EDIT: actually I think I can answer my own question. The business model is a little different in that DigitalOcean and the other VM/VPS providers have a vested interest in providing good security. The VPN providers are opaque - you probably wouldn't hear about any incidents and you have no control over how careful they are with the VPN end point.
 
Last edited:
HuskyHerder said:
@unclebuk

Thank you for turning me onto Vultr. I did a little non scientific testing for my instances.

The DigitalOcean instance can sustain a higher throughput over the Vultr. * This was on my home connection 1G/40.
However, once I am out and about on cellular or wifi, they both fare equally well. No big discrepancy in throughput. * This was my primary consideration for using Algo.

It took some experimentation to get it to setup properly on Vultr. I narrowed down my issues to something in the ssh access/user name settings. I had tried a different naming scheme vs what I used over at DO. Once I moved to my old names all went well.
I am going to run both for the next couple of days and see which one /speed I like the most.

* I used the advanced setup and installing directly on the server vs a local download and then a upload/install option. I never needed the INI file.
Click to expand...
So at this point, what are your thoughts on DigitalOcean vs Vultr? I have also tested AWS and it performs quite well!
 
For me, I have had a couple of broken connections to Vultr, just a toggle off and on fixed it. Thats likely nothing to do with Vultr, more so my frequent traveling and varying cell coverage. Digital Ocean, I had 1 broken connection just as above.
* iOS connect on demand w/ preferred wifi disconnect options set.

As for speediness of the VPS, they are about the same, no real testing only my perceptions.

I do have ad blocking enabled on both and I had to disconnect each at times to check a site here and there. I didn't bother to commit it to memory as it was a very rare occurrence.

As for use, setting up a system etc, I prefer Vultr, I like some of the options present in the interface. Password and SSH key, vs having to reset the PW to gain access at DO, if you select SSH key at start. Vultr has a reinstall option. Plus the ability to edit the reverse dns, and the firewall ease of use is pretty good too. Multiple payment options are also available as well.

With everything, I would say Vultr for me. I know you probably wanted more of a comparison of the usage. I don't do power usage, just protecting my general browsing and 98% of that is in forums like here and text based news sites with a sprinkle of youtube, and Netflix.

One thing Vultr will not allow you to do is downsize a VPS, where as DO will. Potential data loss is Vultrs reason. It safe to say they are likely correct and its so easy to setup another server. It's a non issue.

This post was brought to you by my Algo VPN, on a Vultr VPS :)
 
You must log in or register to reply here.

Similar threads

Mutzli
Algo VPN
Replies
5
Views
1K
Paliv
P
Similar threads
Thread starter Title Forum Replies Date
gdgross Setting up VPN server (router?) for offsite access VPN 13
C Instant Guard IPsec VPN Log Showing Regular Access Attempts VPN 3
A Best way to set up vpn on router for gaming? VPN 13
M VPN for a Cruise Ship VPN 11
F Router for VPN with AES-NI VPN 8
S How to start client VPN from the CLI on tomato firmware VPN 0
Diablo99 How to build a safe VPN VPN 3
F Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists VPN 2
P OPNsense / Adguard / DNS & VPN questions VPN 3
6 VPN problem on remote connection. VPN 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 815 (members: 26, guests: 789)
Top