![]() ![]() ![]() The use of a shared-secret prevents rogue agents from connecting to your VPN-server. ![]() This means that the connections made from one host, to another, over their private network will be unreadable to hosts in the same location.The use of TLS prevents traffic from being sniffed.Providing all the clients connect to the server over a TLS/SSL-protected socket then things are secure: The expectation is that you'll host the VPN-server behind an nginx/apache proxy and you'll add TLS there (i.e. The VPN-server does not implement any kind of encryption itself, nor does it handle access-control beyond the use of a shared-secret. If you're using go before 1.11 then the following command should fetch/update the projectl and install it upon your system: (Unfortunately we use CGO, and the water-library, which makes our code non-portable for now.) Source Installation go <= 1.11 ![]() There are two ways to install this project from source, which depend on the version of the go version you're using.Īlternatively you can download the latest release from our releases page if you're running upon AMD64-GNU/Linux host. It should be noted that the VPN-server will become a single point of failure if you're using it to join (say) a database-host located at Hetzner with a number of webserver-nodes split between Linode and Digital Ocean, but being a simple service, easy to deploy, it should be trivial to spin up a replacement in a hurry. While it is possible to use this software to mask your laptop's IP while traveling, instead showing the IP of the VPN-server as being the source of connections that is not the expected use-case.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |