Setup a self hosted VPN for $5 per month

Ankit
5 min readJun 11, 2017

--

I always wanted to setup my own VPN server for learning and fun. Obviously, I don’t trust the paid VPNs available on the market. Before you suggest Tor, let me tell you that I have tried it and it’s too slow. I simply don’t have the patience to use it.

I think I have found a feasible and trustworthy solution. If you can execute a few commands in the terminal and edit a file using vi/emacs/nano, then this is probably the best option for you too.

Algo is a bunch of scripts that deploy a new instance on the hosting provider of your choice and setup the VPN for you. All you have to do is execute some commands and wait. And if that’s not enough, there’s no client side software needed except for using android devices.

Prerequisites:

  1. A digital ocean account. You will also need to create an API key with read write access which the scripts use to create an instance. You can use Amazon EC2, Microsoft Azure or Google compute engine too. The step for generating API key changes accordingly.
  2. Basic bash skills. You will have to run a few commands and edit a file.

Clone repo and install dependencies

You can follow the following steps on your Ubuntu machine. Please read the docs if you are using a Mac or Windows machine for this setup.

Download the repo and cd into the project directory.

git clone https://github.com/trailofbits/algo.git
cd algo/

Install dependencies.

sudo apt-get update && sudo apt-get install \
build-essential \
libssl-dev \
libffi-dev \
python-dev \
python-pip \
python-setuptools \
python-virtualenv -y

Install some more dependencies.

python -m virtualenv env && source env/bin/activate && python -m pip install -U pip && python -m pip install -r requirements.txt

Add users

Open config.cfg and edit the existing usernames “Dan” and “Jack” with whatever usernames you like. These names will be used to connect to the VPN later. If you are an advanced user, you can change other settings in this file too.

Digital Ocean API key

Create an on API and then on Generate New Token (shown below).

Once you click generate token, it shows you a token on the next page. Copy it and keep it safe, you will need it in the next step.

Run script

Run ./algo in your terminal.

You will have to answer a few questions shown below. It’s okay to put in “N” for most. The only notable question is if you want to connect to VPN using Windows or Linux, say yes only if you have a windows or linux device you want to use.

Note that you need to paste the API token when it asks, it won’t show you the pasted token.

When you have answered all the questions, the script prints a lot of stuff on your command line. Watch a few cat videos while you wait for it to finish.

After a few minutes you will see a message like this:

All files required for configuring your client devices are now created in configs directory. You can find .mobileconfig files in a directory named with the IP address of the deployed VPN.

For configuring, iPhones and Macs all you need to do is airdrop the .mobileconfig file to the device and import the settings when the device prompts.

On iPhone, a VPN option will show up in your settings which can be used to toggle the setting.

On Mac, go to System Prefernces > Network. Algo VPN will appear in the list on the left side. Click on it and you will be able to connect/disconnect from the VPN.

For other devices, follow the steps from the documentation here.

Note: Delete the API key generated from the Digital Ocean website. It’s no longer required.

Is it better than Tor and paid VPNs?

  1. It’s faster compared to Tor. Also, download speeds have been good so far. I have also used the VPN for audio/video calls and streaming videos.
  2. It’s more secure compared to paid VPNs. You don’t have to worry about any middleman logging your data. If a shared VPN is compromised, all users using it are compromised. Also, remember you can destroy this instance anytime and setup a new one.
  3. You can delete the private key which could be used to ssh into the machine. In that case, no one can ssh into the instance, not even you! And you can only destroy it from Digital Ocean website.
  4. You only pay $5 a month.
  5. Your friends and family can share this VPN. All you need to do is add more users during setup.

--

--

Ankit
Ankit

Responses (3)