VPS

Trying to find good cheap unmanaged VPS hosting seems to be a difficult task. So far I haven’t had much luck. I have found a few fizzers that have wasted my time for various reasons.

So far, I have had a couple of refunds. Mainly because even tho I had paid money. I didn’t receive an email from the companies concerned. In the end. It somehow worked out faster to get the refund than it was to get a working VPS from them. (2 cases).

I will promote or demote (as required) various VPS suppliers here.

2015-03-27 VPS

Evade Australia's data retention laws with a VPS

First thing you need to do is realize that this isn’t a free process. You will need to locate a VPS (Virtual Private Server) reseller and get a VPS from them. Paying them either monthly or yearly for the pleasure. Most will accept paypal.

Prices charged for VPS’s vary wildly. So you need to determine how much your willing to spend to avoid data retention. The good news is that VPS prices have been steadily getting cheaper and cheaper. So there are some good deals out there.

I operate 5 VPS’s scattered around the world. I would recommend picking a VPS reseller who is located in a country that isn’t likely to allow it’s data to be legally collected. Otherwise you may as well forget the concept of avoiding data retention.


Zoom in on Image

Step 1: Purchase the VPS.

I will supply one of my affiliate URL’s HERE. You can choose to go with another VPS supplier if you wish.

I would go for the cheapest option from this supplier. (At time of writing $10 per year) Because a VPN (Virtual Private Networking) equipped VPS really doesn’t need much in the way of resources.

During the signup process you will be asked to supply a domain name. If you do not have a domain name available. Simply enter a single word. This will be the “name” of your VPS. For our purposes a domain name really isn’t required.

You will also be asked (via a drop down box) What operating system you would like to use. There are many different varieties of Linux available. Chose what version you are comfortable with. But for this tutorial I will be using Debian.

Step 2: Check your email for VPS information.

The VPS supplier will send you an email. In the email will be information about how to manage your VPS. You will be given the “root” password. (The user called root is the administrator) You will also be given the IP of the VPS.

Step 3: Download putty.

Putty is a program that allows you to connect to your VPS. Download putty for windows HERE. Once downloaded. You simply insert the IP of your VPS and click OPEN.


Zoom in on Image

Zoom in on Image

The putty terminal window will then open. Putty will connect to your VPS. Note: The first time putty connects to your VPS you will get a warning that the Host Key is not cached. Just click “YES”. Your should only ever see this prompt once. Unless the IP number of your VPS changes. Next you will see a prompt that says “login as:”. Enter root as the login. Use the password supplied to you in the email from your VPS supplier.

You will then see various pieces of information about your VPS displayed. Finally you will be presented with a ’#’ prompt. The VPS is now waiting for your input. This is where you are able to install software and perform various other maintenance on the VPS.

Step 4: Update & Upgrade the VPS.

At the ’#’ prompt enter

apt-get update

apt-get upgrade

apt-get dist-upgrade

Step 5: Check if TUN is enabled.

Use the following one-liner to verify if TUN support is enabled on the Debian system. if using a VPS (Virtual Private Server), some virtualization layers such as vServers and OpenVZ require TUN to be enabled on/from the host machine.

At the ’#’ prompt enter

test ! -c /dev/net/tun && echo openvpn requires tun support

echo tun is available

Step 6: Install OpenVPN.

At the ’#’ prompt enter

apt-get install openvpn

Step 7: Set-up Easy-RSA.

At the ’#’ prompt enter

cp -prv /usr/share/doc/openvpn/examples/easy-rsa/2.0 /root/easy-rsa

cd /root/easy-rsa

cp vars{,.orig}

Step 8: Set-up default values in Easy-RSA.

At the ’#’ prompt enter

vim ./vars

You will now be running the vim program. Vim is a text editor.

Note: ’#’ in front of a line will cause that line to be ignored.

Make the ‘active’ lines look like this..

 KEY_SIZE=2048
 KEY_COUNTRY="AU"
 KEY_PROVINCE="AU"
 KEY_CITY="Canberra"
 KEY_ORG="The Streets"
 KEY_EMAIL="webmaster@whoeverwhereever.com"
 export them

Press Esc on your keyboard. Then press “:” then press ‘w’ (writes changes)

Press Esc on your keyboard. Then press “:” then press ‘q’ (quits)

At the ’#’ prompt enter

source ./vars

this deletes any previously created certificates

At the ’#’ prompt enter

./clean-all

Step 9: Generate the CA certificate.

At the ’#’ prompt enter

./build-ca

Step 10: Generate the server certificate.

At the ’#’ prompt enter

./build-key-server myvpn

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y

Step 11: Generate the Diffie-Hellman PEM certificate.

At the ’#’ prompt enter

./build-dh

Step 12: Generate client certificate.

At the ’#’ prompt enter

./build-key myvpn

Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y

Step 13: Generate (HMAC).

At the ’#’ prompt enter

openvpn --genkey --secret /root/easy-rsa/keys/ta.key

Step 14: Deploy the certificates.

Copy the required certificates to the particular machine/device (server or client)

The public ca.crt certificate is needed on all servers and clients

The private ca.key key is secret and only needed on the key generating machine

A server needs server.crt, dh2048.pem (public), server.key and ta.key (private)

A client needs client.crt (public), client.key and ta.key (private)

Step 15: Set-up certificates and keys on the server.

At the ’#’ prompt enter

mkdir -p /etc/openvpn/certs

cp -pv /root/easy-rsa/keys/{ca.{crt,key},myvpn.{crt,key},ta.key,dh2048.pem} /etc/openvpn/certs/

Step 16: Configure the OpenVPN server.

At the ’#’ prompt enter

cat > /etc/openvpn/server.conf

 port 1194
 proto udp
 dev tun
 ca /etc/openvpn/certs/ca.crt
 cert /etc/openvpn/certs/myvpn.crt
 key /etc/openvpn/certs/myvpn.key
 dh /etc/openvpn/certs/dh2048.pem
 tls-auth /etc/openvpn/certs/ta.key 0
 server 192.168.2.0 255.255.255.0
 ifconfig-pool-persist ipp.txt
 push "redirect-gateway def1 bypass-dhcp"
 push "dhcp-option DNS 8.8.8.8"
 push "dhcp-option DNS 8.8.4.4"
 client-to-client
 keepalive 1800 4000
 cipher DES-EDE3-CBC # Triple-DES
 comp-lzo
 max-clients 10
 user nobody
 group nogroup
 persist-key
 persist-tun
 log openvpn.log
 status openvpn-status.log
 verb 5
 mute 20

When finished.. Type CONTROL+Z

Step 17: Start the OpenVPN server.

At the ’#’ prompt enter

service openvpn restart

update-rc.d -f openvpn defaults

Step 18: Enable forwarding and set-up iptables.

At the ’#’ prompt enter

vim /etc/sysctl.conf

 :%s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/
 sysctl -p

set-up the following iptables rules

iptables -A INPUT -p udp -m state --state NEW -m udp --dport 1194 -j ACCEPT

iptables -A FORWARD -s 192.168.2.0/24 -j ACCEPT

iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE

Note: if using openvz/vservers you may need the following instead

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT --to-source <PUBLIC_VPN_IP>

iptables-save > /etc/iptables.rules

for persistent firewall rules you may want to use the iptables-persistent package or just set-up a simple script in /etc/network/if-pre-up.d/ which will load the rules in /etc/iptables.rules using iptables-restore

for example:

cat /etc/network/if-pre-up.d/iptables

  1. !/bin/bash test -e /etc/iptables.rules && iptables-restore -c /etc/iptables.rules

Step 19: Set-up OpenVPN client (on your VPS)

Deploy the generated certificates to the VPN client/device

Install OpenVPN client on the machine/device

Create the following client.conf configuration file

cat > /etc/openvpn/client.conf

 client
 remote <PUBLIC_VPN_IP>
 ca /home/d/confs/certs/vpn/ca.crt
 cert /home/d/confs/certs/vpn/blackhole.crt
 key /home/d/confs/certs/vpn/blackhole.key
 cipher DES-EDE3-CBC
 comp-lzo yes
 dev tun
 proto udp
 tls-auth /home/d/confs/certs/vpn/ta.key 1
 nobind
 auth-nocache
 script-security 2
 persist-key
 persist-tun
 user nobody
 group nogroup

CONTROL+Z (when finished)

Congratulations.. Your VPN on your VPS.. is now setup..

Step 20: Troubleshooting.

If you have any errors… like..

us=229735 myvpn4/78.156.78.132:15825 MULTI: bad source address from client [10.10.10.26], packet dropped

add following to server.conf

client-config-dir ccd

then run

mkdir /etc/openvpn/ccd

cat > /etc/openvpn/ccd/nexus4

iroute 10.10.10.0 255.255.255.0

finally restart openvpn with

service openvpn restart

Well that completes the installation and configuration of the server..

Now all you have to do is install and configure the Client on your Windows computer.

Add Comment

2013-07-01 VPS

Gosh where to start…

I have been setting up a couple of VPS’s out there again..

I have found http://www.lowendbox.com/ to be an invaluable resource.

I let my old VPS’s go.. One I simply wasn’t using.. Due to it being found mostly unreliable..

The other suffered a major data loss..

(my fault for not backing up my work.. again.. *sigh.. we do live and learn..)

Always so much to do on a fresh install.. Data backup needs to become a routine..

Anyway.. This time around we have..

http://au0.org - Centos 32

and

http://pchost.org - Centos 32

I have installed Kloxo on both servers. Both servers are now configured to handle unlimited domains via re-seller accounts.

I am thinking setting up an automated backup regime for the vps’s

I have been looking at:

http://www.lowendbox.com/blog/backupsy-5month-250gb-kvm-vps-with-custom-panel-in-4-locations/

for $5 a month (half normal price… sounds good to me..)

Add Comment

2010-08-30 VPS

What do you get when you sign up for a VPS?

After payment.. You should receive an EMAIL similar to this:

Hello XXXXX,

First and foremost, congratulations on your brand-new Linux-powered vps server. Your server has been successfully provisioned and secured by us.

Without further delay, we are pleased to present you with the information you need to access your new server.

Important Links:

  • Hostname: server.hostname.com
  • Main IP Address: 71.33.44.22
  • Username: root
  • Password: XXXXXXXX
  • SSH Port: 22

SolusVM Management Software:

If you are unsure about anything please feel free to open a support ticket and we will be happy to help you.

We recommend Putty as an SSH client to access your server using a command similar to: ssh root@71.33.44.22

Your Hosting Provider

The first thing you will want to do is login to your VPS Control Panel. Follow the instructions provided in the email you received. It will probably look something like this. Take notice of the various functions. You can do quite a bit from your VPS Control panel.
Next thing you will need the 'putty' client. You can download a copy of it for Windows HERE
Insert the IP number that was supplied by your email into the box provided.
Enter your username and password. ps -ael List of processing currently running on your VPS. Now your on your own. Hope you have Unix/Linux skills because your going to need em.

Add Comment

2010-08-28 VPS


Unmanaged OpenVZ VPS1


Monthly Bandwidth: 1,000GB
Protected Disk Space: 20GB
Monthly Fee: $5
CPU: 1.2GB
Guaranteed RAM: 512MB
Uplink/Downlink: 100Mbit

What can I say about Wayne & Katrenia at "Your Domain Goes Here" is that they really care about customer service.

Nowadays I find myself being constantly dissappointed at how companys operate. It's really nice to see people with a focus on customer satisfaction.

Anyone who knows me is aware that I have very little tolerance for poor customer service. But I will happily promote anyone who is prepared to go that extra step to make sure the customer is happy.

In this modern fast paced world. We tend to expect everything to run perfectly. Mostly it does. But occassionally it doesn't. Thats when you need people like Wayne and Katrenia working on your side.

So far they have saved me from lots of frustration on more than one occasion.

The VPS itself feels quite responsive. It is very fast updating via the default CentOS via yum. Downtime so far has been almost unnoticable. Everything works as it should.

I would recomend "Your Domain Goes Here" to anyone seeking VPS hosting. Especially to anyone doing an OpenVPS. Wayne has the TUN issue fully worked out. :)

See Also: VPS

Add Comment

2010-08-27 VPS

I was on twitter and I mentioned that I needed a bargain priced VPS with low specifications. Next thing @BigWetFish gets me to check this URL. Well, I checked the URL and saw some pretty good deals. In my case I was after the barest minimum nano tiny VPS I could operate with.

So I signed up for the VPS 1 deal (as instructed via email) and had it downgraded by the Big Wet Fish staff to:

VPS 1/2 (SuperMicro VPS) * CPU - Equal Share

  • Disk Space - 10GB
  • RAM - 64MB
  • Burstable RAM - 256MB
  • Monthly Bandwidth - 150GB
  • 100 Mbit Connection
  • No Cpanel Option
  • No setup fees
  • Choice of Linux OS
  • 1 Free IP address
  • SolusVM VPS Management Software

US $2.50 per month.

I think a great deal.. And get this.. Because I was only after an evaluation to determine my requirements. Big Wet Fish Hosting were so kind as to give me 1 months FREE trial!

(Don’t everyone expect that deal! I think it was a slow day or something.. You need to talk to them..)

I needed to setup OpenVPN. As a result it soon became obvious that TUN needed to be turned on by the hosting provider. (This is a common issue with VM VPS) However, Big Wet Fish responded to my email request for TUN to be activated rapidly.

The VPS seemed nimble and always responded well compared to a few other VPS’s I have used. Downtime was un-noticable during the evaluation. :)

In my case.. I was able to evaluate the specifications of the VPS in comparision to my requirements in a very short amount of time. Because of this.. I have no hesitation recomending Big Wet Fish Hosting to anyone who requires an unmanned VPS.

See Also: VPS

Add Comment














Bookmark this on Delicious

SEO-AU Links Best INFP Websites - Click here to Vote for this site!