Remote access in a country with heavy cencorship
https://lemdro.id/post/8372504
=> More informations about this toot | More toots from mfat@lemdro.id
@mfat@lemdro.id I would try an ssh tunnel... not the best solution (you need to configure it as a SOCKS proxy and specify ports, etc), but worth a try.
=> More informations about this toot | More toots from alvaro@social.graves.cl
It seems like this is the only solution. I’ll give it a go.
=> More informations about this toot | More toots from mfat@lemdro.id
Find a cheap hosting solution that provides a fixed IP address, then host your own VPN or proxy server there.
=> More informations about this toot | More toots from cloudless@lemmy.cafe
To add on to this answer:
If they’re blocking Wireguard/OpenVPN at the protocol level, there may not be anything you can do (running on a different port, etc).
If HTTPS works, between a cloud VPS and your home connection, you might be able to setup Nginx + VPN-WS on your cloud host to make a websocket-based VPN.
github.com/unbit/vpn-ws
I haven’t tried this, but it looks solid enough. Just make sure you configure Nginx correctly for authentication since it doesn’t do that on its own (intentionally since most web servers already have a solid authentication framework / plugin system).
=> More informations about this toot | More toots from ptz@dubvee.org
This is the case unfortunately. They are blocked as protocol level.
=> More informations about this toot | More toots from mfat@lemdro.id
Wireguard doesn’t obfuscate its traffic so non-standard ports may not help depending on how sophisticated the blocking is (they could recognize the protocol and block your traffic regardless of port).
=> More informations about this toot | More toots from atzanteol@sh.itjust.works
@mfat Depending on how they’re blocking VPNs (i.e. blocking specific ports, or allowing specific ports), you may be able to run one on a non-standard port. As an extreme example, you could run Wireguard on port 80 (HTTP), which is practically the last possible port that can ever be blocked on public internet.
=> More informations about this toot | More toots from ClickyMcTicker@hachyderm.io
No they are blessed at protocol level no matter which port you use.
=> More informations about this toot | More toots from mfat@lemdro.id
Sounds like your government is fairly strict on what you can do. I would suggest Tor but that may be illegal. I would be careful not to do anything that could jeopardize your safety.
=> More informations about this toot | More toots from possiblylinux127@lemmy.zip
Can you ssh out? You could setup a VPS somewhere and use remote port forwarding to tunnel back home.
You can even run ssh over an ssh tunnel for inceptiony goodness.
ssh --port 2222 homeuser@vps # From your remote system
=> More informations about this toot | More toots from atzanteol@sh.itjust.works
have you heard of sshuttle?
=> More informations about this toot | More toots from yournamehere@lemm.ee
Interesting - I had not. It was ages ago I was doing something like what I posted (well before that project ever got started) and it worked “well enough” for what I was doing at the time. Usually I’d run a SOCKS proxy on that second SSH line (-D 4444) and just point my browser at localhost:4444 to route everything home (or use foxyproxy to only route some traffic home).
Looks like sshuttle may have better performance though and provide similar functionality.
=> More informations about this toot | More toots from atzanteol@sh.itjust.works
Yes I can SSH to my US vps. I’ll give this a try thank you.
=> More informations about this toot | More toots from mfat@lemdro.id
SSH port forwarding is quite hand. You can have SSH setup a SOCKS proxy that you can use to send your browser traffic through the tunnel as well.
=> More informations about this toot | More toots from atzanteol@sh.itjust.works
Tor's obfs4 protocol is pretty difficult to block, and it has some other transports that are options if obfs4 is unusable in a heavy censorship regime. This page is a good overview of how to start; with the right transport and bridge setup it'll be extremely difficult for your ISP to prevent you having access.
You could make your home server a securely-accessed onion site and connect to a remote-access-via-web service you're running there. That part might be a little challenging (and this process overall may be overkill) but it'd be very challenging for them to block it, I think, so if you've tried some things and had no luck, that might be the way to do it.
Be careful obviously
=> More informations about this toot | More toots from mozz@mbin.grits.dev
Tour only works with Snowflake bridges and the speed is very low.
=> More informations about this toot | More toots from mfat@lemdro.id
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters
More Letters
HTTP
Hypertext Transfer Protocol, the Web
HTTPS
HTTP over SSL
IP
Internet Protocol
SSH
Secure Shell for remote terminal access
SSL
Secure Sockets Layer, for transparent encryption
VPN
Virtual Private Network
VPS
Virtual Private Server (opposed to shared hosting)
[Thread #725 for this sub, first seen 29th Apr 2024, 17:15]
[FAQ] [Full list] [Contact] [Source code]
=> More informations about this toot | More toots from Decronym@lemmy.decronym.xyz
Have you tried shadowsocks.org? I don’t have any experience with it, but heard it is good at masquerading your traffic and making it almost impossible for your ISP to block it
=> More informations about this toot | More toots from filister@lemmy.world
Shadowsocks is deprecated and doesn’t work anymore.
=> More informations about this toot | More toots from mfat@lemdro.id This content has been proxied by September (ba2dc).Proxy Information
text/gemini