Silk Road forums
Discussion => Security => Topic started by: MrJoshua on September 02, 2013, 11:33 pm
-
How do I connect to a VPN using TAILS?
Normally in Windows, I open the OS and run the VPNs software that I previously downloaded. Since TAILS wipes all data, how do I interface with the VPNs software? Do I have to re-download and install the software each time? Is this even possible in TAILS?
-
How do I connect to a VPN using TAILS?
I don't believe that's recommended. You might wish to ask the Tails people what they think.
Normally in Windows, I open the OS and run the VPNs software that I previously downloaded. Since TAILS wipes all data, how do I interface with the VPNs software? Do I have to re-download and install the software each time? Is this even possible in TAILS?
You do realize that Tails is based on Linux, do you not? As a general rule, you cannot run Windows software on Linux (at least not without jumping through any number of hoops.)
Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia .onion keyserver)
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07 B66B AFC8 CE71 D9AF D2F0
-
You do realize that Tails is based on Linux, do you not? As a general rule, you cannot run Windows software on Linux (at least not without jumping through any number of hoops.)
Yeah, I was just using that as an analogy.
Lots of posts are talking about using VPNs now and TAILS seems to be a favored operating system, so my question is, how do you install and run a VPN software program with TAILS operating system? In Windows you just open the OS and download the VPN software and run that, but how is it done with TAILS.
-
You do realize that Tails is based on Linux, do you not? As a general rule, you cannot run Windows software on Linux (at least not without jumping through any number of hoops.)
Yeah, I was just using that as an analogy.
Lots of posts are talking about using VPNs now and TAILS seems to be a favored operating system, so my question is, how do you install and run a VPN software program with TAILS operating system? In Windows you just open the OS and download the VPN software and run that, but how is it done with TAILS.
Like I said it's not recommended. Here it is straight out of the horse's mouth:
Q: Is it possible to use Tails OS to connect to a VPN instead of Tor? There are times I need faster speeds. I understand it will lose some security.
A: It's a very fundamental assumption of Tails to force all outgoing traffic to anonymity networks such as Tor. I don't think we want to provide ways of going around this since it would possibly compromise the security of all Tails users.
If you want to use OpenVPN with a live distro and without Tor I bet you can use any Debian or Ubuntu derivative and install OpenVPN from it.
Comment by Tails — Fri 01 Jul 2011 11:17:36 AM CEST
Source: https://tails.boum.org/forum/Possible_to_connect_to_VPN_instead_of_Tor__63__/
Also see the discussions at: https://tails.boum.org/forum/Tor_with_VPN/#comment-ccfa0e5cd004824bda5e9096f92a1c26
Tor with VPN
Q: If I connect to a VPN via the host machine and run a Tails VM are there problems with this scenario? From my understanding the TOR entry and exit nodes will see the VPN IP?
Also are the message contents still encrypted by TOR once they enter the VPN? That is while the VPN sees the IP of the TOR exit node, the contents are still TOR encrypted in the last
hop to the TOR VM.
If I connect to a VPN via the host machine and run a Tails VM are there problems with this scenario?
A: Not really, but this depends on what you mean with "problems". Your VPN provider will learn your Tor entries (and hence your entry guards) and in general have the same power as your
ISP normally has over you. Hence make sure you trust your VPN provider at least as much as your ISP.
From my understanding the TOR entry and exit nodes will see the VPN IP?
A: That is incorrect:
The VPN provider will know the IP addresses of your computer and your Tor entry node.
The Tor entry node will know the IP addresses of your VPN provider and your middle node.
The Tor middle node will know the IP addresses of your Tor entry and exit node.
The Tor exit node will know the IP addresses of your middle node and final destination.
Hence no one but you know the entry and exit.
Adding a VPN into the mix changes nothing from Tor's side; if the exit would be able to see your VPN provider's IP address it would be able to see you IP address when not using Tor, so there would be no anonymity. Luckily this is not the case.
Q: Also are the message contents still encrypted by TOR once they enter the VPN?
Yes. The VPN encryption is removed at the VPN provider, and the last (third) layer of Tor's encryption is removed at the Tor exit.
That is while the VPN sees the IP of the TOR exit node, the contents are still TOR encrypted in the last hop to the TOR VM.
Your VPN provider will know nothing about your Tor exit.
Comment by Tails — Thu 01 Mar 2012 10:45:42 AM CET
Comments on this page are closed.
Last edited Mon 15 Apr 2013 09:45:57 PM CEST
Hope this answers your question.
Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia .onion keyserver)
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090 (Silk Road Forums PGP Key Link)
PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07 B66B AFC8 CE71 D9AF D2F0
-
Okay then, I guess that settles it. Thanks.
-
You can't install OpenVPN on Tails directly. I mean you can, but Tails uses a weird networking configuration that might now allow it to work, and you'd have to reinstall it after each reboot. The best option is to install OpenVPN on a router that supports it (generally a router with DD-WRT and at least 32 MB of RAM), so your connection goes Tails -> router -> VPN -> tor network.
-
You can't install OpenVPN on Tails directly. I mean you can, but Tails uses a weird networking configuration that might now allow it to work, and you'd have to reinstall it after each reboot. The best option is to install OpenVPN on a router that supports it (generally a router with DD-WRT and at least 32 MB of RAM), so your connection goes Tails -> router -> VPN -> tor network.
That's actually the ideal solution, as doing that will force everything through the VPN, neatly defeating any malware that tries to do an end-run around the computer's network stack.
Nightcrawler
4096R/BBF7433B 2012-09-22 Nightcrawler <Nightcrawler@SR>
PGP Key: http://qtt2yl5jocgrk7nu.onion/pks/lookup?op=get&search=0xB8F1D88EBBF7433B (IndyMedia .onion keyserver)
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090 (Silk Road Forums PGP Key Link)
PGP Key Fingerprint = 83F8 CAF8 7B73 C3C7 8D07 B66B AFC8 CE71 D9AF D2F0
-
You can't install OpenVPN on Tails directly. I mean you can, but Tails uses a weird networking configuration that might now allow it to work, and you'd have to reinstall it after each reboot. The best option is to install OpenVPN on a router that supports it (generally a router with DD-WRT and at least 32 MB of RAM), so your connection goes Tails -> router -> VPN -> tor network.
That's actually the ideal solution, as doing that will force everything through the VPN, neatly defeating any malware that tries to do an end-run around the computer's network stack.
This sounds like the droid I've been looking for.
I just checked dd-wrt's router database and mine is supported, so it's off to the races. God damn I love it in here. I spent a week looking on the web for this exact solution and found nothing but lies and heartbreak.
Karma all around gentlemen!
-
The best option is to install OpenVPN on a router that supports it (generally a router with DD-WRT and at least 32 MB of RAM), so your connection goes Tails -> router -> VPN -> tor network.
So my router only had 16MB ram so I ordered the new Buffalo router with DD-WRT pre-installed.
After reading your other posts though astor, you seem to prefer Whonix to Tails. I got an old PC running Whonix and I like it. Can I do this same config with Whonix? So, Whonix > router > VPN > tor network? Would this still be consided the "best option"?
-
@MrJoshua
Yes. It will send the Tor traffic through the VPN. Doesn't matter if the VPN client runs on the router or computer. You may also want to slowly download torrents through the VPN (but not through Tor), to obfuscate even more what you're doing.