Search found 24 matches

by blurb
Mon Jun 29, 2020 7:24 pm
Forum: member support & tech assistance
Topic: Cryptostorm network - news
Replies: 23
Views: 29270

Re: Cryptostorm network - news

So is the non functional token data base the reason why I still have acccess, even though I am pretty sure I bought a 3 month token?

That lockdown period has fucked my ability to judge timescales, and I smoke a bit too much pot - but still, it feels a long time since it locked me out (how i get reminded to buy another one!)
by blurb
Mon Jun 29, 2020 7:11 pm
Forum: member support & tech assistance
Topic: Cryptostorm network - news
Replies: 23
Views: 29270

Re: Cryptostorm network - news

AnonAsPossible wrote:
Fri Jun 05, 2020 12:51 am
So, has df returned yet? I'd guess any updates would be appreciated by ALL members.
Yeah, what Anon wrote.

I should probably keep in touch with the news - just found out. heh.
by blurb
Fri Aug 09, 2019 6:23 pm
Forum: general chat, suggestions, industry news
Topic: Mullvad coreboot
Replies: 1
Views: 1224

Mullvad coreboot

just read this, and was wondering if Daddy-who-looks-after-us would be willing to share thoughts.

Oh, sorry - df. :D Just interested in your perspective, got a mo'?

https://mullvad.net/ja/blog/2019/8/7/op ... re-future/
by blurb
Fri Feb 22, 2019 11:36 pm
Forum: general chat, suggestions, industry news
Topic: Forum theme
Replies: 1
Views: 2418

Forum theme

What happened to the colours? Too 'edgy'?

I quite liked it!
by blurb
Thu Nov 01, 2018 10:20 am
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 78
Views: 187355

Re: The CryptoStorm Speed Test Thread

@df

Yeah, I glossed over everything but the speed comparison there didn't I. Thanks for clarifying the privacy implications, and I agree there isn't any privacy if they chose for there not to be - the power is all with them.

I do find those $5 instances fun to play with though, when I just want to tinker with something for its own sake, and treat them as a 'crowded room', temporary and disposable - probably spend a dollar a month. If any of my vague ideas go anywhere I'll take a good look at using the more solid options you linked, nice one. I liked those prices.

You guys will continue to be the ones to keep the list of the sites my family visit off my ISP's logs, and by extension out of the hands of the ~50 organisations my government said can access them as they please. Not due to it being very interesting in and of itself, non of us would even blush, but due to fuck-them; the principal. I much prefer the attitude I've picked up from you guys so you'll be our quasi isp.
"Also, sometime soon we'll add Wireguard to all our servers."
:clap:

Yay. If you want the perspective of a mostly casual linux user who'll funnel 300gig/month of irritating youtube videos, xbox updates etc through it to beta test, I'd be more than willing to jump on early. I'm looking for an excuse to integrate it into my router and squeeze that last bit out of our connection.
by blurb
Tue Oct 30, 2018 2:11 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 78
Views: 187355

Re: The CryptoStorm Speed Test Thread

Question: Is a cheap vps set up using https://github.com/StreisandEffect/streisand faster than Cryptostorm? To make it a bit unfair, I'm connecting directly from my laptop and not the router.

Comparison is to my last post in this thread.

$ ./speedtest-cli
Retrieving speedtest.net configuration...
Testing from Linode (***.***.***.***)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by 23media GmbH (Frankfurt) [0.53 km]: 31.704 ms
Testing download speed.........................................................
Download: 34.58 Mbit/s
Testing upload speed...........................................................
Upload: 8.87 Mbit/s

Answer: Not really, no, not on my old laptop.


Just thought I'd share.
by blurb
Thu Oct 18, 2018 7:40 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

Well, my man, if my experience (once I got the fucker to work) is any encouragement to go through the hassle - on the same device it's feeling nice in terms of usage. As I showed on the speedtest thread, it's not lost any performance. Infact - but this might be my imagination - it feels slightly snappier.

...and from my deeply average nix user non-sysadmin view, wireguard is bloody lovely. Dead easy to set up, and being able to change ip and it just come back up all by itself without hickup is How It Should Be. I'm told doing it commercially and properly separating users could be a toughie, but where there's a will there's a way.

As for auditing...how complex is openvpn + openssl? I pity the fool who tried to go through their code.

All I want from my vpn provider is my ISP not logging our deeply boring ~300gigs worth of family traffic a month, and I like the fact that they block most marketing shit - on principal rather than need, we're not exactly challenging the status quo here, y'know? Having to deal with Ole Fathful, with it's 90's ways...oh man.

Soz for the waffle. I'm off work! Still, I'll stfu now :D
by blurb
Thu Oct 18, 2018 2:21 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

Ah, yeah, I misunderstood. Get ya now.

All I know is the lack of being able to connect to the England node (a goto for me) promted my upgrading to ecc. The config in my router that had worked for years became a pain in the arse. What you say rings true from my experience, but as we're the only two bitching about it...*shrug*

Also, I didn't even know the upgrade was coming - I thought my token had run out at first. That new blog is a good thing in countering ignorance of wtfs going on to my mind, gives a chance to catch on things (it's easy to miss tweets if, like me, you're not a big user of it).

Tangential moaning:

...I keep going to this, but fuck openvpn. I've been playing with wireguard for a couple of years now, and shadowsocks more recently (and I use mosh instead of ssh a lot of the time), and they're really making it look like an over-complex headfuck that breaks too easily. They just work, ovpn needs it's hand holding too much. All that bullshit in the user config, oh please. It feels so old fasioned now.
by blurb
Wed Oct 17, 2018 9:10 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

...that works-on-some-but-not-others confused me, y'know. Still does. I thought all the nodes were instances - identical in all ways.
by blurb
Wed Oct 17, 2018 8:45 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

@parityboy.



Hmmm. That's reminiscent of what I was experiencing before df held my hand yesterday, well, a stage of the recovery anyway. As we're on different OS's, I'll have to leave it to your interpretation, and I may be off; consider this brain storming, nothing as solid as direction.

I was in that same place when my config was a mix of old and new. Clearing out my old assumptions was key!

Even with compression turned off in the GUI, I needed compress in the extended options. Also, although I needed to set it to negotiate the connection within the gui, the directive cipher AES-256-GCM also needed to be in extended config. And using the GUI for that static key was a no go, it needed also to be in the extended config.

I *think* those were the steps that finally got things moving. I'm not familiar with PFS though (it's on a vm I've only poked at briefly), sorry mate.

ETA
Oh, and SHA512 as the Auth Digest. Which strikes me as a weird contradiction based upon reading about the new ways.

OpenVPN is too complicated.
by blurb
Wed Oct 17, 2018 5:08 pm
Forum: guides, HOWTOs & tutorials
Topic: HOW-TO: Tomato router setup
Replies: 19
Views: 41082

Re: HOW-TO: Tomato router setup

Ah, should have said if you've not updated in a while this might not work. It requires a certain level of OpenVPN/OpenSSL.

Details here in df's blog post -

https://cryptostorm.is/blog/new-features
by blurb
Wed Oct 17, 2018 5:00 pm
Forum: guides, HOWTOs & tutorials
Topic: HOW-TO: Tomato router setup
Replies: 19
Views: 41082

Re: HOW-TO: Tomato router setup

Here's how I've managed to get it to work with the new ECC connection. I'm sure there'll be tweaks and improvements (shout out if you know of any, dear reader), but it works and is stable on my router. The rest of this thread is bollocks now, and as I have time off work I'll set things strait.

You'll need JFFS turned on, and your hashed token/'password' in a file there as uber long strings can be too much for the GUI. Shout for help if that scares you (settings in Administration - JFFS).

Make sure to press save before moving to another tab or you'll loose your input.

Basic tab is as follows -

Image



Interface Type - TUN
Protocol - UDP
Server/Port - england.cstorm.is 5060 (or other node/address, but keep port)
Firewall - Automatic
Authorisation - TLS
leave username/password auth unchecked. We'll point to that shortly.
Extra HMAC.. - Disabled
Auth Digest - SHA512 ( :crazy: )
Create NAT - Checked.

Advanced tab

Image

Poll Interval - 0
Redirect Traffic- Checked
Accept DNS conf - Relaxed
Cipher Nego' - Enabled
Compression - Disabled
TLS Renego' - -1
Connect' Retry - -1
Verify Serv Cert- Unchecked

Now, in the Extended Configuration box add the following. The static key HAS to be here and not on the Keys page. Also, make sure you've put your token/pass in a file in JFFS and point at it here.

Code: Select all

resolv-retry 16
remote-cert-tls server
verb 4
mute 3
auth-nocache
compress
cipher AES-256-GCM
auth-user-pass /jffs/password
tls-version-max 1.2
dhcp-option DNS 10.31.33.7

<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
4875d729589689955012a2ee77f180ec
b815c4a336c719c11241a058dafaae00
806bbc21d5f1abad085341a3fca4b4f9
3949151c2979b4ee4390e8d9443acb00
61d537f1e9157e45f542c3648f563305
05f3eaff97ef82ee063b9d88bb9d5aa0
060428455b51a2a4fd929d9af4b94adc
b0a4acaa14ff62a9b0f4f9f0b3f01e71
fc98a6c60e8584f4deb3de793a5a7bc2
7014c9369f9724bc810ef0d191b30204
78eead725b3ae6aaef2e1030a197e417
421f159ed54eb2629afcfb337cf9a002
5bf1d5c0d820fffb219d0b4214043d2d
f27ed367b522945a5dadc748e2ca379e
3971789dbdf609b3d9bfe866361b28e3
c90589baa925157ad833093a5a7bede5
-----END OpenVPN Static key V1-----
</tls-crypt>
Keys

Grab the cert from a config here.
https://github.com/cryptostorm/cryptost ... master/ecc

Image

Paste it into the Certificate Authority box.


Press Start.
 ! Message from: parityboy
Cleaned up image links so that they are parsed correctly.
by blurb
Wed Oct 17, 2018 3:13 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: The CryptoStorm Speed Test Thread
Replies: 78
Views: 187355

Re: The CryptoStorm Speed Test Thread

Post upgrade 'ECC':

VPN connected to ASUS RT-AC68U ('FreshTomato' firmware) overclocked to 1200/800.
OpenVPN 2.4.6, OpenSSL 1.0.2p
Base connection is ~40 Mbits down, 10 Mbits up. VDSL.
Connected to closest exit node.

Test was conducted on an old (and much loved) thinkpad connected to router via ethernet. I'm not bothering with a wifi test, too many variables for it to mean much imho.

$ ./speedtest-cli
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Limited (5.101.149.4)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 14.871 ms
Testing download speed................................................................................
Download: 33.77 Mbit/s
Testing upload speed................................................................................................
Upload: 8.95 Mbit/s

$ ./speedtest-cli
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Limited (5.101.149.4)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 15.385 ms
Testing download speed................................................................................
Download: 34.43 Mbit/s
Testing upload speed................................................................................................
Upload: 8.93 Mbit/s

$ ./speedtest-cli
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Limited (5.101.149.4)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 15.958 ms
Testing download speed................................................................................
Download: 34.74 Mbit/s
Testing upload speed................................................................................................
Upload: 8.86 Mbit/s


I thought the new fancy ways would be a bit slower, but it seems not. :thumbup:
by blurb
Wed Oct 17, 2018 2:39 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

@parityboy

There's been some 'movement'. Works now, but seems to take a while to settle in.

From my perspective, browser traffic comes in quickly but using my preferred of ip checking takes a good minute before it stops doing this -

Code: Select all

$ whois $(curl ipinfo.io/ip)
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    12  100    12    0     0     77      0 --:--:-- --:--:-- --:--:--    77
connect: Network is unreachable
Slowly, slowly catchy monkey...I suppose.
by blurb
Wed Oct 17, 2018 3:16 am
Forum: member support & tech assistance
Topic: Freshtomato Firmware, ECC.
Replies: 3
Views: 7166

Re: Freshtomato Firmware, ECC.

Victory is mine!, of course with help from df.

Code: Select all

$ whois $(curl ipinfo.io/ip)                                                                                                                 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    16  100    16    0     0     27      0 --:--:-- --:--:-- --:--:--    27
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '185.212.169.0 - 185.212.169.255'

% Abuse contact for '185.212.169.0 - 185.212.169.255' is 'abuse@m247.ro'

inetnum:        185.212.169.0 - 185.212.169.255
netname:        M247-LTD-Copenhagen
descr:          M247 LTD Copenhagen Infrastructure
country:        DK
geoloc:         55.67 12.56
admin-c:        GBXS22-RIPE
tech-c:         GBXS22-RIPE
status:         LIR-PARTITIONED PA
mnt-by:         GLOBALAXS-MNT
remarks:        ---- LEGAL CONCERNS ----
remarks:        For any legal requests, please send an email to
remarks:        ro-legal@m24seven.com for a maximum 48hours response.
remarks:        ---- LEGAL CONCERNS----
created:        2017-07-12T14:48:56Z
last-modified:  2018-06-13T14:19:36Z
source:         RIPE

role:           GLOBALAXS COPENHAGEN NOC
address:        Industriparken 20A, 2750 Ballerup, Denmark
nic-hdl:        GBXS22-RIPE
mnt-by:         GLOBALAXS-MNT
created:        2017-06-07T04:59:05Z
last-modified:  2017-06-07T04:59:05Z
source:         RIPE # Filtered

% Information related to '185.212.169.0/24AS9009'

route:          185.212.169.0/24
origin:         AS9009
mnt-by:         GLOBALAXS-MNT
created:        2017-07-13T06:52:11Z
last-modified:  2017-07-13T06:52:11Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.92.6 (WAGYU)
Whois has never been so pretty. :clap:

I'll dump the proper set up in the Tomato thread( minus the self pity, woe and swearing) when I can bring myself to face an ovpn config again. :crazy:
by blurb
Wed Oct 17, 2018 2:27 am
Forum: member support & tech assistance
Topic: Freshtomato Firmware, ECC.
Replies: 3
Views: 7166

Re: Freshtomato Firmware, ECC.

FAO @df

Getting closer. With the static key in the extended config, explicitly setting AES-256-GCM, and comp-lzo too (was getting an "write to TUN/TAP : Invalid argument (code=22)" error that a search revealed to be a bug which recommended that as a work around), it's getting as far as pulling in the DNS...but still no cigar. No ping from laptop or router direct...still, feels like progress.

Here's the logs for me to pester you with. My hopelessness is lifting a little.

Code: Select all

Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: OpenVPN STATISTICS
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: Updated,Tue Oct 16 23:12:27 2018
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: TUN/TAP read bytes,0
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: TUN/TAP write bytes,0
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: TCP/UDP read bytes,3211
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: TCP/UDP write bytes,1375
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: Auth read bytes,0
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: pre-compress bytes,0
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: post-compress bytes,0
Oct 16 23:12:27 unknown daemon.notice openvpn[13485]: pre-decompress bytes,0
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: SENT CONTROL [cryptostorm server]: 'PUSH_REQUEST' (status=1)
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: PUSH: Received control message: 'PUSH_REPLY,persist-key,persist-tun,redirect-gateway def1,dhcp-option DNS 185.212.169.139,route-gateway 10.66.2.1,topology subnet,ping 20,ping-restart 60,ifconfig 10.66.2.10 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: OPTIONS IMPORT: timers and/or timeouts modified
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: NOTE: --mute triggered...
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: 8 variation(s) on previous 3 message(s) suppressed by --mute
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: Data Channel MTU parms [ L:1553 D:1450 EF:53 EB:406 ET:0 EL:3 ]
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: TUN/TAP device tun12 opened
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: TUN/TAP TX queue length set to 100
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: /sbin/ifconfig tun12 10.66.2.10 netmask 255.255.255.0 mtu 1500 broadcast 10.66.2.255
Oct 16 23:12:31 unknown daemon.notice openvpn[13485]: updown.sh tun12 1500 1553 10.66.2.10 255.255.255.0 init
Oct 16 23:12:31 unknown daemon.info dnsmasq[13399]: exiting on receipt of SIGTERM
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: started, version 2.80test6 cachesize 4096
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset Tomato-helper no-auth DNSSEC no-ID loop-detect inotify no-dumpfile
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: asynchronous logging enabled, queue limit is 5 messages
Oct 16 23:12:32 unknown daemon.info dnsmasq-dhcp[13619]: DHCP, IP range 192.168.1.2 -- 192.168.1.51, lease time 1d
Oct 16 23:12:32 unknown daemon.notice openvpn[13485]: /sbin/route add -net 185.212.169.142 netmask 255.255.255.255 gw 195.166.130.255
Oct 16 23:12:32 unknown daemon.notice openvpn[13485]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.66.2.1
Oct 16 23:12:32 unknown daemon.notice openvpn[13485]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.66.2.1
Oct 16 23:12:32 unknown daemon.notice openvpn[13485]: Initialization Sequence Completed
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: reading /etc/resolv.dnsmasq
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: using nameserver 10.31.33.7#53
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: using nameserver 185.212.169.139#53
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: using nameserver ***.***.***.***#53
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: using nameserver ***.***.***.***#53
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: read /etc/hosts - 2 addresses
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: read /etc/dnsmasq/hosts - 5 addresses
Oct 16 23:12:32 unknown daemon.info dnsmasq[13619]: read /etc/dnsmasq/dhcp-hosts - 0 addresses
Oct 16 23:12:32 unknown daemon.info dnsmasq-dhcp[13619]: read /etc/dnsmasq/hosts
Oct 16 23:12:32 unknown daemon.info dnsmasq-dhcp[13619]: read /etc/dnsmasq/dhcp-hosts
For good measure, here's the extended conf as it stands...(WORK IN PROGRESS, DO NOT COPY FELLOW TOMATO USERS)

Code: Select all

resolv-retry 16
remote-cert-tls server
verb 4
mute 3
auth-nocache
comp-lzo
cipher AES-256-GCM
auth-user-pass /jffs/password.txt
tls-version-max 1.2
dhcp-option DNS 10.31.33.7

<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
4875d729589689955012a2ee77f180ec
b815c4a336c719c11241a058dafaae00
806bbc21d5f1abad085341a3fca4b4f9
3949151c2979b4ee4390e8d9443acb00
61d537f1e9157e45f542c3648f563305
05f3eaff97ef82ee063b9d88bb9d5aa0
060428455b51a2a4fd929d9af4b94adc
b0a4acaa14ff62a9b0f4f9f0b3f01e71
fc98a6c60e8584f4deb3de793a5a7bc2
7014c9369f9724bc810ef0d191b30204
78eead725b3ae6aaef2e1030a197e417
421f159ed54eb2629afcfb337cf9a002
5bf1d5c0d820fffb219d0b4214043d2d
f27ed367b522945a5dadc748e2ca379e
3971789dbdf609b3d9bfe866361b28e3
c90589baa925157ad833093a5a7bede5
-----END OpenVPN Static key V1-----
</tls-crypt>
by blurb
Wed Oct 17, 2018 12:30 am
Forum: member support & tech assistance
Topic: Freshtomato Firmware, ECC.
Replies: 3
Views: 7166

Re: Freshtomato Firmware, ECC.

Got to say, this upgrade has ruined my experience of Cryptostorm after an easy 4 years of it just ticking away almost without fault :/ I have tried so many combinations without any luck today. I just don't know what the fuck to do to make it work.

*deep breath*.

Here is my current broken config as it appears in the gui, another failed attempt to translate from this file:-
https://github.com/cryptostorm/cryptost ... k_UDP.ovpn

Basic -
[url=https:///]Image[/url] image host

Advanced -
[url=https:///]Image[/url] free image host

(for good measure) Keys.
[url=https:///]Image[/url] free image upload

Here's the log on trying to start it.

Code: Select all

Oct 16 21:24:02 unknown daemon.notice openvpn[8385]: Current Parameter Settings:
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]:   config = 'config.ovpn'
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]:   mode = 0
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]: NOTE: --mute triggered...
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]: 227 variation(s) on previous 3 message(s) suppressed by --mute
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]: OpenVPN 2.4.6 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Sep 10 2018
Oct 16 21:24:02 unknown daemon.notice openvpn[8385]: library versions: OpenSSL 1.0.2p  14 Aug 2018, LZO 2.10
Oct 16 21:24:02 unknown daemon.warn openvpn[8389]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Outgoing Control Channel Authentication: Using 384 bit message hash 'SHA384' for HMAC authentication
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Incoming Control Channel Authentication: Using 384 bit message hash 'SHA384' for HMAC authentication
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1585,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA384,keysize 256,tls-auth,key-method 2,tls-client'
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1585,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA384,keysize 256,tls-auth,key-method 2,tls-server'
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: TCP/UDP: Preserving recently used remote address: [AF_INET]185.212.169.142:5060
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: Socket Buffers: R=[120832->120832] S=[120832->120832]
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: UDP link local: (not bound)
Oct 16 21:24:02 unknown daemon.notice openvpn[8389]: UDP link remote: [AF_INET]185.212.169.142:5060
Oct 16 21:24:03 unknown user.notice vpnrouting[8390][tun12]: Clean-up
Oct 16 21:24:07 unknown daemon.err openvpn[8389]: event_wait : Interrupted system call (code=4)
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: OpenVPN STATISTICS
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: Updated,Tue Oct 16 21:24:07 2018
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: TUN/TAP read bytes,0
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: TUN/TAP write bytes,0
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: TCP/UDP read bytes,0
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: TCP/UDP write bytes,140
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: Auth read bytes,0
Oct 16 21:24:07 unknown daemon.notice openvpn[8389]: END
Oct 16 21:25:02 unknown daemon.err openvpn[8389]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Oct 16 21:25:02 unknown daemon.err openvpn[8389]: TLS Error: TLS handshake failed
Oct 16 21:25:02 unknown daemon.notice openvpn[8389]: TCP/UDP: Closing socket
Oct 16 21:25:02 unknown daemon.notice openvpn[8389]: SIGUSR1[soft,tls-error] received, process restarting
Oct 16 21:25:02 unknown daemon.notice openvpn[8389]: Restart pause, 5 second(s)

I throw myself at your collect feet. Save me! How do I make that fucking handshake work? My network connectivity is fine, just way too bareback for my liking.
by blurb
Tue Oct 16, 2018 10:14 pm
Forum: member support & tech assistance
Topic: [Exits] England Node Not Passing Any Traffic
Replies: 16
Views: 19028

Re: [Exits] England Node Not Passing Any Traffic

I was struggling with that, Denmark was fine but England nothing.
by blurb
Tue Oct 16, 2018 9:41 pm
Forum: member support & tech assistance
Topic: Freshtomato Firmware, ECC.
Replies: 3
Views: 7166

Freshtomato Firmware, ECC.

Has anyone set up their Tomato router to work properly since the upgrade, to work with ECC? If so, could you please share the setup?

Kille72 'Freshtomato' 2018.4

Code: Select all

# uname -a
Linux unknown 2.6.36.4brcmarm #2 SMP PREEMPT Mon Sep 10 22:01:30 CEST 2018 armv7l Tomato


# openssl version && openvpn --version

[b]OpenSSL 1.0.2p[/b]  14 Aug 2018
[b]OpenVPN 2.4.6[/b] arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Sep 10 2018
library versions: OpenSSL 1.0.2p  14 Aug 2018, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=no enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=yes enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=no enable_plugin_down_root=no enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_werror=no enable_win32_dll=yes enable_x509_alt_username=no with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir=/lib with_sysroot=no


I'd upload PrtSc's of my set up, but it's a faff - so am trying the direct and mindless question first. Truth be told, I'm completely pissed off with it. I fucking hate openvpn. It's too fucking complicated. Bring on wireguard, can't come soon enough.
by blurb
Fri Sep 28, 2018 9:09 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: Speeds
Replies: 12
Views: 29576

Re: Speeds

@parityboy

That's the router :) (laptop connected via ethernet). Over-clocked as mentioned, and running Tomato (Kille72 fork).

It's been running over clocked for a few years now without issue. When the kids are here it's continuously pushed as hard as it will go and is steady as a rock.
by blurb
Tue Sep 25, 2018 2:36 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: Speeds
Replies: 12
Views: 29576

Re: Speeds

parityboy wrote:
blurb wrote:
bentbanana223 wrote:I'm using it to test speeds, and since I torrent a fair bit I'm wondering why it's only getting really poor speeds at times, and if that would carry on with an actual token.

Also I have tested with qBittorent and the speeds were the same.
Torrents (well seeded ones) download as fast as the processor on my router allows. They aren't throttled or anything.
A good test is to download a copy of Linux Mint via BitTorrent from here. :)
Now that was satisfying, you're not wrong!

Consistently over 4MB/s (4.25 peak) on a Asus AC68U (over clocked to 1200 MHz) on a 40Mbit connection. I don't see that often!
by blurb
Thu Sep 13, 2018 2:33 am
Forum: cryptofree: no-cost cryptostorm network access
Topic: Speeds
Replies: 12
Views: 29576

Re: Speeds

bentbanana223 wrote:I'm using it to test speeds, and since I torrent a fair bit I'm wondering why it's only getting really poor speeds at times, and if that would carry on with an actual token.

Also I have tested with qBittorent and the speeds were the same.
Torrents (well seeded ones) download as fast as the processor on my router allows. They aren't throttled or anything.
by blurb
Fri Dec 29, 2017 5:11 pm
Forum: member support & tech assistance
Topic: Slow connection? UK servers
Replies: 5
Views: 7557

Re: Slow connection? UK servers

..on testing it. 16-18Mb/s wifi and 18-26Mb/s ethernet.

Have some output, if you like -

Wifi -

Code: Select all

*:~$ ./speedtest-cli                                                                                                                                                                        
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Warwicknet Ltd. (Coventry) [18.27 km]: 43.135 ms
Testing download speed................................................................................
Download: 16.43 Mbit/s
Testing upload speed................................................................................................
Upload: 7.03 Mbit/s

*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 43.031 ms
Testing download speed................................................................................
Download: 18.63 Mbit/s
Testing upload speed...............................................................................................
.Upload: 10.95 Mbit/s
*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Etheroute Ltd (Studley) [45.02 km]: 29.633 ms
Testing download speed................................................................................
Download: 18.64 Mbit/s
Testing upload speed................................................................................................
Upload: 15.44 Mbit/s
*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 33.606 ms
Testing download speed................................................................................
Ethernet

Code: Select all

*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Etheroute Ltd (Studley) [45.02 km]: 29.633 ms
Testing download speed................................................................................
Download: 18.64 Mbit/s
Testing upload speed................................................................................................
Upload: 15.44 Mbit/s
*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Uno (Milton Keynes) [49.22 km]: 33.606 ms
Testing download speed................................................................................
Download: 26.51 Mbit/s
Testing upload speed................................................................................................
Upload: 6.76 Mbit/s
*:~$ ./speedtest-cli 
Retrieving speedtest.net configuration...
Testing from UK Dedicated Servers Ltd (5.101.137.252)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Etheroute Ltd (Studley) [45.02 km]: 31.064 ms
Testing download speed................................................................................
Download: 23.35 Mbit/s
Testing upload speed................................................................................................
Upload: 6.87 Mbit/s
by blurb
Fri Dec 29, 2017 4:50 pm
Forum: member support & tech assistance
Topic: Slow connection? UK servers
Replies: 5
Views: 7557

Re: Slow connection? UK servers

Can be, depends upon which device is doing the 'work'/whether over wifi etc. That ping looks familiar to me when connected.

I've a steady 40mb 'bare' connection, and connect through a router. On wifi via my laptop best I can expect is about 22-25MB/s, but via ethernet get around 33Mb/s. How I test that speed has a influence, too. Speedtest.net will show it as being slower than command line tools such as speedtest-cli or when using scp or whatever.

If stuff works I tend not to worry much.