Skip to Main Content

The AnonyBox – How To

pogoplugpro

 

ADVERTISEMENT:

In my previous post, I explained that I had turned a PogoPlug E02 into a stand-alone network device that allows me to easily anonymize online activity.  The AnonyBox connects to an anonymous VPN service(privateinternetaccess.com, in my case), and presents a SOCKS & HTTP proxy to the machines on my network.

In this post, I’ll explain how to set up your own privacy protecting AnonyBox.

ABSTRACT (For those who know what they’re doing)

  1. Install Arch Linux ARM on PogoPlug
  2. Install & Configure Squid and Dante proxies
  3. Install, Configure, & Script OpenVPN

Section 1: Install Arch Linux

I am not going to attempt to cover the basic installation of Arch on the Pogoplug E02.  Simply follow the instructions here.  Double-check your model number, as other models require different instructions.

once you have booted into a functioning copy of Arch, be sure to set up OpenNTPD, to set the clock to the correct time on boot, update the package manager, and install the unzip utility:

systemctl enable openntpd
systemctl start openntpd
pacman -Syu
pacman -S unzip

Section 2: Install & Configure Proxies

First we need to install the Squid and Dante packages:

pacman -S squid dante

Squid is all set at this point, but Dante needs a little configuration.  Open the Config file for Dante with this command:

nano /etc/sockd.conf

Then, replace the contents with the following script:

logoutput: syslog

#this allows connections from any computer on this side of the tunnel
internal: eth0 port = 1080
internal: 127.0.0.1 port = 1080

#this is the openvpn interface
external: tun0

#no login necessary (behind firewall/router)
method: username none
user.notprivileged: nobody

#local computers can use this as a proxy to anything
client pass {
  from: 192.168.0.0/16 port 1-65535 to: 0.0.0.0/0
}

client pass {
  from: 127.0.0.0/8 port 1-65535 to: 0.0.0.0/0
}

client block {
  from: 0.0.0.0/0 to: 0.0.0.0/0
  log: connect error
}

pass {
  from: 192.168.0.0/16 to: 0.0.0.0/0
  protocol: tcp udp
}

pass {
  from: 127.0.0.0/8 to: 0.0.0.0/0
  protocol: tcp udp
}

block {
  from: 0.0.0.0/0 to: 0.0.0.0/0
  log: connect error
}

Step 3: Configuring OpenVPN (it’s a doozie)

Now we are ready to install the OpenVPN package:

pacman -S openvpn

Next we’ll need to get the certificate and configuration files for our VPN host.  These steps are written for the host PrivateInteretAccess, but should be able to be modified easily to work with other hosts.  These commands will create the necessary config files in the /etc/openvpn directory:

cd /root
wget https://www.privateinternetaccess.com/openvpn/openvpn.zip
unzip openvpn.zip
cp ca.crt /etc/openvpn/ca.crt
cp "YOUR REGION.ovpn" /etc/openvpn/config.conf

Now, we’ll need to create our authentication file:

nano /etc/openvpn/auth.txt

The contents of the file are just two lines.  the first is your username, and the second is your password.  Do not add anything else.

ADVERTISEMENT:

Then, we need to create the script to run on successful connection:

nano /etc/openvpn/up.sh

The contents of the script should be:

#!/bin/bash -e
echo none > /sys/class/leds/status\:blue\:health/trigger
echo default-on > /sys/class/leds/status\:green\:health/trigger
systemctl start sockd
systemctl start squid

And the script to run on if the vpn connection is lost:

nano /etc/openvpn/down.sh

The contents of the script should be:

#!/bin/bash -e
echo none > /sys/class/leds/status\:green\:health/trigger
echo default-on > /sys/class/leds/status\:blue\:health/trigger
systemctl stop sockd
systemctl stop squid

Then we need to modify the configuration file:

nano /etc/openvpn/config.conf

Change the line “ca ca.crt” to:

ca /etc/openvpn/ca.crt

Change the line “auth-user-pass” to:

auth-user-pass /etc/openvpn/auth.txt

And add our new scripts at the end:

script-security 2
# run /etc/openvpn/up.sh when the connection is set up
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh

Now we set permissions for these new files:

chmod +x /etc/openvpn/config.conf
chmod +x /etc/openvpn/up.sh
chmod +x /etc/openvpn/down.sh

Finally, we just need to set OpenVPN to start on boot:

systemctl enable [email protected]
systemctl start [email protected]

and reboot:

reboot

Voila!  Your own Anonymizing VPN Proxy, or AnonyBox for short.  The HTTP proxy is accessed through port 3128, and the SOCKS proxy is on port 1080.  The LED on your AnonyBox shows the status of your VPN.  Green is safe and yellow means that you’ve lost your VPN connection.  For safety, when the VPN goes down, you will also lose access to the proxies.

UPDATE: Be sure to update your DNS and Proxy Client settings to protect your DNS requests. See This Post for details.

Have fun, and be safe online.

29 Comments

    • gschoppe's profile image.

      It depends on the program. In the case of Google Chrome, install the “Proxy Switchy!” add-on and configure it for either HTTP or SOCKS Proxy. That will give you a one click option to enable or disable Anonymous access. There are similar add-ons for Firefox, like FoxyProxy.

      For most bittorrent clients, there is a Proxy option in the connection settings.

      When setting up the proxy, there are two options:

      Squid (HTTP): for HTTP traffic like web-surfing and optionally torrent trackers.
      IP: local ip of your AnonyBox
      Port: 3128

      Dante (SOCKS): for other traffic, such as Bittorrent (the preferred option, in programs that support it)
      IP: local ip of your AnonyBox
      Port: 1080

      To route all traffic on a machine through the proxy, you can use Sshuttle to use an SSH connection to the AnonyBox as an encrypted tunnel for all traffic.

        • Dave's profile image.

          I can’t get this connect! 0_o

          In /etc/openvpn/auth.txt, I am logged with the root user, should I be using my root user creds here?

          • Dave's profile image.

            I got it to connect. W00t! Green light on the pogo! W00t! When I setup ProxySwitchy (HTTP manual configuration) or the like to connect to the Pogo at 192.168.1.30:3128, it will connect and disconnect with a few seconds or not connect at all. Anything I am doing wrong?

            Thanks again for this guide – it is super clear.

    • Odin's profile image.

      Cannot seem to get this to work, thought I followed the guide, but get the following:
      [root@eyez openvpn]# systemctl start [email protected]
      Job for [email protected] failed. See ‘systemctl status [email protected]‘ and ‘journalctl -xn’ for details.
      [root@eyez openvpn]# systemctl status [email protected]
      [email protected] – OpenVPN connection to config
      Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled)
      Active: failed (Result: exit-code) since Sun 2014-06-15 23:13:01 CDT; 9s ago
      Process: 29440 ExecStart=/usr/bin/openvpn –cd /etc/openvpn –config /etc/openvpn/%i.conf –daemon openvpn@%i –writepid /run/openvpn@%i.pid (code=exited, status=1/FAILURE)

      Jun 15 23:13:01 eyez systemd[1]: [email protected]: control process exited, code=exited status=1
      Jun 15 23:13:01 eyez systemd[1]: Failed to start OpenVPN connection to config.
      Jun 15 23:13:01 eyez systemd[1]: Unit [email protected] entered failed state.
      [root@eyez openvpn]# journalctl -xn
      — Logs begin at Wed 1969-12-31 18:00:07 CST, end at Sun 2014-06-15 23:13:01 CDT. —
      Jun 15 23:06:33 eyez systemd[1]: Unit [email protected] entered failed state.
      Jun 15 23:07:18 eyez systemd[1]: Starting Cleanup of Temporary Directories…
      — Subject: Unit systemd-tmpfiles-clean.service has begun with start-up
      — Defined-By: systemd
      — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      — Unit systemd-tmpfiles-clean.service has begun starting up.
      Jun 15 23:07:18 eyez systemd[1]: Started Cleanup of Temporary Directories.
      — Subject: Unit systemd-tmpfiles-clean.service has finished start-up
      — Defined-By: systemd
      — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      — Unit systemd-tmpfiles-clean.service has finished starting up.

      — The start-up result is done.
      Jun 15 23:13:01 eyez systemd[1]: Starting OpenVPN connection to config…
      — Subject: Unit [email protected] has begun with start-up
      — Defined-By: systemd
      — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      — Unit [email protected] has begun starting up.
      Jun 15 23:13:01 eyez systemd[1]: [email protected]: control process exited, code=exited status=1
      Jun 15 23:13:01 eyez systemd[1]: Failed to start OpenVPN connection to config.
      — Subject: Unit [email protected] has failed
      — Defined-By: systemd
      — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      — Unit [email protected] has failed.

      — The result is failed.
      Jun 15 23:13:01 eyez systemd[1]: Unit [email protected] entered failed state.
      Jun 15 23:13:01 eyez openvpn@config[29440]: Options error: –crl-verify fails with ‘crl.pem’: No such file or directory
      Jun 15 23:13:01 eyez openvpn@config[29440]: Options error: Please correct these errors.
      Jun 15 23:13:01 eyez openvpn@config[29440]: Use –help for more information.
      [root@eyez openvpn]# date
      Sun Jun 15 23:13:40 CDT 2014
      [root@eyez openvpn]#

      Any help appreciated!

      • Odin's profile image.

        Found out that the “crl.pem” file was missing, so I added it with “cp crl.pem /etc/openvpn/crl.pem”, now I get the following:
        [root@eyez ~]# systemctl status [email protected]
        [email protected] – OpenVPN connection to config
        Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled)
        Active: failed (Result: exit-code) since Sun 2014-06-15 23:28:14 CDT; 1s ago
        Process: 313 ExecStart=/usr/bin/openvpn –cd /etc/openvpn –config /etc/openvpn/%i.conf –daemon openvpn@%i –writepid /run/openvpn@%i.pid (code=exited, status=0/SUCCESS)
        Main PID: 314 (code=exited, status=1/FAILURE)

        Jun 15 23:28:12 eyez openvpn@config[314]: [Private Internet Access] Peer Connection Initiated with [AF_INET]50.97.94.28:1194
        Jun 15 23:28:14 eyez openvpn@config[314]: TUN/TAP device tun0 opened
        Jun 15 23:28:14 eyez openvpn@config[314]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
        Jun 15 23:28:14 eyez openvpn@config[314]: /usr/bin/ip link set dev tun0 up mtu 1500
        Jun 15 23:28:14 eyez openvpn@config[314]: /usr/bin/ip addr add dev tun0 local 10.194.1.6 peer 10.194.1.5
        Jun 15 23:28:14 eyez openvpn@config[314]: /etc/openvpn/up.sh tun0 1500 1542 10.194.1.6 10.194.1.5 init
        Jun 15 23:28:14 eyez openvpn@config[314]: WARNING: Failed running command (–up/–down): external program exited with error status: 1
        Jun 15 23:28:14 eyez openvpn@config[314]: Exiting due to fatal error
        Jun 15 23:28:14 eyez systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
        Jun 15 23:28:15 eyez systemd[1]: Unit [email protected] entered failed state.
        [root@eyez ~]# journalctl -xn
        — Logs begin at Wed 1969-12-31 18:00:07 CST, end at Sun 2014-06-15 23:28:15 CDT. —
        Jun 15 23:28:12 eyez openvpn@config[314]: [Private Internet Access] Peer Connection Initiated with [AF_INET]50.97.94.28:1194
        Jun 15 23:28:14 eyez openvpn@config[314]: TUN/TAP device tun0 opened
        Jun 15 23:28:14 eyez openvpn@config[314]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
        Jun 15 23:28:14 eyez openvpn@config[314]: /usr/bin/ip link set dev tun0 up mtu 1500
        Jun 15 23:28:14 eyez openvpn@config[314]: /usr/bin/ip addr add dev tun0 local 10.194.1.6 peer 10.194.1.5
        Jun 15 23:28:14 eyez openvpn@config[314]: /etc/openvpn/up.sh tun0 1500 1542 10.194.1.6 10.194.1.5 init
        Jun 15 23:28:14 eyez openvpn@config[314]: WARNING: Failed running command (–up/–down): external program exited with error status: 1
        Jun 15 23:28:14 eyez openvpn@config[314]: Exiting due to fatal error
        Jun 15 23:28:14 eyez systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
        Jun 15 23:28:15 eyez systemd[1]: Unit [email protected] entered failed state.

        • Odin's profile image.

          Hmmm, left it alone for a bit, now i get:
          [root@eyez openvpn]# systemctl status [email protected]
          [email protected] – OpenVPN connection to config
          Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled)
          Active: active (running) since Mon 2014-06-16 00:58:28 CDT; 8min ago
          Process: 448 ExecStart=/usr/bin/openvpn –cd /etc/openvpn –config /etc/openvpn/%i.conf –daemon openvpn@%i –writepid /run/openvpn@%i.pid (code=exited, status=0/SUCCESS)
          Main PID: 449 (openvpn)
          CGroup: /system.slice/system-openvpn.slice/[email protected]
          └─449 /usr/bin/openvpn –cd /etc/openvpn –config /etc/openvpn/config.conf –daemon openvpn@config –writepid /run/[email protected]

          Jun 16 01:04:42 eyez openvpn@config[449]: SIGUSR1[soft,tls-error] received, process restarting
          Jun 16 01:04:44 eyez openvpn@config[449]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
          Jun 16 01:04:44 eyez openvpn@config[449]: UDPv4 link local: [undef]
          Jun 16 01:04:44 eyez openvpn@config[449]: UDPv4 link remote: [AF_INET]67.215.65.130:1194
          Jun 16 01:05:44 eyez openvpn@config[449]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
          Jun 16 01:05:44 eyez openvpn@config[449]: TLS Error: TLS handshake failed
          Jun 16 01:05:44 eyez openvpn@config[449]: SIGUSR1[soft,tls-error] received, process restarting
          Jun 16 01:05:46 eyez openvpn@config[449]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
          Jun 16 01:05:46 eyez openvpn@config[449]: UDPv4 link local: [undef]
          Jun 16 01:05:46 eyez openvpn@config[449]: UDPv4 link remote: [AF_INET]67.215.65.130:1194
          [root@eyez openvpn]# journalctl -xn
          — Logs begin at Wed 1969-12-31 18:00:07 CST, end at Mon 2014-06-16 01:06:48 CDT. —
          Jun 16 01:05:44 eyez openvpn@config[449]: SIGUSR1[soft,tls-error] received, process restarting
          Jun 16 01:05:46 eyez openvpn@config[449]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
          Jun 16 01:05:46 eyez openvpn@config[449]: UDPv4 link local: [undef]
          Jun 16 01:05:46 eyez openvpn@config[449]: UDPv4 link remote: [AF_INET]67.215.65.130:1194
          Jun 16 01:06:46 eyez openvpn@config[449]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
          Jun 16 01:06:46 eyez openvpn@config[449]: TLS Error: TLS handshake failed
          Jun 16 01:06:46 eyez openvpn@config[449]: SIGUSR1[soft,tls-error] received, process restarting
          Jun 16 01:06:48 eyez openvpn@config[449]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
          Jun 16 01:06:48 eyez openvpn@config[449]: UDPv4 link local: [undef]
          Jun 16 01:06:48 eyez openvpn@config[449]: UDPv4 link remote: [AF_INET]67.215.65.130:1194
          [root@eyez openvpn]#

          • gschoppe's profile image.

            It looks like your network connection is having some issues, or your TCP stack on the pogoplug is failing to initialize properly, as it isn’t giving your address in the UDPv4 link local line. I’d try rebooting, before anything else.

        • gschoppe's profile image.

          It looks like there must be an issue, either with your up.sh script, or the settings for Squid or Dante. if you temporarily remove the up and down script from your config, and try connecting without them, it should work. Then, you can run the up.sh script from the command prompt to get better info about why it failed. Once you fix whatever the issue is, you can re-add them to the config, and reboot.

          • Odin's profile image.

            Ok, tried agan, removing the up and down scripts, I now get:
            [root@eyez openvpn]# systemctl start [email protected]
            Job for [email protected] failed. See ‘systemctl status [email protected]‘ and ‘journalctl -xn’ for details.
            [root@eyez openvpn]# systemctl status [email protected]
            [email protected] – OpenVPN connection to config
            Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled)
            Active: failed (Result: exit-code) since Sat 2014-07-12 17:07:14 CDT; 5s ago
            Process: 337 ExecStart=/usr/bin/openvpn –cd /etc/openvpn –config /etc/openvpn/%i.conf –daemon openvpn@%i –writepid /run/openvpn@%i.pid (code=exited, status=1/FAILURE)

            Jul 12 17:07:14 eyez openvpn@config[337]: OpenVPN 2.3.4 armv5tel-unknown-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jul 1 2014
            Jul 12 17:07:14 eyez openvpn@config[337]: library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.08
            Jul 12 17:07:14 eyez openvpn@config[337]: Cannot initialize LZO compression library
            Jul 12 17:07:14 eyez systemd[1]: [email protected]: control process exited, code=exited status=1
            Jul 12 17:07:14 eyez systemd[1]: Failed to start OpenVPN connection to config.
            Jul 12 17:07:14 eyez systemd[1]: Unit [email protected] entered failed state.
            [root@eyez openvpn]# journalctl -xn
            — Logs begin at Wed 1969-12-31 18:00:07 CST, end at Sat 2014-07-12 17:07:14 CDT. —
            Jul 12 17:03:57 eyez systemd[1]: Unit [email protected] entered failed state.
            Jul 12 17:07:07 eyez systemd[1]: Stopped OpenVPN connection to config.
            — Subject: Unit [email protected] has finished shutting down
            — Defined-By: systemd
            — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

            — Unit [email protected] has finished shutting down.
            Jul 12 17:07:14 eyez systemd[1]: Starting OpenVPN connection to config…
            — Subject: Unit [email protected] has begun with start-up
            — Defined-By: systemd
            — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

            — Unit [email protected] has begun starting up.
            Jul 12 17:07:14 eyez openvpn@config[337]: OpenVPN 2.3.4 armv5tel-unknown-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jul 1 2014
            Jul 12 17:07:14 eyez openvpn@config[337]: library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.08
            Jul 12 17:07:14 eyez openvpn@config[337]: Cannot initialize LZO compression library
            Jul 12 17:07:14 eyez openvpn@config[337]: Exiting due to fatal error
            Jul 12 17:07:14 eyez systemd[1]: [email protected]: control process exited, code=exited status=1
            Jul 12 17:07:14 eyez systemd[1]: Failed to start OpenVPN connection to config.
            — Subject: Unit [email protected] has failed
            — Defined-By: systemd
            — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

            — Unit [email protected] has failed.

            — The result is failed.
            Jul 12 17:07:14 eyez systemd[1]: Unit [email protected] entered failed state.
            [root@eyez openvpn]#

          • gschoppe's profile image.

            The error appears to be with the LZO compression library… did you skip the ‘pacman -Sy unzip’ command at the beginning of the instructions?

  1. stracjd's profile image.

    [root@alarm openvpn]# unzip openvpn.zip
    -bash: unzip: command not found
    [root@alarm openvpn]#

    Any clue why I would be getting this? When I run whereis unzip, I get the following.

    [root@alarm openvpn]# whereis unzip
    unzip:
    [root@alarm openvpn]#

    I am lost so any help would be great.

    Thanks!

  2. B's profile image.

    Excellent guide. Got it to run as well!! thank you!
    2 questions:

    1) is there anyway I can select the privateinternetaccess.com server I connect to?
    2) The unit reboots fine through SSH. if I introduce a power interruption, it does not reboot. It hangs. I have to got through some major hoops in order to get it up and running again. shutdown -r now works, but I’d have to SSH into it then wait. So, I am worried about power failure.

    Any ideas?

    • gschoppe's profile image.

      With regard to your first question, I have a rough idea of how you might switch servers. I haven’t really worked it out fully, but the basic idea would be to modify all the ovpn files from privateinternetaccess with the same changes that you made to the one you renamed config.conf (also rename this one back to its original name). Then, write a script that presents a menu to the user, and based on their choice, copies the chosen ovpn file to /etc/openvpn/config.conf (writing over whatever is there), and runs “systemctl restart openvpn@config”.

      The more fun version of this would involve running an nginx/php-fast-cgi server, and offering the menu in a php file, along with status information about the connection.

      As for your second question, power failure does have the possibility of screwing up your install. SD cards are not meant to be disconnected mid-write. Most of the time, it should come back up ok after a failure, but the chance is certainly there.

      I recommend using Win32DiskImager on windows (or simply a DD command in linux), to make a backup of your usb drive, as an ISO file. That way if any corruption occurs, your can simply overwrite the drive with the image, and you’re good to go.

      • B's profile image.

        Thank you! I am grateful for the info and I appreciate it. I have another question is I may.

        When using utorrent, I point the proxy setting to the Pogo IP and the 1080 port. it works great in downloading but I get no incoming connections. I tried forwarding port in my router but no joy. My ratios are starting to ache.

        Am I doing something wrong?

        • gschoppe's profile image.

          You are not doing anything wrong. The process of getting external connections working through a PIA VPN is pretty complicated, and I honestly haven’t had time to tackle it yet. I can point you in the right direction, but It’ll take a free weekend or so before I’ll be able to get it running and create a guide.

          First off, port forwarding your router will have no effect on VPN traffic. All the VPN traffic is sent through a persistent encrypted connection that requires no forwarding to get through your router.

          However, you will need to request a forwarded port through PIA… you can find info on making a request script here: PIA Port Forwarding Guide The script would need to be put into a service that calls it every hour, then you would start the service in your up.so file and stop it in your down.so file.

          That gets us a VPN forwarded external port, but the port number changes every hour. To provide a single port for torrent clients, you would want to install Portfwd on the pogoplug. Then edit the forwarding script you made so that when it requests a port forward from PIA, it retrieves the port number, kills all existing portfwd instances, and creates two new portfwds: one from the port PIA gives to a port of your choosing (lets say 4455), and another from your chosen port (4455) to the port PIA gave.

          Now you’ll have a port on the AnonyBox, that is accessible from the internet. However, there is one last problem. Your SOCKS Proxy is not currently set up to forward incoming connections to your computer. To solve this last hurdle, you’ll have to modify your sockd.conf to support bind, bindreply, udpassociate, and udpreply. I think I have the code for this down, but I haven’t had a chance to test it. Here’s what I think you’ll need for pass rules:


          pass {
          from: 192.168.0.0/16 to: 0.0.0.0/0
          command: bind connect udpassociate
          log: error # connect disconnect iooperation
          }
          pass {
          from: 127.0.0.0/8 to: 0.0.0.0/0
          command: bind connect udpassociate
          log: error # connect disconnect iooperation
          }
          pass {
          from: 0.0.0.0/0 to: 192.168.0.0/16
          command: bindreply udpreply
          log: error # connect disconnect iooperation
          }
          pass {
          from: 0.0.0.0/0 to: 127.0.0.0/8
          command: bindreply udpreply
          log: error # connect disconnect iooperation
          }

          If you decide to give this a shot, let me know how it goes. Otherwise, I plan to get it working myself soon, then I’ll write a post about it.

          • B's profile image.

            Thank you!

            I’ll give it a shot this weekend. Confidence level is not the highest but I will try it out. I will post the results.

          • B's profile image.

            No joy,

            had a serious go at it on sunday….I frakked it up good. good thing I had a backup of the usb image.

  3. James George's profile image.
    James George says:

    Hello, and thanks for doing so much of the legwork. I had similar errors at a couple of points as a user above where it came back no file exists, etc. I fixed all by simply logging out of the putty/ssh session, relogging in and it worked,not sure why, unless I was in the ‘wrong’ directory but if I followed it as you wrote it, I shouldnt have been in a wrong directory. but I have a 1 issue and a couple questions still. I didnt get the openNTPD to work/install in the first step, the first 2 lines. Does the new version not have that installed? I get error when trying to start in the 2nd line. Now, my questions are: I have green light on the pogobox, but not sure how I point anything at it? I dont remember setting up any kind of nat router or forwarding so that when I point devices or apps at it, it knows to forward them through the tunnel. I am trying to use bit torrent clients through it and to take the knowledge further, I want to know how to VPN into it from outside of it and how to forward complete devices internet traffic through it. I am either not using the right terms when I search the internet or I am not understanding the instructions on how to configure SOCKS and Proxy in apps or devices. Since the Pogo is connected, anything I point at the pogo (192.168.0.248:1080{socks} and 192.168.0.248:3120{proxy}) I dont need to enter the login/password information from the PrivateInterenetAccess account, correct? If you have another site you can share that clears up this whole proxy,SOCKS, vpn mess for me, I’d appreciate it. I am an IT graduate and do not work with networking at this level, so I am competent, and always learn but I have to understand the workigns, so please excuse my basic confusion with these protocols. thanks.

    • gschoppe's profile image.

      Well, if you were able to connect to the VPN, and get a green light, some form of NTP must be installed and functioning. If it were not, you would be getting an error when it attempted to connect, saying that your security certificate wasn’t valid yet.

      As for how to use the Anonybox, you won’t need to do anything further with authenticating to the VPN. The AnonyBox is constantly connected and authenticated on its own. All you have to do, is connect to it as a proxy. The AnonyBox does not require any login or password for users on the local network (192.168.0.0/24) There are several different way to use the AnonyBox, but I’ll try to list a few.

      In Firefox, you can route all browser traffic, using an addon called “Foxxyproxy”. Simply give it the address and port of your Anonybox, and you’re done. In Chrome, the same is accomplished with an addon called “Proxy Switchy!” The squid proxy is recommended for browser traffic, as it caches images and data, so it can speed up page loading times after visiting them once. However, that cache does contain personal data, so if you are worried about privacy from other users within your local network, use SOCKS for everything.

      In most Bittorrent clients, there is a proxy page in the settings, where you can set what server and port to use. This is the same as setting it for a browser. Just point the client at your SOCKS port.

      to set all internet traffic to go through the proxy, simply go to your LAN settings (location depends on operating system), and enter the SOCKS proxy settings under the proxy settings there.

      I hope that helps a bit.

  4. deebledrox's profile image.

    I’m in the same boat as B. No incoming connections and magnet links won’t budge. I believe it’s a problem with UDP. This is very frustrating. I inserted the pass rules you posted into the sock conf and I’m still no joy.

  5. Adam's profile image.

    Hi,

    This is a great tutorial, and it worked flawlessly!

    Unfortunately after a power cycle I cannot get the USB hard drive to power on, so I think it has finally failed. Do you know if the PogoPlug device is salvageable and can reinstall Arch Linux on a different drive?

    Best regards,
    Adam

    • gschoppe's profile image.

      The hard drive you connected may have failed, or the bootloader on it may have simply become corrupt from the crash. To test, try plugging the drive into a computer, and format it. If it functions ok, it simply got corrupted.

      Either way, the PogoPlug should not be damaged. Simply unplug the hard drive and reboot the PogoPlug without it. Then, once it has booted, plug in whatever device you want, and repeat the steps to install Arch.

      after unplugging the drive and rebooting, the SSH username and pass for the pogo will likely revert to “root”.

    • gschoppe's profile image.

      PIA’s kill switch is a specific implementation of an ifdown script. The ifdown script for the anonybox kills the proxies if the connection to PIA goes down. This should functionally be identical to kill switch, but I do not offer any warranty or guarantee on that front.

Your email address will not be published.

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>