How to Make Your Own VPN (And Why You Would Want to)

The guide starts at 11:25

TIMESTAMPS
00:00​ Introduction
01:28​ Everything wrong with the VPN services
05:50​ What are the alternatives?
07:39​ VPN services vs. Self-hosted VPNs
08:58​ Choosing a VPS provider
10:43​ My choice of the VPS provider
11:25​ Creating an account (The tutorial starts here)
11:45​ Creating a VPS
12:37​ Generating SSH keys
13:46​ Updating the packages
14:07​ Creating a non-root user
15:04​ Configuring SSH
17:14​ Installing and configuring OpenVPN
20:50​ Installing mosh
21:14​ Two-factor authentication
23:53​ Automatic updates
25:11​ Conclusion

WolfgangsChannel

Exactly, no matter what a VPN provider says, you have to trust them when it comes to storing and sharing your logs. If they can profit or have to protect themselves, they with share them with other companies.

daywalkernightstalker

Been doing it on my own for quite a while now, but with your hints I just took it to a new level of customization. Great video!

andersonfelippe

Hey, thank you for this. I saw this on google but no one makes a tutorial. Glad I saw this today on my recommendation. Gonna finish this tutorial and will sign up with your link. Thanks again

wajinshu

All the YouTube ads being for VPN services is hilarious. Nice video!

jessicantina

One thing of note... If you are using a VPS - Check the Terms Of Service for the hosting/rental company. Many companies have policies against setting up VPNs on there networks for a variety of both technical and legal reasons. Many companies also have a 'One Strike / No Warning' policy when it comes to TOS violations meaning that if there systems team detects a 'banned service' or there legal team gets a DMCA violation / take-down notice. They will take down your node, wipe all of the data (including onsite backups), cancel your hosting/rental account, and notify you via email after... No Refunds. --- TLDR: Lots of providers DO allow you to set up a VPN however, If for some reason a provider doesn't allow a VPN or other services/content to be set up, it will be in the Terms of Service. Because providers don't want to terminate your account, it will usually be written in very plain, easy to understand, language... Just read the TOS and make sure you understand what you can and can not do/run with that provider *before* starting hosting with them.

neoncyber

15:48 "I personally prefer to use the port 69." I see you are a man of culture

TimTat

Hello Wolfgang,
I want you to know that i appreciate your in depth knowledge and have deep respect for you that you take the time to share the results of the hard work that you do in order to educate the MANY MANY people that simply have NO CLUE! Thank you.
Mike S.

michaelsullivan

The main reason people look for VPNs is anonimity and the possibility to change connection location and gain the ability to access services reserved only for specific places (ex Netflix). With a self hosted VPN you lose both. Anonimity: basically the same things that your ISP would spy on you, now are spyable by your VPS provider, you're just trusting a different entity. But, as you correctly said, this is a marginal problem, because only source IP and destination IP can be seen, the traffic in between is encrypted. The only thing that changes is that your ISP can only see you are contacting your VPS, and your destinations can see you are contacting them from your VPS. But that VPS can be traced back to your identity, because you're the only owner of that IP address. So we have no anonimity benefit here: in the case the sites you contact want to know who the source IP address belongs to, they can very easily if your VPS provider is complicit. This is more difficult (not impossble) with VPN services ( if they have logs of your real IP) because they have to link the traffic on their system to your real IP and identity manually by looking at metadata, because there are a lot of people using their system simultaneously. And also if the VPN service is, by chance, reliable as they say and they really don't save any logs, then you're anonymous. I don't think VPS providers keep less logs than a VPN service tbh, in this video you're just saying 'meh, I trust VPS providers more then VPN providers', without counting the fact that VPNs grants you the ability to avoid geoblocking by default, and also that the VPN providers base their business on the 'zero logs' policy, and that's not the case for VPS providers.

luca-dallavalle

"I know you guys are lazy and are not going to do that" - Fuck I really DO need a VPN he knows me too well.

Naeidea

Wolfgang, your content is phenomenal. Thank you for your generosity. I hope I can find the cash to donate to your channel soon because you've pieced together some concepts that I understood only in the abstract. Thank you.

mobieladam

Personally I love the movement for personally owned data like your privacy and files. As an enthusiast with multiple industry grade certifications behind me ranging from general certifications in cyber-security & general networking to Cisco university grade diplomas. I don’t care about my own privacy (I know controversial opinion for my field..) however I stand behind this video in more ways then one, he outlines the benefits to self-hosting your own VPN perfectly.

The reason I use VPN’s is to allow much better security within my networks for the company I run. By only allowing OpenVPN’s port past our network firewalls and then encrypting all user profiles substantially it allows me and our employees to access and be on these networks remotely without fear of multiple ports/applications vulnerabilities.

Awesome video, love your other content too!

ryanthetide

i really appreciate the amount of effort you put into making this tutorial and showing how serious you are about privacy

DiscipleDragon

I love that you posted the timestamps. Makes this video so much more useful! Thanks!! I "liked" the video.

kevinm

Hi Wolfgang,
Thank you for sharing this information. Assuming that everything you've said is true, both the loss of privacy and not knowing who to trust is a bigger issue that most of us realize.

lchoisf

Welcome to the comment section! Please read the FAQ before leaving a comment:

Q: How do you know that the VPS doesn't keep the logs? Isn't that the same as trusting a VPN service?
A: Every Internet gateway can potentially log and monitor your traffic. A VPN (be that a VPN service or a self-hosted VPN) doesn't give you extra privacy or anonymity and can potentially monitor your activity. Instead, if you need some extra privacy while browsing the Internet, you should use Tor 06:00 As I mentioned in my last video, VPNs should be used to avoid censorship, geoblocks and DMCA letters, but they won't magically make you more secure and anonymous.

Q: Are you only recommending a VPS as a solution because you were sponsored by Linode?
A: No. I've been using a self-hosted VPN since 2017 and am currently using a VPS from another company. I've also been approached by a several VPN companies that offered to sponsor my videos; I politely refused their offers because such sponsorship will go against my point of view on VPN services. Linode is one of the biggest VPS providers on the market and I'm glad they sponsored this video, however you can always choose another VPS to host your VPN: DigitalOcean, Vultr, Hetzner, etc.

Q: But doesn't a self-hosted VPN make you more identifiable since you're the only user?
A: Unlike a VPN service, on a self-hsoted VPN you get a dedicated IP that isn't shared with any other users. However, a shared IP on a VPN service doesn't give you more privacy: you still use your real IP to connect to it, and your account has a unique identifiable set of keys.
In both cases if a certain government agency were interested in your online activities, it would require requesting logs from the provider, and in case of Linode (or any VPS provider) the authorities would only retrieve connection logs (e.g. when you connected to the VPS from your IP address) – so pretty much the same as with a VPN service. In both cases the authorities can also request logs from the data center providers or hit the service with a FISA warrant if they reside in the US.

Q: Is this tutorial only going to work for Linode?
A: No, this tutorial applies to any KVM- (and possibly Xen-) based VPS. The only part that's going to be different is the process of creating an account, which is pretty easy.

WolfgangsChannel

Thank you for the in-depth explanation, prior to even starting the setup tut. No unexpected surprises halfway through the process. This is a refreshing compared to many various installation/setup tuts I have reviewed in the past. I have subscribed. Thanks again!

SB-quge

I certainly hope nobody is getting Linux ISOs from Pirate Bay lol

davidr

I appreciate your honesty, you sum up pro's and cons and if you are sponsored, you mention it, if you see another video which explains the same thing you do but better, you are man enough to admit and mention it and give credit where it's due. You also have a very clean info page with timestamps and more and are quite humble(with self-promotion). Good lad

bwucewee

Dry humor, subtle sarcasm, good content including debunking... Gotta love this video man. TY
(learning if you search 'is pee is stored in balls' comes up with yes, was the one of the real highlights)

forgeteverythingyouknow