I am a huge fan of the Streisand privacy stack because it includes and L2TP/IPsec VPN, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, and a Tor bridge all in one amazing package.
The problem with Streisand though is the install is amazingly complicated using ansible from your local system to a cloud provider using API calls and if you are not in a shop that uses this technology it can be difficult to get working correctly so I have
hacked the install simplified the install to install it directly on a digitalocean server (but this should work everywhere).
The steps are as follows:
Create a new digitalocean
streisand with your SSH key.
The $5 droplet “works” but if you are not going to keep it running all the time (I wouldnt) I would spin this up on a $20 a month droplet when needed (say for a trip out of the country or to blackhat).
Run the following commands to install the prerequisites:
sudo apt-get update && sudo apt-get install -y git python-paramiko python-pip python-pycurl python-dev build-essential
sudo pip install ansible markupsafe dopy==0.3.5
Download and configure strisand with the follwoing commnads:
git clone https://github.com/jlund/streisand.git && cd streisand/playbooks
sed -i 's/streisand-host/127.0.0.1/g' streisand.yml
sudo ansible-playbook -i "localhost," -c local streisand.yml
sed -i "s/localhost/$(curl -s ipecho.net/plain)/g" ../generated-docs/streisand.html(This takes between 10 and 15 minutes to complete. )
Use streisand for safer internet:
generated-docs/streisand.html to your local machine using scp or just cat and paste (
cat ../generated-docs/streisand.html) and it will have all the information you need to use your new privacy server on almost every device you own. You can also share this information with your family or team as one server should support 4 or 5 users.
If you trust me (and you shouldnt) here is a bash script to automate the install: