[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Combining obfsproxy+scramblesuit with OpenVPN
Heya,
The company I work for is building an OpenVPN client which has obfsproxy
support, there is a branch, but it's not finished:
https://github.com/greenhost/viper/tree/obfsproxy-support
And then.. the serverside isn't pushed but it was working, it would
generate scramblesuite passwords using some funky way.
Anyway, you might want to look into this:
https://github.com/kheops2713/telecomix-openvpn/tree/master/Linux
Also see:
https://lists.torproject.org/pipermail/tor-dev/2014-February/006192.html
It's rather trivial.
Jurre
On 03/05/2014 02:08 PM, irregulator@xxxxxxxxxx wrote:
> Hello people,
>
> I'm investigating how may we combine the traffic obfuscation provided by
> obfsproxy+scramblesuit with OpenVPN instead of Tor.
>
> I completely understand how this combination does not provide anonymity,
> but nevertheless I think it will be of some use.
>
> In the recent past there have been some interest in this combination
> [1], [2], [3], mainly cause of VPN traffic blocking in various countries
> or networks.
>
> OpenVPN supports only Socks5 proxy but current obsfproxy's version
> doesn't have a Socks5 listener, see ticket #9221 [4].
>
> Luckily yawning provided a patch some days ago [5], and I decided to
> test it. According to patch's comments, it implements a Socks5 proxy
> with authentication as in RFC 1928/RFC 1929. This authentication is
> gonna serve as a means to pass parameters to the pluggable transport,
> please correct me on this one.
>
> Firstly, does this patch and generally obfsproxy development takes in
> consideration other clients except for Tor, e.g. OpenVPN or OpenSSH ? I
> think it would be very nice to have a way to combine OpenVPN with
> Scramblesuit as stated in the latter's paper. But then I'll understand
> if that's not a priority for obfsproxy's developers.
>
> So, while testing OpenVPN with obfsproxy and the latest patch, the vpn
> client enters the authentication phase. Do the credentials depend on the
> pluggable transport in use by the obfsproxy? If so, what credentials
> should the vpn or the ssh socks client provide when talking with
> scramblesuit? Will vpn client have to provide the session ticket or
> other pre-shared secret through socks authentication?
>
> Thanks in advance for any answers.
> Alex
>
--
Developer at https://www.useotrproject.org/
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev