Language Selection

English French German Italian Portuguese Spanish

Wireguard vs OpenVPN on NordVPN with T-Mobile Home Internet on Debian GNU/Linux. Bonus: T-Mobile Home Internet Nokia modem has bad WiFi defaults.

Filed under
GNU
Linux
Microsoft

Before Private Internet Access went to hell, I once spoke to their former tech support people about Windows 10 in their IRC chat room, and “Max-P” told me that writing VPN software for Windows was the worst part of the job. He said that preventing “leakage”, that is, where your kill switch doesn’t work and your traffic spills out onto the open internet, which is what you bought the VPN to avoid, is very difficult to ensure on Windows.

Furthermore, it’s hard to get any decent sort of throughput on a VPN in Windows, because Windows doesn’t have any sort of usable and secure VPN tech included in the OS. In fact, NordVPN says that if you try using IKEv2 in Windows 10, it will sabotage it by using weak cryptography. (“Note: the Windows system configuration downgrades the cipher to the weaker 3DES-CBC encryption.“)

Most Windows VPN software use “WinTun” to route traffic around and are essentially rate limited and use a ton of CPU time for overhead. That is, doing nothing important at all and tying up system resources. Creating more bottlenecks due to inherently bad design.

The VPN situation on Linux is….better. If it doesn’t make your networking stack great again, it’ll at least help make it tolerable. You can set up NetworkManager and bypass VPN software entirely, and use OpenVPN binaries from your Linux distribution, or you can use something like NordVPN’s client which makes things a little bit simpler, hopefully, with commands like “nordvpn c”, “nordvpn d”, “nordvpn set autoconnect on”, “nordvpn set killswitch on” and so on.

It takes but a few minutes to understand how to use NordVPN’s LInux software, and unlike the Windows version, there isn’t all sorts of nasty stuff going on behind the scenes. The killswitch is just firewall rules. There doesn’t need to be a lot of crazy stuff going on that can make your internet connection unusable if the connection drops out until you reboot the computer, which is what often happens on Windows 10. Also, their client for Linux doesn’t pop up notifications to go read their blog posts.

Read more

More in Tux Machines

Windows box won't boot? SystemRescue 9 may help

The latest version of an old friend of the jobbing support bod has delivered a new kernel to help with fixing Microsoft's finest. It used to be called the System Rescue CD, but who uses CDs any more? Enter SystemRescue, an ISO image that you can burn, or just drop onto your Ventoy USB key, and which may help you to fix a borked Windows box. Or a borked Linux box, come to that. SystemRescue 9 includes Linux kernel 5.15 and a minimal Xfce 4.16 desktop (which isn't loaded by default). There is a modest selection of GUI tools: Firefox, VNC and RDP clients and servers, and various connectivity tools – SSH, FTP, IRC. There's also some security-related stuff such as Yubikey setup, KeePass, token management, and so on. The main course is a bunch of the usual Linux tools for partitioning, formatting, copying, and imaging disks. You can check SMART status, mount LVM volumes, rsync files, and other handy stuff. Usefully, there's also a full local copy of the website and all documentation, including a console-mode web browser to read it with. Read more

GNOME Shell ’Extensions Manager’ App Gets a Big Ol’ Update

Remember that new app for installing GNOME extensions I wrote about earlier this month? Well, it just got its first major update. And it adds a ton of much-requested features. For those unfamiliar with it, Extension Manager is a desktop app that lets you search, browse, manage, and install GNOME extensions without having to use a web browser. The app is built in GTK4 and libadwaita and is available to install from Flathub. Read more

today's howtos

  • Hosting my static sites with nginx

    Originally I thought that running my own servers would require a lot of maintenance and be a huge pain, but I was chatting with Wesley about what kind of maintainance their servers require, and they convinced me that it might not be that bad. So I decided to try out moving all my static sites to a $5/month server to see what it was like. Everything in here is pretty standard but I wanted to write down what I did anyway because there are a surprising number of decisions and I like to see what choices other people make.

  • How To Install Wireshark on Debian 11 - idroot

    In this tutorial, we will show you how to install Wireshark on Debian 11. For those of you who didn’t know, Wireshark is a free and open source software (FOSS) allows users to easily capture and analyze packets. In real scenarios Wireshark was useful to detect anomalies in network traffic. Wireshark can be also used to sniff traffic. Wireshark is a cross-platform software that is available for various Linux/UNIX distributions, Mac-OS, Solaris, BSD & Windows, etc. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Wireshark network protocol analyzer on a Debian 11 (Bullseye).

  • How to Install Python 3.10 (or 3.11) on CentOS - Linux Stans

    In this tutorial, we’re going to show you how to install Python (the latest version) on CentOS with step-by-step instructions. This tutorial includes instructions for Python 3.10 and Python 3.11 on CentOS 7 and CentOS 8.

  • How to Route Traffic to Docker Containers With Traefik Reverse Proxy – CloudSavvy IT

    Traefik is a leading reverse proxy and load balancer for cloud-native operations and containerized workloads. It functions as an edge router that publishes your services to the internet. Traefik routes requests to your containers by matching request attributes such as the domain, URL, and port. The proxy incorporates automatic service discovery so you can add new containers in real-time, without restarting the Traefik service. In this guide, we’ll put together a simple Traefik v2 deployment that will publish multiple Docker containers. This lets you use one Docker installation to provide several services over the same port, such as a web application, API, and administration panel.

  • How to convert Centos 8 Linux to Alma Linux 8

    CentOS Linux 8 was discontinued at the end of 2021. Check out more information about that in this in this article CentOS Linux 8 will end in 2021 and shifts focus to CentOS Stream. The team at CentOS decided to shift focus to CentOS stream, an upstream version of RHEL. CentOS stream places itself between Fedora Linux and RHEL. It is not 100% RHEL clone but ahead of RHEL development. Other distros that are 100% compatible with RHEL 8 have come up including Rocky Linux and Alma Linux. In this guide, we will learn how to convert an existing CentOS 8 distribution into Alma Linux without reinstalling a new operating system. The Alma Linux team provides an automated script for this purpose. An in-place upgrade does not require formatting of hard disk and due to that fact all settings, programs, and files on your current CentOS 8 system will be preserved.

  • LFCS – Creating LDAP on Ubuntu | Linux.org

    I hope you have looked over the previous article to set up OpenLDAP on CentOS 7 system found here. This will build on that article somewhat. We are going to install and configure OpenLDAP on Ubuntu and create an initial database. I did not do some things done here in the previous article, so you may learn something useful here for CentOS or Ubuntu.

Proprietary Software and DRM

  • Best Free and Open Source Alternatives to Atlassian Bitbucket

    Atlassian Corporation Plc is a software company founded in 2002 that develops products for software developers, project managers and other software development teams. It employs over 7,000 people and is headquartered in Sydney, Australia. Atlassian produces a range of proprietary software including software for collaboration, development, and issue tracking software for teams. Atlassian dominates several markets where it still has intense competition. Broadly speaking, they offer software in three large buckets: These are software development tools; help desk software, or IT service management; and workflow management software. When you think of Atlassian, think project management and collaboration tools. Many of their programs use a number of open source components. And their GitHub repositories hold lots of open source code. But their main range of software is proprietary. This series looks at free and open source alternatives to Atlassian’s products.

  • Obsidian is a Notion Alternative for Hardcore Markdown Users for Creating Knowledge Graph of Notes [Ed: Why does a site that calls itself "It's FOSS" so enthusiastically promote non-FOSS? And not the first time, either]

    Initially, I thought that Obsidian was an open source software. It was only when I was looking for their source code repository (after I finished writing this article) that I realized it is free-to-use application but not FOSS (free and open source software). Which is a shame because it’s a damn good application and hence I continued to feature it here.

  • Digital Right to Repair Coalition Letter of Support: SMART

    On behalf of the Digital Right to Repair Coalition (“The Repair Association”), an organization representing over 400 member companies across a variety of industries, I’m writing to ask for your support of consumer choice and right to repair by advancing H.R.3664 – Save Money on Auto Repair Transportation (SMART) Act. The Repair Association is centered around a simple principle: consumers should have the right to repair the products they own. We believe that competition is an essential component of any market, including automotive repairs, and is better for consumers. We are dedicated to fighting against anti-competitive practices that stifle innovation, restrict small businesses, and disadvantage consumers, regardless of industry. Right to repair is a growing, consumers-first movement that is expanding as more people recognize that the law should put consumers first. The growing momentum around repair restrictions for electronics and consumer appliances has spurred companies like Microsoft and Apple to commit to taking action to expand their repair offerings. There’s much more work to be done. According to a new national survey from the CAR Coalition, an overwhelming majority (78%) of vehicle-owning voters support the federal right to repair legislation that protects against design patent abuse in the automotive industry, such as the SMART Act, and makes vehicle data more readily available. The Repair Association believes the SMART Act is an essential step forward in answering consumers’ call for stronger right to repair protections in the automotive repair industry and would serve as an example to other industries.