Using a Raspberry Pi as a VPN?
2014-07
sudo rm -rf
So I'm sure many of you have heard of the new Raspberry Pi project. I was looking at messing around with Model B, which has the following relevant specs:
Broadcom BCM2835 700MHz ARM1176JZFS processor with FPU and Videocore 4 GPU
256MB RAM
Boots from SD card, running the Fedora version of Linux (ARM Version)
10/100 BaseT Ethernet socket
USB 2.0 socket
So I was curious if it would be possible to create a simple VPN out of this little machine. I do realize that since it's an ARM processor that might mess up quite a few things. Any ideas if this is possible?
Just for what it's worth, this would be a personal project so I'm not worried about performance.
slhck
People have built OpenVPN for BeagleBoard, so, in the worst case, you should be able to do something similar. The Raspberry has a lot of press, so it's possible there'll be pre-compiled packages available in the near future, also.
I see this Fedora ARM package. I'm unfamiliar with the naming conventions for non-Intel builds, so I'm not sure if that fits, though.
slhck
I'm not a huge Linux expert by any means and so the various tutorials were not enough for me to get a PPTP VPN working on the Pi. I wanted PPTP as Windows 7 and iDevices support it out the box. I finally got it working and documented the process in my blog:
RaspberryPi as a PPTP VPN Server - HOWTO
In summary, yes the RasPi can definitely function as a VPN endpoint (that costs £35 and uses 5W electricity...) and it does so well. I used the Arch Linux distro but no reason Fedora shouldn't work. I haven't tried having more than two clients connected though.
slhck
It can run Fedora. You can get VPN code for Fedora, in fact it's powerful enough to run a decent Fedora desktop – it'll run a simple VPN just fine.
Maybe don't plan on using it for a corporation, but it'll work.
slhck
Two ways documented on my blog:
slhck
Look here:
How to Setup a VPN (PPTP) Server on Debian Linux
It tells you how to set up the pptpd service which is what you need. It works for me connecting from my iPhone with the VPN setting pointing to my Pi's IP.
There is no building or compiling or similar. Just apt-get the pptp and configure your IP and user settings as described.
PKM
I've installed the Fedora 18 ARM Remix for Raspberry Pi onto the SD card of my RasPi (type B). When connected by HDMI, Fedora and XFCE4 come up fine and without the HDMI i'm able to login through SSH easily from my other Windows box in the same network. The Pi is connected by LAN cable to a simple home router which assigns private IP addresses in 192.168...
The problem is getting remote desktop through xrdp or vnc in this FEDORA 18 ARM (rpfr18). Remote desktop is quite simple to get up and running in Raspbian and I was able to 'sudo apt-get install xrdp vncserver' after which the remote desktop was reachable directly through mstsc and a VNC Client respectively from my Windows 7.
On Fedora I've installed xrdp and vncserver and have started them yet I'm not able to connect from Windows. I have done a fair amount of googling yet am unable to get remote desktop working on this Fedora on Pi from Windows 7. Help much appreciated...
This is what I've done so far through a putty SSH session :-
[root@pkrpfr18 prateek]# cat /etc/issue
Fedora remix release 18 (Raspberrypi Fedora Remix)
[prateek@pkrpfr18 ~]$ uname -a
Linux pkrpfr18 3.6.11 #1 PREEMPT Fri Feb 15 14:07:09 EST 2013 armv6l armv6l armv6l GNU/Linux
[prateek@pkrpfr18 ~]$ pifconfig
lo
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING
eth0 HWaddr b8:27:eb:e2:37:6f
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST
[prateek@pkrpfr18 ~]$ cat /proc/cpuinfo
Processor : ARMv6-compatible processor rev 7 (v6l)
BogoMIPS : 697.95
Features : swp half thumb fastmult vfp edsp java tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xb76
CPU revision : 7
Hardware : BCM2708
Revision : 000f
Serial : 0000000099e2376f
[prateek@pkrpfr18 ~]$ cat /proc/meminfo
MemTotal: 446688 kB
[root@pkrpfr18 prateek]# yum update
No Packages marked for Update
[root@pkrpfr18 prateek]# yum install xrdp tightvnc tightvnc-server tightvnc-server-module tigervnc tigervnc-server tigervnc-server-module x11vnc freerdp freerdp
Package xrdp-0.6.0-0.7.fc18.armv5tel already installed and latest version
Package tigervnc-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package tigervnc-server-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package tigervnc-server-module-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package tigervnc-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package tigervnc-server-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package tigervnc-server-module-1.2.80-0.10.20130314svn5065.fc18.armv5tel already installed and latest version
Package x11vnc-0.9.13-4.fc18.armv5tel already installed and latest version
Package freerdp-1.0.1-7.fc18.armv5tel already installed and latest version
Package freerdp-1.0.1-7.fc18.armv5tel already installed and latest version
Nothing to do
[root@pkrpfr18 prateek]# yum update xrdp tightvnc tightvnc-server tightvnc-server-module tigervnc tigervnc-server tigervnc-server-module x11vnc freerdp freerdp
No Packages marked for Update
[root@pkrpfr18 prateek]# find / -name xrdp
find: `/proc/5400': No such file or directory
/etc/sysconfig/xrdp
/etc/xrdp
/etc/logrotate.d/xrdp
/usr/share/xrdp
/usr/sbin/xrdp
/usr/lib/xrdp
[root@pkrpfr18 prateek]# ls /etc/xrdp/
km-0407.ini km-040c.ini km-0419.ini rsakeys.ini startwm-bash.sh xrdp.ini xrdp.sh_bak
km-0409.ini km-0410.ini km-041d.ini sesman.ini startwm.sh xrdp.sh
In xrdp.sh, have had to change
SBINDIR=/usr/local/sbin to SBINDIR=/usr/sbin because there are no file there.
[root@pkrpfr18 prateek]# ls /usr/local/sbin/
[root@pkrpfr18 prateek]#
[root@pkrpfr18 xrdp]# /bin/bash /etc/xrdp/xrdp.sh
Usage: xrdp.sh {start|stop|restart|force-reload}
[root@pkrpfr18 xrdp]# /bin/bash xrdp.sh start
xrdp is already loaded
[root@pkrpfr18 xrdp]# /bin/bash /etc/xrdp/xrdp.sh restart
Restarting xrdp ...
Stopping: xrdp and sesman . . .
Started: xrdp and sesman . . .
[prateek@pkrpfr18 ~]$ whoami
prateek
[prateek@pkrpfr18 ~]$ vncserver
New 'pkrpfr18:1 (prateek)' desktop is pkrpfr18:1
Starting applications specified in /home/prateek/.vnc/xstartup
Log file is /home/prateek/.vnc/pkrpfr18:1.log
[prateek@pkrpfr18 ~]$ cat /home/prateek/.vnc/pkrpfr18:1.log
Xvnc TigerVNC 1.2.80 - built Mar 20 2013 07:34:55
Copyright (C) 1999-2011 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 11303000, The X.Org Foundation
Initializing built-in extension Generic Event Extension
Initializing built-in extension SHAPE
Initializing built-in extension MIT-SHM
Initializing built-in extension XInputExtension
Initializing built-in extension XTEST
Initializing built-in extension BIG-REQUESTS
Initializing built-in extension SYNC
Initializing built-in extension XKEYBOARD
Initializing built-in extension XC-MISC
Initializing built-in extension XFIXES
Initializing built-in extension RENDER
Initializing built-in extension RANDR
Initializing built-in extension COMPOSITE
Initializing built-in extension DAMAGE
Initializing built-in extension MIT-SCREEN-SAVER
Initializing built-in extension DOUBLE-BUFFER
Initializing built-in extension RECORD
Initializing built-in extension DPMS
Initializing built-in extension X-Resource
Initializing built-in extension XVideo
Initializing built-in extension XVideo-MotionCompensation
Initializing built-in extension VNC-EXTENSION
Initializing built-in extension GLX
Fri Mar 8 01:41:05 2013
vncext: VNC extension running!
vncext: Listening for VNC connections on all interface(s), port 5901
vncext: created VNC server for screen 0
[prateek@pkrpfr18 ~]$ vncserver -list
TigerVNC server sessions:
X DISPLAY # PROCESS ID
:1 1106
prateek@pkrpfr18 ~]$ cat /etc/services | grep vnc
corel_vncadmin 2654/tcp corel-vncadmin # Corel VNC Admin
corel_vncadmin 2654/udp corel-vncadmin # Corel VNC Admin
[prateek@pkrpfr18 ~]$
Have Tried from Windows 7 to connect using mstsc, VNCViewer, TigerVNC Viewer TightVNCViewer on 192.168.1.3 and at ports :0, :1, :3389, :5900, :5901
Nothing worked as they ALL get timed out
user214538
The firewall system might be blocking the connection requests. Try temporarily turning the firewall off (systemctl stop firewalld.service) and if that fixes the issue, adjust the firewall to permit the appropriate ports (5900+display number for vnc, for example) and re-enable the firewall (assuming that you won't want to run with the firewall off unless you're on a private LAN).
Alternately: use the '-via' option within the VNC client to use ssh for the connection. This is more secure than using a raw, snoopable VNC connection, and with ssh compression turned on (the default), slightly faster too.
user264151
Should be something more than the firewall issue. After checking out step by step the PKM report this is the output I got. the tigervnc client cannot read the the line 28 in the config file at vncserver.
[txe@Txarly ~]$ vncviewer 192.168.0.8:5903
TigerVNC Viewer 32-bit v1.2.80 (20130314) Built on Mar 14 2013 at
18:53:28 Copyright (C) 1999-2011 TigerVNC Team and many others (see
README.txt) See http://www.tigervnc.org for information on TigerVNC.
Wed Oct 16 21:54:54 2013
Parameters: Could not read the line(28) in the configuration file,the buffersize is to small.
CConn: unable connect to socket: No route to host (113) XOpenIM() failed
[txe@Txarly ~]$