Sunday, May 11

Dirt simple personal VPN (Hamachi) on OS X

lock
Uploaded with plasq's Skitch!
I was a big Hamachi fan back in the day when I was shackled to Windows, but when I broke loose into the Linux and OS X days I had to graduate up to OpenVPN. I'm still a huge fan of OpenVPN but it has two drawbacks:
  1. You need a place to host the server, and that place needs to be up and accessible 24/7.
  2. You need to configure the server and generate and distribute keys for the clients. Not for the feint of heart.
In light of needing to add a couple more clients and machines to one of my OpenVPN networks I had to ask myself, "surely there's a better way by now!?" I saw that OpenVPN has a Windows GUI slated for it's next release, and that's a step in the right direction, but a far cry from the elegancy and simplicity I desire. So I was elated to stumble across some OS X support for my old friend Hamachi. I decided to devote my Sunday afternoon to trying it out and to my surprise I was done in a matter of minutes... and it's an awesome as ever.

Unfortunately it's not as simple as most OS X installs; you can't just download it and drag it into the Applications folder. There's three essential steps:
  1. Install the tun/tap drivers.
    1. Head over to http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ and grab the drivers for Leopard (assuming you're running Leopard).
    2. Untar it and run the package installer.
  2. Install the OS X command-line version of Hamachi.
    1. Head over to LogMeIn and accept the "Conditions of Use" to download the OS X universal binary
    2. Untar it
    3. Run sudo ./install
    4. Run sudo /usr/sbin/tuncfg
  3. Install the OS X GUI for Hamachi.
    1. Grab the latest version from the download page. As I'm writing this, the links on that page are broken, but you can find working ones here and the latest (that I'm using) is 1C6.
    2. Run the package installer.
    3. You should be rocking now. Click the "Add" icon (the plus sign) to create or join a network.
    4. Repeat this on each machine you want to be accessible on the VPN, joining the same network on each of course.
  4. Preferences
    Uploaded with plasq's Skitch!
    Optionally, and recommended, you can set up a hot-key for VNC. By default HamachiX maps some hotkeys so you can click on a server name and immediately jump to FTP, AFP, SMP, but of course I wanted VNC so I had to set that up myself. Just go to HamachiX -> Preferences -> Proxies and hit the "+" icon; it creates a pre-populated one for you, just replace the protocol with "vnc" and you're done. If you set the priority to zero it will act as the default when you double-click a server name in your list of peers.

1 comment:

Anonymous said...

You may wish to try out Zeroshell, which includes OpenVPN & many additional security tools. It's an extremely small linux distro. I am running it in a VM and it makes OpenVPN, kerberos, X.509, etc, easy as pie. I'm using AES encyrption and getting very good speeds.