Was contemplating setting up a vpn between my debian dedicated server and my home windows pc, but how to set it up? Thought about openvpn and found this lengthy article which looked like far too much hastle.
Then I came across mention of hamachi, an easy to set up vpn system. It is closed source but still free. It is a unique system that uses a special hack to get through firewalls in the same way as voice-over-ip.
I installed it on the server first using these instructions which are pretty straightforward. I then installed the windows client which was even easier to install, it starts a wizard up automatically.
Once connected it assigns both ends of the network static ip addresses and the windows client displays the ip addresses of both ends. From windows, just ping the ip address of the server and it worked. Add the windows ip address to the servers webmin access list and I could access webmin from the pc. Hibernate the laptop and unhibernate and it reconnects automatically.
Conclusion: like it says on the box, easy vpn. Now do I trust a closed source system that is begging to be abused by hackers?
Update: should mention that this worked despite the firewalls in my di624 router, Windows XP noddy firewall and the iptables firewall on the server. I don't think it will work if the firewall blocks outgoing UDP packets.
I have realised that I have a full peer-peer tcp/ip network: no more fiddling with ssh tunnels. The server can even push stuff to the client, I'm not tied down to sftp'ing from the server. Next step is to set up samba on the server: I wouldn't want this open to the internet and it can only be tunnelled through ssh if you disable file and printer sharing in windows.
The server could send a WOL packet to my laptop to turn it on and an xml-rpc server on the laptop can do just about anything: record tv, stream webcam, turn the lights on... This was possible before but now it can all be done in an even cooler way.
Update 2: next day after writing this the Hamachi servers went down, taking my vpn, and however many other hamachi vpn's, down with it. Looking at their forum, their servers do seem a slight liability, being subject to DOS attacks and whatnot.
The linux tools don't give much in the line of diagnostic information: if it does ever time out it just says 'Failed', no clue why. Maybe good for security to give no clues but not good for debugging. Had troubles getting three computers on the same network, getting three connected happily at the same time: one or other would be unable to ping it's peers.
In conclusion, I've given up on this, when it works it is nice but I want something that is more reliable and has proven security.
Twitterings
Peter's Moblog
Steve Gibson - onde of the foremost security guru's- highly rates the Hamachi security after investigating and speaking to the main developer: Alex Pankatov. You can easily check its seurity by the way. The the RSA keypairs are indeed RSA. The hash for the paswords is indeed secure, etc. The fact it is closed source does not mean its security isn't open: it is. What's more: everyone can verify it.