Hide My Ass VPN Review

After years of running my own VPN servers, I finally decided to save costs. After examining some VPN providers, I went with Hide My Ass (HMA). This is a short review of how I got everything working on Debian Squeeze.

HMA provides both openvpn as well as pptp servers. I went with openvpn servers as they are more secure than pptp servers.

Note: Go with openvpn rather than pptp, as pptp can be very easily blocked. In fact many oppressive regimes do. Openvpn with TCP connects over port 443 and traffic is indistinguishable from normal HTTPS traffic, making it very difficult to block.

Account Setup

Account setup with HMA was instant. Registered and paid and got the account details in the email. Rating: Excellent.

Technical Support

The configuration files on this page are enabled for TCP connectivity. TCP works but connection speed is slower than UDP. I emailed support asking for UDP configuration. Support replied in a day and sent me the UDP configuration files, which work fine. Rating: Very Good. Support is not instant, but they do answer to the point, in a day. This is acceptable to me.

Note: There are cases where TCP is the only option that works, as some administrators block UDP connectivity. Try and see which one works for you.

Speed and Stability

Servers are very stable. Connections are fast. I have been connected to a VPN server for about 10 hrs at a stretch today and there has not been any disconnection. I am on a 4 Mbps plan [4 Mbps down with about 1 Mbps up] with my ISP. Testing from London/Amsterdam/Frankfurt gives me an average 3.6 Mbps down with 626 Kbps up. Quite good.

All videos from Youtube/Godtube/Vimeo play smoothly.

Setting up on Debian Squeeze

Perform the following steps in order to get your connection working. All steps are to be performed as root.

First, install openvpn [apt-get install openvpn.]

Extract the zip file [either downloaded from here (for TCP) or the one that support sent by email for UDP, into /etc/openvpn/. I created a new folder called HMA and put them inside that folder. In my case, the path to the configuration files is /etc/openvpn/HMA.

The configuration files are setup to ask for the username and password of your HMA account each time you connect. I wanted my connection automated - connect at boot automatically. To do this:

Create a file say password.txt [call it anything you want] in the same folder as your configuration files. Enter the username on the first line and the password on the second line. Save the file and exit.


Note: Take care to ensure that there is nothing else in the password file.

Open the configuration file you want to use, and change the following line:

auth-user-pass

to

auth-user-pass password.txt

Substitute the correct path and filename of the password file as necessary.

Disable the openvpn service from running automatically by executing the command:

update-rc.d -f openvpn remove

Next, edit /etc/rc.local and add the following line before the exit statement.

/usr/sbin/openvpn [config-file]

Substitute the correct configuration file for [config-file].

Save and exit the file.

Ensure that rc.local runs at boot time by executing the command:


update-rc.d -f rc.local defaults

/etc/rc.local should normally run at boot time. Since we have added openvpn to it, the connection should automatically be started.

As I said earlier, connections are very stable. In the event of a disconnection, openvpn should automatically re-connect.

Just in case, openvpn does not reconnect, here is a script that you can add to your cron job to make it connect again.

Save the following script as vpn_restart.sh [I have saved it in /usr/bin/].

#! /bin/bash

#uncomment the line for debug_out you want to use
#use /dev/stdout only when not calling from cron
debug_out=/dev/null
#debug_out=/dev/stdout
logger_opts="-t $0"
if [ "$debug_out" = "/dev/stdout" ]
then
logger_opts="$logger_opts -s"
fi

tun_up=`/sbin/ifconfig -a | grep tun0 | cut -d ' ' -f1`

if [[ $tun_up == "tun0" ]]
then
echo "Connection ok" > /dev/null

else
echo "Connection lost" | logger $logopts
/usr/sbin/openvpn [config-file]

fi

Substitute the relevant file and path for [config-file].

Make the script executable by running chmod +x vpn_restart.sh

All this script does is to check if interface tun0 (the vpn interface) is up. If not, it calls openvpn to reconnect.

Run crontab -e and add it as follows:

0-59/10 * * * * /usr/bin/vpn_restart.sh

The 10 indicates that the script runs every 10 minutes. Change it to whatever you desire.

To start openvpn without restarting the system:

Open a terminal and run: /sbin/openvpn [config-file]

You should be connected. Enjoy fast, safe, encrypted connections.

Advanced Setup

Since HMA allows server switching, I have set up openvpn to automatically connect to a random fast server at boot and also if it reconnects after disconnection (through the CRON JOB as indicated above).

Here is how to do this:

Edit the desired configuration files you want to use, to pass the username and password automatically to the server, as indicated above.

Copy the edited files to a separate directory (say /etc/openvpn/FINAL). Rename the files as CONN0.ovpn, CONN1.ovpn etc.

Save the following shell script as random_connection.sh in that directory.

#!/bin/bash
t1=$((`cat /dev/urandom|od -N1 -An -i` % 4))
/usr/sbin/openvpn /etc/openvpn/FINAL/CONN$t1.ovpn

The second line uses urandom to generate a random number between 0 and 4 in my example. Change the 4 to the number of files you have named as CONN in that directory.

Edit /etc/rc.local and change the openvpn line to:

sh /etc/openvpn/FINAL/random_connection.sh

Similarly change the openvpn line in vpn_restart.sh

Restart your system and enjoy.


Written by Michael R.M. David

VN:F [1.9.22_1171]
Rating: 9.9/10 (7 votes cast)
Hide My Ass VPN Review, 9.9 out of 10 based on 7 ratings

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

12 visitors online now
0 guests, 12 bots, 0 members
Max visitors today: 15 at 03:16 am UTC
This month: 41 at 08-01-2014 06:50 am UTC
This year: 44 at 02-10-2014 11:09 am UTC
All time: 269 at 12-05-2012 07:53 am UTC