Araz Gholami

Due to extreme internet censorship in my region, I was forced to find a way to connect to free internet in the past few mounts. In a world where none of the other VPNs like ExpressVPN or OpenVPN or even v2ray/shadowsocks works, You have no choice other than being creative. In this tutorial, I’m going to explain to you how to use SSH tunneling as VPN as simply as I can.

First of all, You need a simple and pure VPS in the closest place to your region that you can buy. Make sure the IP address of your VPS is not already blocked in your ISP. (Yeap, all IPs of Digital Ocean, Google Cloud, and many more are already blocked in my region.)

For that, after buying a new VPS, simply type this command in your CLI (Works on Mac/Linux/Windows) and make sure you have no packet lost and your connection to that server is fast.

ping YOUR_VPS_IP_ADDRESS
# Example:
ping 250.240.230.220

# Response:
araz@Kevin:~$ ping 250.240.230.220
PING 250.240.230.220 (250.240.230.220) 56(84) bytes of data.
64 bytes from 250.240.230.220: icmp_seq=1 ttl=51 time=64.5 ms
64 bytes from 250.240.230.220: icmp_seq=2 ttl=51 time=65.7 ms
64 bytes from 250.240.230.220: icmp_seq=3 ttl=51 time=65.8 ms
64 bytes from 250.240.230.220: icmp_seq=4 ttl=51 time=63.7 ms
64 bytes from 250.240.230.220: icmp_seq=5 ttl=51 time=134 ms
64 bytes from 250.240.230.220: icmp_seq=6 ttl=51 time=63.4 ms
64 bytes from 250.240.230.220: icmp_seq=7 ttl=51 time=63.5 ms
64 bytes from 250.240.230.220: icmp_seq=8 ttl=51 time=71.8 ms
^C
--- 250.240.230.220 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7012ms
rtt min/avg/max/mdev = 63.361/74.059/134.152/22.858 ms

Trust me, that’s awesome ping in here.

Well, now we’re sure that this VPS will work perfectly for VPN and we should find a client for our pc/mobile/tv to connect to this server.

For Mac and Linux:
You can use sshuttle. Simply run this command in your CLI to install it.

# Linux:
sudo apt install sshuttle

# Mac:
brew install sshuttle

Now you can tunnel your whole system connection (including DNS requests) to your VPS server with this command.

sshuttle -vHr USERNAME@YOUR_VPS_IP_ADDRESS 0.0.0.0/0 --dns --no-latency-control

# Example:
sshuttle -vHr [email protected] 0.0.0.0/0 --dns --no-latency-control

# Example with Auto-Password:
echo YOUR_ROOT_PASSWORD | sshpass -p YOUR_ROOT_PASSWORD sshuttle -r [email protected] 0/0 -x 250.240.230.220 --dns --no-latency-control --ssh-cmd "sshpass -p YOUR_SERVER_PASSWORD ssh"

Note: You should tunnel your DNS requests to prevent DNS blocking by your ISP.

Note 2: You may notice that sshuttle asks for root password of client and ssh password of server every time. You can automate it using “#Example with Auto-Password” above.

Note 3: You can set an alias for whole command and save it in ~/.bashrc (in Ubuntu; Search web for Mac bashrc).

That’s it, now you have access to free internet. You can confirm it by searching for what is my IP on Google.

For Windows:
Simply install the Bitvise SSH Client, set your credentials, and in Configuration Tab, set Dynamic Port Forwarding on with default values.

Enabling UDP Protocol for Whatsapp calls or Online games:

Login to your VPS using the SSH command and run this:

wget -O /usr/bin/badvpn-udpgw "https://raw.githubusercontent.com/daybreakersx/premscript/master/badvpn-udpgw64"

Then edit this file using Nano editor:

nano /etc/rc.local

And put this code block inside, then save the file using Cmd+X, Y, and Enter:

#!/bin/sh -e
screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300
exit 0

Now enable UDP using:

chmod +x /etc/rc.local && chmod +x /usr/bin/badvpn-udpgw && systemctl daemon-reload && sleep 0.5 && systemctl start rc-local.service && screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300

Clients For iOS:

• RocketTunnel (Suggested)
• Npv Tunnel (Includes Ads)

Client for Android and Android TV:

• Npv Tunnel
• HTTP Custom (Not tested by myself)

That’s it. Enjoy and if you have any questions please let me know.