ChaseDS.net

Search

Apple Lightning to USB 3 Camera Adapter Revelation

Haven't had the opportunity to really flesh this one out yet, and there are a ton of UI inconsistencies, but it's true: there is a way to enable Ethernet on iOS devices.

The Apple USB to Ethernet adapter, when plugged into the Lightning to USB 3 adapter, and plugged into power, will work as an ethernet interface. There's no way to check your IP information and the UI keeps crying about turning on WiFi, but it works.

Still Alive.

Still working on it. Good title for a good reason.

Notice

It's been a while and I'm still working on several projects mainly involving the wonderful device that is the Raspberry Pi. However, something more important has piqued my interest lately. With all the FUD about the various three letter agencies, Lenovo, and other bad actors in the air, there are bound to be some enterprising pieces of garbage that will try to work it to their advantage and con innocent people. So this is just a notice to everyone who glances at this site from time to time:

  • If anyone claiming to be the IRS calls you, hang up. It's a scam. They only correspond by USPS. Trust me, I know.
  • Educate yourselves. Whenever anyone calls you out of the blue, try to write as much as you can and then head to snopes to verify their story. It's only gonna get worse from here.

Hope this helps at least one person out there. Cheers!

PirateBox 1.0 Released!

Let me start with a small confession: I was originally going to compile another How-To for installing PirateBox on a TP-Link MR3040 instead of this brief post. However, in the course of researching the procedure, I came across the official announcement of PirateBox 1.0!

Naturally hungry to learn more and admittedly a bit skeptical following the hair-pulling and teeth-gnashing that accompanied the v0.6 install, I looked for the upgrade instructions for the MR3040 on the new PirateBox site. Exactly one episode of House later (binge-watching complete tv series of years past is a new hobby of mine) and the upgrade was done. That's not an exaggeration either; it literally took five minutes to prep the installs and another forty to upgrade both boxes, thirty-nine minutes of which was spent convincing one half of my brain that it wasn't a totally different Hugh Laurie speaking perfect American English in front of me when the other half clearly recalled him in Blackadder and A Bit of Fry and Laurie. Needless to say, the procedure was incredibly simple. Hat's off to David Darts and Matthias Strubel.

On top of a jaw-droppingly simple install process, they went ahead and redesigned the UI and added an image and message forum:

The 0.6 UI
The 1.0 UI

Want some usage cases? Of course you do:

  1. Share files and collaborate with others anonymously, or not, if you prefer
  2. Set up an ad-hoc wireless network for LAN gaming and chatting in your workplace without compromising office machines or using cell phone data plans
  3. Play movies on multiple mobile devices without taking up storage on each device. On long trips and cruises, this was a godsend.
  4. ...etc.

Lately, I find it tough to be impressed by anything. In the age of self-driving cars and facial recognition software running on tiny computers...on your face (meta enough, yet?), it takes something truly unique and wonderful to stand out. That something is PirateBox 1.0. Give it a try. There are worse ways to spend fifty bucks and an hour.

OpenVPN on Demand for iOS Devices

Intro

This project allows iOS users to connect to an OpenVPN server with minimal effort and technical knowledge. Once you create and distribute the .mobileconfig files, clients can securely connect to your VPN from their iOS devices with minimal hassle. This guide is geared towards technically-savvy users.

Disclaimer

I take no responsibility for how you use this guide or any systems you create with its help.

Requirements

For this project, you'll need:

  1. A Mac with Apple Configurator (sorry, App Store link)
  2. A Raspberry Pi model B ($40) with a minimum 8GB SD card and micro-USB power adapter
  3. This tutorial: link
  4. An iOS device for testing

First Steps

  1. Follow the tutorial found here. It's well-written, straightforward, and my contribution comes afterwards anyway. Just be sure you end up with a working .ovpn file afterwards. Test it using the OpenVPN Connect iOS client.
  2. Generate a .p12 file from the private key and crt. Enter this on the pi: openssl pkcs12 -export -in your_private.crt -inkey your_private.key -out new_private.p12
  3. Set up a port forwarding rule on your external firewall to direct all UDP traffic on port 1194 to the Raspberry PI. For most people, this means their Cable or FIOS modem.

iOS Profile Creation

Here, you're gonna use Apple Configurator to create a profile for your devices. This profile can be loaded either by direct USB connection or by .mobileconfig file. If you opt for the second route, please ensure you transfer the file securely, as it will contain the certificates and passwords necessary to connect to your OpenVPN server.

  1. Start the Application and click on the Supervise button on the top
  2. Click the plus sign under the Profiles pane along the right side of the window
  3. Select Create New Profile...
  4. Fill out the General section however you like. Make sure to fill out the name field.
  5. Add the .p12 certificate you created earlier under the Certificates section. Easy.
  6. Next, enter the following variables under the VPN section:
    • Connection Type: Custom SSL
    • Identifier: net.openvpn.OpenVPN-Connect.vpnplugin
    • Server: Your server's public IP address
    • Account: Doesn't matter. Just put anything.
    • Custom Data:
      • ca | The -----BEGIN CERTIFICATE----- through -----END CERTIFICATE----- section from your .ovpn file (with "n" after every line except for the absolute last one. No spaces.)
      • cipher | AES-128-CBC
      • client | NOARGS
      • comp-lzo | value
      • dev | tun
      • key-direction | 1
      • mute | 20
      • mute-replay-warnings | NOARGS
      • nobind | NOARGS
      • ns-cert-type | server
      • persist-key | NOARGS
      • persist-tun | NOARGS
      • proto | udp
      • remote | Your public IP
      • resolv-retry | infinite
      • tls-auth | The -----BEGIN OpenVPN Static key V1---- through -----END OpenVPN Static key V1----- section from your .ovpn file (with "n" after every line except for the absolute last one. No spaces.)
      • verb | 1
    • User: Certificate
    • Credential: Will be the certificate you attached earlier
    • Enable VPN On Demand: Checked
    • Match Domain or Host/On Demand Action: This is the meat and potatoes of VPN On Demand. It will establish the tunnel based on what you put here. To clarify:
      • Match Domain or Host: Fairly easy. The IP Address or Hostname you're trying to connect to. Typically, this is inside your network.
      • On Demand Action: Always Establish/Never Establish/Establish if Needed. Self-explanatory. Except for the last one. It attempts to resolve the host first. If it can't, then your device pins up the tunnel and tries again. This is best used if you use the same DNS entry for internal/external hosts.
    • Disconnect on Idle: Your choice. In my opinion, some apps running in the background or otherwise transmitting network traffic will override this setting.
    • Proxy Setup: None
  7. Click Save and:
    • Load the profile onto iOS device using Configurator by clicking the Prepare button, followed by the Install Profiles... button. Follow the directions. Or...
    • Select the profile you just made and click the Export icon underneath the pane to export it to a .mobileconfig file. Get that file onto an iOS device and you're good to go.
  8. Once the profile's installed on your device, try browsing to a host or IP address you specified in the Match Domain or Host/On Demand Action field. The VPN icon should light up. If you wish to manually disconnect the tunnel, go to the VPN settings in the Settings app and turn it off from there.

Conclusion

Congratulations. You now have OpenVPN On Demand. Bear in mind that some third-party apps may not automatically start the tunnel, so make sure to check your status bar to make sure you're secure and as always, be cautious when using a connection not your own. Happy (safe) surfing.

The Return of the Blog

After a few months of careful coding and editing, it's finally time to welcome Blog2 to the world!

This new engine is much lighter and faster, with less than half the static pages of the previous version. Most of the content has been moved to the backend database and a new system for creating pages and content should make expansion a snap. This marks the first major architectural change since I started the original back in 2005 and it feels good to dust off and restore the old gal.

This time around, I'm going to try to focus more on long-form writing and tutorials. I believe if something is important enough to write about, it should be written about at length; If something is important enough to explain, it should be explained in its entirety. In my experience, there are few things more frustrating and time-consuming than searching for the answer to a problem and only finding snippets of data; it's like panhandling for information.

That covers the obligatory "Welcome-slash-Official Statement of Purpose" post. Time to get started on the good stuff.

-Chris

Photos go here