GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nknorg → nconnect

nknorg / nconnect

Licence: Apache-2.0 License
Securely connect to remote machines without the need of any server, public IP address, or publicly exposed ports.

Programming Languages

go
31211 projects - #10 most used programming language
Vue
7211 projects
javascript
184084 projects - #8 most used programming language
Makefile
30231 projects
SCSS
7915 projects
Dockerfile
14818 projects

Labels

networkingblockchainp2pvpnsdndecentralizationnkn

Projects that are alternatives of or similar to nconnect

husarnet
Husarnet is a Peer-to-Peer VPN to connect your laptops, servers and microcontrollers over the Internet with zero configuration.
Stars: ✭ 128 (+236.84%)
Mutual labels:  p2p, vpn, sdn
Zerotierone
A Smart Ethernet Switch for Earth
Stars: ✭ 7,839 (+20528.95%)
Mutual labels:  vpn, sdn, decentralization
Space Daemon
The Space Daemon packages together IPFS, Textile Threads/Buckets, and Textile Powergate (Filecoin*) into one easy to install Daemon to make it easy to build peer to peer and privacy focused apps.
Stars: ✭ 151 (+297.37%)
Mutual labels:  p2p, decentralization
Unstoppable Wallet Android
A secure and decentralized Bitcoin and other cryptocurrency wallet for Android phones. Supports Bitcoin, Ethereum, EOS, Binance Chain, Bitcoin Cash, DASH, ...
Stars: ✭ 165 (+334.21%)
Mutual labels:  p2p, decentralization
Pjon
PJON (Padded Jittering Operative Network) is an experimental, arduino-compatible, multi-master, multi-media network protocol.
Stars: ✭ 2,615 (+6781.58%)
Mutual labels:  p2p, decentralization
Hyperfeed
decentralized rss publishing
Stars: ✭ 60 (+57.89%)
Mutual labels:  p2p, decentralization
I2pd
🛡 I2P: End-to-End encrypted and anonymous Internet
Stars: ✭ 1,796 (+4626.32%)
Mutual labels:  p2p, vpn
Gnb
GNB is open source de-centralized VPN to achieve layer3 network via p2p with the ultimate capability of NAT Traversal.GNB是一个开源的去中心化的具有极致内网穿透能力的通过P2P进行三层网络交换的VPN。
Stars: ✭ 225 (+492.11%)
Mutual labels:  p2p, vpn
Gateway
🏰 Serving distributed Web Annotations from the decentralized web
Stars: ✭ 25 (-34.21%)
Mutual labels:  p2p, decentralization
v-switch
Virtual Encrypted Switch across the network, using UDP + AES + TAP
Stars: ✭ 27 (-28.95%)
Mutual labels:  vpn, sdn
zero-ui
ZeroUI - ZeroTier Controller Web UI - is a web user interface for a self-hosted ZeroTier network controller.
Stars: ✭ 432 (+1036.84%)
Mutual labels:  vpn, sdn
Design Document
Architectural specification and design of p2🐼
Stars: ✭ 56 (+47.37%)
Mutual labels:  p2p, decentralization
Toxic
An ncurses-based Tox client (please make pull requests on the development fork: https://github.com/toktok/toxic)
Stars: ✭ 987 (+2497.37%)
Mutual labels:  p2p, decentralization
Hive
Fast. Scalable. Powerful. The Blockchain for Web 3.0
Stars: ✭ 142 (+273.68%)
Mutual labels:  p2p, decentralization
Dat React Native
Browse through the web with the Dat protocol in your device!
Stars: ✭ 25 (-34.21%)
Mutual labels:  p2p, decentralization
Unstoppable Wallet Ios
A secure and decentralized Bitcoin and other cryptocurrency wallet for iPhone. Supports Bitcoin, Ethereum, EOS, Binance Chain, Bitcoin Cash, DASH, ...
Stars: ✭ 180 (+373.68%)
Mutual labels:  p2p, decentralization
ipvpn
[WIP] Easy-to-use decentralized secure overlay private network (for any device)
Stars: ✭ 24 (-36.84%)
Mutual labels:  p2p, vpn
Go Spacemesh
Go Implementation of the Spacemesh protocol full node. 💾⏰💪
Stars: ✭ 389 (+923.68%)
Mutual labels:  p2p, decentralization
Vpncloud
Peer-to-peer VPN
Stars: ✭ 708 (+1763.16%)
Mutual labels:  p2p, vpn
Agregore Browser
A minimal browser for the distributed web
Stars: ✭ 229 (+502.63%)
Mutual labels:  p2p, decentralization
View All Similar Projects ➔

nConnect

GitHub license Go Report Card Build Status PRs Welcome

nConnect allows you to securely connect to remote machines without the need of any server, public IP address, or publicly exposed ports. It features end to end encryption for top level security, and multi-path aggregation for maximum throughput.

nConnect provides several modes. When using the VPN mode, any TCP-based application that works in the same local network will continue to work remotely as if those machines are in the same local network. A TUN device mode and a SOCKS proxy mode are also available for advanced users.

nConnect uses nkn-tunnel for end to end tunneling, thus benefits from all the advantages of nkn-tunnel:

  • Network agnostic: Neither sender nor receiver needs to have public IP address or port forwarding. NKN tunnel only establish outbound (websocket) connections, so Internet access is all they need on both side.

  • Top level security: All data are end to end authenticated and encrypted. No one else in the world except sender and receiver can see or modify the content of the data. The same public key is used for both routing and encryption, eliminating the possibility of man in the middle attack.

  • Decent performance: By aggregating multiple overlay paths concurrently, one can usually get much higher throughput than direct connection. Even using the free mode, one can still get <100ms end to end latency and 10+mbps end to end throughput.

  • Everything is open source and decentralized. The default free mode is, suggested by its name, free of charge (If you are curious, node relay traffic for clients for free to earn mining rewards in NKN blockchain); while in tuna mode, nConnect (server mode) will pay NKN token directly to relay service providers.

Build

make

Usage

nConnect needs to be started in either server or client mode, server mode allows incoming connections from client mode.

When started for the first time, nConnect will generate a config file config.json in the current working directory. This file contains your private key and should not be shared.

When started in server mode, nConnect might generate some data files in the current working directory. You will also need the directory web located in the current working directory if admin web dashboard is enabled.

Server Mode

The minimal arguments to start nConnect in server mode is just

./nConnect -s

But most of the times you might want to start nConnect server with a few useful arguments:

./nConnect -s --tuna --admin-http 127.0.0.1:8001

  • --tuna enables tuna mode, which gets much better performance but requires you to purchase data plan (you can find the link in admin web dashboard). This argument is required if you want to be compatible with nConnect mobile and desktop clients.

  • --admin-http 127.0.0.1:8001 starts the admin web dashboard at http://127.0.0.1:8001. You can visit this address in your browser to change various config (e.g. access control), bind with nConnect mobile client, etc. Do not make this port public as anyone who can access this endpoint can change your configuration. If you want best security, disable the admin dashboard once you have done using it.

Access Control

Before you can connect from nConnect client mode, you need to add your nConnect client address (see Get Your Client Address for how to get it) to allowed addresses. You can do it using the admin web dashboard, or manually edit the config.json file, which will be generated after first run.

There are two lists of allowed address:

  • Accept address: address in this list will be able to connect to nConnect server.

  • Admin address: address in this list will be able to connect to nConnect server and manage nConnect server config and permissions (import/export account, view/change accept addresses and admin addresses, etc).

Items in each list are regular expressions. If you want to add a nConnect client public key to the list, it is important that you add $ to the end to match the public key part. For example, ad37e248005113dd42be15a4885e6446e9e23f35537dfa6c584f2563a7e8f96d$ will allow any address using this public key, such as ad37e248005113dd42be15a4885e6446e9e23f35537dfa6c584f2563a7e8f96d and nkn.ad37e248005113dd42be15a4885e6446e9e23f35537dfa6c584f2563a7e8f96d.

Get Your Server Address

You will need your nConnect server address in order to connect from nConnect client. You can get your server address using:

./nConnect -s --address

which can be passed to the -a argument on the nConnect client side.

Client Mode

Before connecting to nConnect server, you will first need to set up nConnect server side correctly. Make sure you have done these:

When starting nConnect in client mode, you have a few sub-modes as options:

  • VPN Mode: TCP connections made to nConnect server's local IP address will be captured transparently and tunneled to nConnect server. Most applications will work without any further configurations.

  • TUN Device Mode: create a TUN device, TCP connections routed via this device will be tunneled to nConnect server.

  • SOCKS Proxy Mode: create a local SOCKS proxy, TCP connections routed through this proxy will be tunneled to nConnect server.

VPN Mode

Start nConnect client in VPN mode requires root privilege in most cases:

sudo ./nConnect -c -a <server-addr> --tuna --vpn

Replace <server-addr> with the server address you get in Get Your Server Address, and add --tuna only if nConnect starts with --tuna as well.

In the console you should see one or more Adding route <local-ip>/32. You can then connect to server machine using any one of these local IP addresses as if they are in the same local network, e.g. ssh user@<local-ip>.

By default all local IP addresses on the server machine will be added to routes, but you can manually specify which IP or IP range you would like to route through the VPN using --vpn-route arguments. Use ./nConnect -h for all available arguments.

If you start multiple nConnect clients in VPN mode, make sure to use different subnets for both --tun-addr and --tun-gateway (e.g. 10.0.86.X for one client, 10.0.87.X for another client).

If you are using windows, you will need to install the network adaptor driver and change adaptor info beforehand. The simplest way of doing that is to install nConnect client for windows before using nConnect command line version.

TUN Device Mode

Start nConnect client in TUN mode requires root privilege in most cases:

sudo ./nConnect -c -a <server-addr> --tuna --tun

Replace <server-addr> with the server address you get in Get Your Server Address, and add --tuna only if nConnect starts with --tuna as well.

After nConnect client is started, the TUN device will be up and running. TCP connections routed via this device will be tunneled to nConnect server. You will need to modify system routing table yourself to determine what traffic should be routed through the TUN device.

You can also change the name, IP, etc of the TUN device. Use ./nConnect -h for all available arguments.

If you start multiple nConnect clients in TUN device mode, make sure to use different subnets for both --tun-addr and --tun-gateway (e.g. 10.0.86.X for one client, 10.0.87.X for another client).

If you are using windows, you will need to install the network adaptor driver and change adaptor info beforehand. The simplest way of doing that is to install nConnect client for windows before using nConnect command line version.

SOCKS Proxy Mode

./nConnect -c -a <server-addr> --tuna

Replace <server-addr> with the server address you get in Get Your Server Address, and add --tuna only if nConnect starts with --tuna as well.

After nConnect client is started, a SOCKS proxy will be listening at 127.0.0.1:1080. TCP connections routed through this proxy will be tunneled to nConnect server. You can change the SOCKS proxy listening address using -l argument. Use ./nConnect -h for all available arguments.

Get Your Client Address

You will need your nConnect client address to add to allowed addresses on nConnect server side. You can get your client address using:

./nConnect -c --address

The address typically contains one or more dot, with the part after last dot being your client public key.

Use pre-built Docker image

Prerequirement: Have working docker software installed. For help with that *visit official docker *docs

We host latest Docker image on our official Docker Hub account. You can get it by

$ docker pull nknorg/nconnect

and run it with

docker run --rm -it --net=host -v ${PWD}:/nConnect/data nknorg/nconnect

followed by the command line argument you want to add.

Contributing

Can I submit a bug, suggestion or feature request?

Yes. Please open an issue for that.

Can I contribute patches?

Yes, we appreciate your help! To make contributions, please fork the repo, push your changes to the forked repo with signed-off commits, and open a pull request here.

Please sign off your commit. This means adding a line "Signed-off-by: Name " at the end of each commit, indicating that you wrote the code and have the right to pass it on as an open source patch. This can be done automatically by adding -s when committing:

git commit -s

Community

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].