Creating Self-Hosted VPN Servers With Algo

When the Senate voted to repeal internet privacy rules and allow ISPs to sell data about their customers without consent, recommendations for third-party VPN services increased. These services keep your internet connection on public networks safe and secure, but they shouldn’t be relied upon if you value your privacy. While your internet traffic is encrypted between your device and the VPN service, it’s still being routed—and likely logged—through someone else’s server. Ultimately, you can never know for sure what they do with this data or who has access to it.

Reputable VPN services make this quite clear. Peter Sagerson, one of the co-founders of Cloak, wrote a detailed blog post in 2013 explaining what his service can and cannot do:

Cloak is designed to keep you safe from threats on public and untrusted networks, like at coffee shops, airports, hotels, and conferences. We believe that our policies strike a strong balance for meeting this goal.

This said, we wish to remind you that Cloak is not intended to keep you safe from repressive governments, to provide you with online anonymity, or to otherwise shield you from potential data collection on the Internet at large. We are of the opinion that no third party VPN service is sufficient to meet these goals, regardless of logging policies or legal jurisdiction. If you need true anonymity, or you need to stay safe from repressive regimes, we strongly recommend avoiding all third party VPNs (including Cloak!). Instead, you might consider using something like the TOR Browser Bundle — although even TOR is no panacea.

A self-hosted VPN server is another option worth considering as you have complete control over it. They’re generally not recommended, however, because of the level of complexity in creating and maintaining them. But thanks to security firm Trail of Bits, the entire process can be done automatically.

Algo is an open-source command-line tool that automatically creates a VPN server using any of the supported cloud-hosting platforms. Don’t let the fact that it’s a command-line tool put you off; all it needs is an API key for your chosen platform and answers to a few yes or no questions. The entire process takes less than ten minutes, most of which is spent watching Algo’s various scripts set up and configure the server.

After using Algo, I had a VPN server set up on Digital Ocean that was ready to use immediately. Algo even creates configuration profiles for macOS and iOS so these devices can be automatically configured1.

Each VPN server created with Algo is fully disposable. If you’re concerned there may be some issues with the VPN server you’ve created, or only needed one temporarily, just delete it when you’re done—you can create a new one at any time. This is especially useful as an alternative to ongoing server maintenance since you can simply create and delete VPN servers as needed.

If you use a VPN service or are considering using one, I highly recommend you check out Algo.

  1. Configuration profiles for iOS can only be installed if they were received via email (in Mail) or have a direct link that’s opened using Safari. I used Algo on a Linux server via Coda on my iPad and downloaded the profile, but couldn’t do anything with it until I emailed it to myself and opened the attachment in Mail.