Closed How to set up vps ssh + proxy/squid3 using debian7

[jenskiebee]

Alam ko meron na diba pero iba naman ito using for debian and setting with security proxy.

Para sa mga gusto ng own server ssh and remote proxy/squid.

You do not have permission to view the full content of this post. Log in or register now.
register here add credits para maka gawa ng own server.
pde gamitin ang payment dito:

• Credit Card
• Paypal
• Bitcoin
• Alipay

pag okay na may balance credits kana. PROCEED na tayo sa steps

click mo + to add server:

select server location. Note: ikaw bahala kung ano server location mo gusto

select server type sympre un debian tayo kase for debian7 TUT natin.

select server size. ikaw bahala kung ano size depende sa location kung meron $2.50 na open kase iba close tulad nito kase puno na un server nila for $2.5 nila for SG location server. im selecting $5.00 muna
NOTED: wag ka mag alala per hour deduction nito kahit anong oras pde mo burahin server mo.


next last para created server na.
server hostname & label lagay ka kahit ano gusto mo hostname/label.
then deploy wait mo lang matapos steps niya INSTALLING to MANAGE.

manage server click mo para makita mo un IP at password mo.

then use bitvise ssh client for pc to manage server set up
or juiceSSH for android device to manage server set up

LOG IN muna tayo sa server kunin mo details:

• IP address
  
• username default: root
• password
• default port niya: 22

un nsa bilog click mo lang para ma copy na agad.



use apps bitvise ssh client or juiceSSH.


then log in mo na lalabas ito parang cmd niya.

at ito sftp window, rightside is un mga file ng server mo.

use natin command/cmd ng server.
before change password natin muna un server para madali access..

type this command:
passwd
--enter mo lalabas un Enter new UNIX password:
--lagay ka ng password mo. ex. phcjenskiebee ----enter again
--Retype new UNIX password: phcjenskiebee ---enter again
passwd: password updated successfully
after nyan pag mag log in ka new password na gagamitin mo para madali at TANDA mo.




PART 1

Now mag start na tayo for ssh server.

add new port ssh server add tayo ng 443.
but pde naman di na mag add kase meron na tayo port 22 pde naman gamitin un as DEFAULT

type this command:
nano /etc/ssh/sshd_config
--enter


bandang una lang naman add mo.
port 443 at un default port 22 na.

ctrl+o to save enter
ctrl+x exit. balik sa main

then add tayo ng new user for ssh para magamit natin sa injector.
type this command for add user:
useradd "username mo gusto" ----enter mo
ex. useradd phcjenskie

type this command for fill the password for username phcjenskie:
passwd "username mo gusto" ----enter mo
ex. passwd phcjenskie
Enter new UNIX password: "di nakikita pag nag type ng password"
Retype new UNIX password: "di nakikita pag nag type ng password"


Meron kana account sa SSH server pde muna gamitin sa injector tapos pulot ka ng mga RP/squid dyan.
at sa part 2 dun nadin natin lagyan ng monitor kung ilang mb na gagamit mo sa port ng ssh account mo.

PART 2

Now gagawa naman nayo ng squid/rp mong sarili para di kana namumulot with password.
and ma check mo kung ilang mb na nagamit ng RP/squid.

installing squid3/RP
first update muna tayo.
type this command:
apt-get update && apt-get upgrade -y
---enter mo

type this command:
apt-get install squid3 apache2-utils -y
---enter mo
wait mo lang matapos pag may ok na.


mag add tayo ng files sa loob ng squid3 folder niya with account security.
type this command:
htpasswd -c /etc/squid3/passwd "USERNAMEn gusto mo sa squid3/rp" ---enter mo
ask new password for squid.
ex. htpasswd -c /etc/squid3/passwd jenskiebee

palitan natin ng permission un files na dinagdag natin sa squid forder para maaccess siya.
type this command:
chmod 777 /etc/squid3/passwd

edit natin un config ng squid para new script
pero backup muna tayo ng script
type this command to back up script:
cp /etc/squid3/squid.conf /etc/squid3/squid.conf.bak

type this command to erase content script:
echo '' > /etc/squid3/squid.conf

type this command to write new script:
nano /etc/squid3/squid.conf
lilitaw dyan blank wala naka sulat. then paste mo ito dyan lahat

UPDATED: NOW 2 TYPES OF SQUID/RP
1.THIS SQUID SET UP WITH USERNAME AND PASSWORD - un password at username ito set niyo bago edit un squid file.

http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow localhost
http_access allow password
http_access deny all
forwarded_for off

2.THIS SQUID SET UP IS ONLY YOUR IP CAN USE - no need username and password because the set up of allow ip only. NOTE: please read the read letter

http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl vpnservers dst 45.024.14.24
#45.024.14.24 palitan mo ip na ito sa ip na gagamitin mo or un vps server ip mo.
acl vpnservers dst 127.0.0.1

acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
#auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
#auth_param basic realm Squid proxy-caching web server
#auth_param basic credentialsttl 2 hours
#acl password proxy_auth REQUIRED
http_access allow localhost
#http_access allow password
#http_access deny all
http_access allow vpnservers
http_access deny !vpnservers


http_access allow all
forwarded_for off



ctrl+o to save enter
ctrl+x exit. balik sa main

restart natin un squid3/rp natin
type this command:
/etc/init.d/squid3 restart
lalabas dyan un waiting medyo matagal mga 2mins.
hanggang sa lumitaw un OK

tandaan mo username at password at port ng squid3/rp mo, IP ng squid3/rp un vps mo na mismo.


Last para malaman mo kung ilang MB/GB/TB na ang na-allocate mo set tayo ng ip tables.


type this command:
for port 3128:
iptables -I OUTPUT -p tcp --sport 3128 -j DROP && iptables -I OUTPUT -p tcp --sport 3128 -m quota --quota 500000000000 -j ACCEPT

for port 8080:
iptables -I OUTPUT -p tcp --sport 8080 -j DROP && iptables -I OUTPUT -p tcp --sport 8080 -m quota --quota 500000000000 -j ACCEPT

for port 443:
iptables -I OUTPUT -p tcp --sport 443 -j DROP && iptables -I OUTPUT -p tcp --sport 443 -m quota --quota 500000000000 -j ACCEPT

for port 22:
iptables -I OUTPUT -p tcp --sport 22 -j DROP && iptables -I OUTPUT -p tcp --sport 22 -m quota --quota 1000000000000 -j ACCEPT

to check kung ilang mb na un sila.
type this command:
iptables -nvL -t filter --line-numbers

to reset capacity all port:
type this command:
iptables -Z OUTPUT


-----------------------------------------------------------------------
Additional tips kung wala ng nakaka access ng squid3/Rp
tapos bigla nag off un squid3/port lagyan natin ng set time auto restart un squid3/rp natin.

tama muna natin un date and time for location.
type this command:
dpkg-reconfigure tzdata

check mo date natin sa server.
type this command:
date
kung mali set mo ito ayusin mo nlang kung anong oras na.
type this command:
date --set 16:30:00

pag okay na date at time.


type this command:
crontab -e
paste mo ito sa pinaka baba last part 12am ng madaling araw mag rerestart ang squid3/RP.
00 * * * * /etc/init.d/squid3 restart >> /var/log/r-squid3.log 2>&1

ctrl+o to save enter
ctrl+x exit. balik sa main


sana may natutunan ka heheh kahit sobrang haba nito.



hits like and follow me.
thank you.

phcorner By jenskiebee.

 

[PHC-WANGzki]

thanks for effort

 

[Kaidus]

Yeah, thanks sa info TS

 

[gong gong gong]

yeah ty

 

[Miz_Me]

Ok sana kaso wala ako ng payment options na yan.

• Credit Card
• Paypal
• Bitcoin
• Alipay

 

[jenskiebee]

Ok sana kaso wala ako ng payment options na yan.

• Credit Card
• Paypal
• Bitcoin
• Alipay

mdali lang yan kahit sa gcash card pde yan
mastercard.

 

[Miz_Me]

mdali lang yan kahit sa gcash card pde yan
mastercard.

Di pwede sa paymaya sir?

 

[mongarcia]

salamat sa share bos bos pano sa smart padala?

 

[PHC-Cute]

Wow nkakatakot subukan he he.. Yan nga un eh.. My bayad !

 

[PHC-NyX]

salamat dito...

 

[Clay_dropdead]

sir tanong ko lang ano pwedeng paggamitan ng mga software dto sa tinuro nyo na pang pc para maka connect

 

[risjohn]

Medyo mahaba at challeging kaso walang pang-deposit hehehe, anyway salamat sa tutorial ts..

 

[jenskiebee]

Di pwede sa paymaya sir?

din ko lang alam pde paymaya dyan... bsta dapa may card.

 

[jenskiebee]

salamat sa share bos bos pano sa smart padala?

walang smart padala dyan.. LOL

 

[jenskiebee]

sir tanong ko lang ano pwedeng paggamitan ng mga software dto sa tinuro nyo na pang pc para maka connect

connect for what po?

 

[jenskiebee]

Wow nkakatakot subukan he he.. Yan nga un eh.. My bayad !

di naman nkakatakot. yan hahahaha di naman isang saglit mawawala un pera mo dyan ..

NOTED: wag ka mag alala per hour deduction nito kahit anong oras pde mo burahin server mo.

 

[PHC-Cute]

di naman nkakatakot. yan hahahaha di naman isang saglit mawawala un pera mo dyan ..

NOTED: wag ka mag alala per hour deduction nito kahit anong oras pde mo burahin server mo.

Matagal na gusto ko gumawa nan vultrserver sir.. Nag iipon lang ako ng btc

 

[DoNotDisturb]

pwede rin ba sa shadowsocks to master?

 

[jenskiebee]

pwede rin ba sa shadowsocks to master?

vps pede rin gumawa nyan meron din ako tut nyan... pde ko pag samahin ang ssh at shadowsocks sa isang vp mo

 

[jenskiebee]

Matagal na gusto ko gumawa nan vultrserver sir.. Nag iipon lang ako ng btc

di ko lng alam kung mahal pag btc payment dyan dati gusto ko mag try parang mas mahal