I will be visiting china soon and need a vpn for my pc. I have seen that as of February 2024 astrill and letsvpn are the most reliable ones. I’m thinking of letsvpn because it’s cheaper but I don’t know if Linux supports it. Has anyone been to china recently and used a vpn on their Linux machine and it works consistently? I currently have openvpn for my Linux machine but I heard it doesn’t work in china anymore.
Any name brand VPN could be blocked at any time. More obscure ones are probably not worth putting on the block list but I probably wouldn’t rely on them.
If you’re familiar with Linux, my solution would probably be to rent a VPS in your home country and setup a VPN server with that. That way there’s no way for them to know you’re using a VPN since only you will be on it.
Edit: Apparently this isn’t enough, packet inspection is a thing and supposedly SSL encryption on https and SSL encryption on OpenVPN is totally detectable.
I would just rent a vps somewhere and use it as a vpn endpoint or just tunnel everything through ssh.
Yeah, using your openvpn is fairly likely to be blocked. There are ways to set up a VPN that somehow avoids the firewall, but it is not as simple as just setting one up on a VPS.
That said, Astrill does have a Linux client, but is quite expensive. LetsVPN does not have one, but can be used through a phone hotspot, but this only makes sense if you are getting an esim with a lot of data anyway. When I was there last summer, both of these VPNs worked and basically nothing else did. I would not expect either of these to respect any sort of privacy (they presumably work through the firewall because they are Chinese), but I figure that’s not why you are looking for the VPN.
For work? Use a throwaway device (mobile, laptop) and after returning, have it cleaned and thrown away. Never use data cables from somebody else, to avoid keyloggers etc.
Don’t take or bring back any hardware/software (including phone). Buy/rent and dispose of. Not worth the risks, the worst of which is perhaps repeatedly locked up - until you disclose the password/encryption method to a file on a device that you know nothing about.
I just used ssh to my home / work servers in Europe and then socks proxy web browser. Even payed vpn not always work. they need good internet connection. At the university internet worked good even without vpn. at home vpn is slow and better results I get with ssh socks proxy. To send pictures / movies I used plain ftp connection. That is what my family use all the time to share data between China and EU. I dont care if someone else sniff it or not.
Good point. Never did the vps way before but I guess it’s something to invest time in.
As far as I’m aware, basic OpenVPN and Wireguard connections are blocked (why would blocking connections using a particular protocol not be possible?). You need to do some more complicated stuff to get it to work apparently and the problem is that you can’t test that until you get into China.
Thankfully not for work.
browser. Even paid vpn not
FTFY.
Although payed exists (the reason why autocorrection didn’t help you), it is only correct in:
-
Nautical context, when it means to paint a surface, or to cover with something like tar or resin in order to make it waterproof or corrosion-resistant. The deck is yet to be payed.
-
Payed out when letting strings, cables or ropes out, by slacking them. The rope is payed out! You can pull now.
Unfortunately, I was unable to find nautical or rope-related words in your comment.
Beep, boop, I’m a bot
OpenVPN and WireGuard are both very simple to get going with no real networking or crypto knowledge required. They both have nice client apps for desktop and mobile too.
Edit: I noticed in your post you said:
I currently have openvpn for my Linux machine but I heard it doesn’t work in china anymore.
OpenVPN is a protocol, it’s not a thing you can block.
Edit 2: Pointed out my mistake above
I didn’t know that but I’ve updated my comment to reflect it. Maybe SSL or SSH proxies would work better as those are protocols that surely could not just be blocked wholesale.