Where communities thrive

  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
Repo info
    David Myers
    I suppose you could put the Algo directory on your PATH, though I haven't tried to run it that way. But it greatly simplifies the documentation to have everything be relative to the Algo directory.
    So having to run ./algo is as intended? @davidemyers
    David Myers
    Yes. Also most people don't have the current directory . on their PATH, which is why the ./ is needed.
    That makes sense, thanks David :)
    hi to all...didn't found the info so.. how many users does the server "support"?
    I saw that you can create up to 250 users in one go, but after that you can edit the "file" and add more or?
    David Myers
    The wording in config.cfg is unclear and Algo's user management abilities are limited. In reality you can create up to 254 users on any given AlgoVPN after which WireGuard connectivity will fail, even if you delete users to make room for more. It doesn't matter how many times you add or remove users, or how many you add or remove at one time.
    Hi, I have a trouble with Hetzner cloud deployment.
    Looks like can't reach server, but ping works.
    Changing region didn't help.
    Could someone help?
    Mark Sta Ana
    Folks, asides checking MTU size is there anything else I can do to troubleshoot why a wireguard profile has stopped working? It was working last Friday. Other profiles are working fine. The DNS server is the same for working and non-working profiles so it's unlikely it's related to #1783
    Mark Sta Ana
    Ah discovered client logs, looks some handshaking error (possible timeout) with peer, will do some googling.


    work around described in this issue works trailofbits/algo#1833

    Mark Sta Ana
    re: peer-related handshaking errors that are only happening to some profiles. I think the fix might be to cycle the Algo server. I created a new profile (was worried I might run out) via update-users. The broken profile started working again. :shrug:
    X X
    Hi all. I am using latest version of algo (cloned from git @ master) on Fedora 32 with NetworkManager, using Strongswan/Ipsec. I am able to connect to VPN server, but no traffic seems to be routing through it. I checked at whoer.net and it still shows my IP address. This was working without problems on Fedora 31, but now cant seem to get it to work. Any ideas?
    Parth Shah
    Hi I am getting below error:
    An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ModuleNotFoundError: No module named 'azure.mgmt.automation'
    fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (ansible[azure] (azure >= 2.0.0)) on vm-for-hotstar's Python /home/parth494/newhot/algo/.env/bin/python3. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}
    David Myers
    @parth494 Issue #1881 has something to do with Algo using an out-of-date library for Azure. Does the solution suggested for that issue work for you?
    if deployed algo without adblocking and want to turn it on, what are my actions? I saved SSH keys.

    Is there a reason it keeps insisting on including Ubuntu-specific items on the install (I'm running openSUSE that has zypper, but it keeps trying to run apt-get for python3-apt - none of which makes sense for my system)? I see files for zypper and dnf - but I'm not familiar with python to even try to troubleshoot it. I have tried running this in python2 and python3, neither seems to work.
    --> Please include the following block of text when reporting issues:

    Algo running on: openSUSE Leap 15.2
    ZIP file created: 2020-09-27 06:54:48.000000000 -0400
    .env/bin/python3 not found: has 'python3 -m virtualenv ...' been run?
    Runtime variables:
    algo_provider "local"
    algo_ondemand_cellular "False"
    algo_ondemand_wifi "False"
    algo_ondemand_wifi_exclude "X251bGw="
    algo_dns_adblocking "False"
    algo_ssh_tunneling "True"
    wireguard_enabled "False"
    dns_encryption "False"

    I see:
    TASK [common : Check the system] *
    ok: [localhost]
    included: /srv/vpn/algo-master/roles/common/tasks/ubuntu.yml for localhost

    and a while later:
    [WARNING]: Updating cache and auto-installing missing dependency: python3-apt
    fatal: [localhost]: FAILED! => {"changed": false, "cmd": "apt-get install --no-install-recommends python3-apt -y -q", "msg": "The flag --no-install-recommends is not known.", "rc": 2, "stderr": "The flag --no-install-recommends is not known.\n", "stderr_lines": ["The flag --no-install-recommends is not known."], "stdout": "", "stdout_lines": []}

    David Myers
    You can only turn an instance of Ubuntu Server into an AlgoVPN, as documented here and specified in the prompt you chose:
    Install to existing Ubuntu 18.04 or 20.04 server (for more advanced users)
    There are instructions included for other flavors (RedHat / CebtOS and Fedora if memory serves) with an alternate file download, which is why I ask.
    David Myers
    You can install and run Algo on other flavors of Linux and use it either to create an AlgoVPN at a supported cloud provider, or to configure an Ubuntu Server instance you've already created as an AlgoVPN (via SSH).
    Put another way, where the Algo scripts get run is often a separate system from the one that gets turned into the VPN server.
    But the system that gets turned into the VPN server always runs Ubuntu Server.
    Klaus Helenius

    I managed to install Algo on my VM by just adding following simple setup to cloud-config

    # local install
    export METHOD=local
    export STORE_PKI=true
    export DNS_ADBLOCKING=true
    export ENDPOINT=${server_ip}
    export USERS=warbaque
    curl -s https://raw.githubusercontent.com/trailofbits/algo/master/install.sh | sudo -E bash -x

    How do I get remote install with using docker container to work? I've tried with similar config

    docker run --cap-drop=all -it -e "ALGO_ARGS=${ALGO_ARGS}" -v /tmp/algo:/data trailofbits/algo:latest

    It hangs during playbooks/cloud-post.yml waiting for connection.
    Where should I put the ssh keys?



    I am trying to install Algo on Windows (WSL) Ubuntu 20.04 LTS. But after installing all the required dependencies and edit the config as per requirements. I get the below error after running the deployment.

    fatal: [localhost]: FAILED! => {"changed": false, "msg": "non-zero return code", "rc": 1, "stderr": "sudo: a password is required\n", "stderr_lines": ["sudo: a password is required"], "stdout": "", "stdout_lines": []}

    How can I solve this problem?

    I fixed the above issue by starting the ./algo with sudo. But now having another error in the middle of deployment.
    TASK [common : systemd services enabled and started] ****************************************************************************************************************************************************************************************
    failed: [localhost] (item=systemd-networkd) => {"ansible_loop_var": "item", "changed": false, "item": "systemd-networkd", "msg": "failure 1 during daemon-reload: System has not been booted with systemd as init system (PID 1). Can't operate.\nFailed to connect to bus: Host is down\n"}
    failed: [localhost] (item=systemd-resolved) => {"ansible_loop_var": "item", "changed": false, "item": "systemd-resolved", "msg": "failure 1 during daemon-reload: System has not been booted with systemd as init system (PID 1). Can't operate.\nFailed to connect to bus: Host is down\n"}
    included: /home/farman/algo/playbooks/rescue.yml for localhost";
    David Myers
    You can't turn an instance of Ubuntu Server running under WSL into an AlgoVPN. That's mentioned here.
    Klaus Helenius

    does this mean that it doesn't connect with ssh to custom ubuntu machine?

          - { name: "Install to existing Ubuntu 18.04 or 20.04 server (for more advanced users)", alias: local }

    ssh private key isn't set

    - name: Additional variables for the server
        name: "{% if cloud_instance_ip == 'localhost' %}localhost{% else %}{{ cloud_instance_ip }}{% endif %}"
        ansible_ssh_private_key_file: "{{ SSH_keys.private_tmp }}"
      when: algo_provider != 'local'

    should I set ansible_ssh_private_key_file manually?

    ok, that worked
    David Myers
    You can use ssh-agent to enable SSH to an existing instance without a password. Also make sure whatever user you're using on the remote system can run commands as root without a password, such as with sudo.
    Klaus Helenius
    I guess passing ansible_ssh_private_key_file to container is less work for now than binding SSH_AUTH_SOCK for docker
    David Myers
    I don't know anything about Docker so I can't help you there.
    This application didn't warn me about messing up my vps.
    Why don't they have a simple and clear warning: "cannot be uninstalled"
    now why is this?
    David Myers
    It's mentioned in the documentation.
    Deploying to Azure seems completely broken
    Deploying to digital ocean works flawlessly, thanks for the project! Unfortunately I get the best ping with a specific region of Azure.
    In master, azure-cli-core seems to be out of date (trailofbits/algo#1881), but simplying applying the fix mentioned in the github issue still result in failed deployment
    I keep getting "Timeout when waiting for search string OpenSSH in XXX" with Azure, any idea how to fix that? I've checked https://trailofbits.github.io/algo/troubleshooting.html#old-networking-firewall-in-place, but firewall on the newly created VPS in Azure allows the Algo ssh port
    Any idea how to get Azure deployment to work?
    Vivek Ramalingam
    Hi, I got Algo running in a digital ocean droplet. iOS with Wireguard is able to connect to the server but I'm unable to connect to any website. Getting Error "Server Stopped responding." is there anything to change in the config ?
    Hi does algo automatically create the vps instance? also which ones does it?
    oh its in config.cfg. i should have checked :)
    Hi just wanted to say that I've got 1 instance that has been running (as far as I can remember at least 1 year) and I never go on that particular server (automatic updates) and it servers about 15 connections, many of them streaming every day without a glitch. So good job Algo team...
    none of those connected ever see a single ad either...