WiFi Tether on HTC EVO 3D

Owned my HTC EVO 3D (rooted, stock rom) for almost half a year already and I have not gotten WiFi Tether working until now based on this post. I’m currently using version 3.9 Beta 9. To get tethering to work, I need to enable MSS clamping and Routing fix under Menu > Settings per this post. Yay! I can now tether when I’m away from home.

Access or stream remote files on Android using EStrong File Explorer

I currently use AndFTP to download files remotely using the ftp or sftp protocol. For local file access, I use something like ASTRO File Manager or Linda File Manager. I recently discovered EStrong File Explorer, a file manager that lets me access both local and remote files. You can access or stream remote files directly without downloading it first. That is, you can select an mp3 file and play it with your favorite music app directly. It is like the remote server is mounted on the device like in Linux which makes file access feel seamless. Too bad streaming movie files like XviD is a little laggy with MX Video Player or Rockplayer Lite even when the server is on the local network.

Offline maps for GPS on Android without a need for a data connection

To follow up on my recent post about Navit, a cross-platform map and GPS program that you can use on your laptop when on the road, I did a search for map/GPS programs on the Android platform that do not rely on a data connection. Like I mentioned in my previous post, I sometimes travel to locations where I do not have cellular signal (like in the mountains), which render Google Maps and my phone’s default navigation software useless. GPS signals are usually available as long as I’m outdoors (based on my personal experiences), so I hope to rely on a device with a GPS receiver with maps stored on it.

For the Android platform, I discovered MapDroyd and CoPilot from this thread. MayDroyd makes use of OpenStreetMaps like Navit and tangoGPS, and hence is free. CoPilot costs money.

To store map data on my phone, I’m going to need to buy a bigger micro SDHC card (32 GB?) since the entire planet data is over 6 GB and the Americas is over 2 GB.

Be on my home network when I’m away from home via OpenVPN

In my previous employments, I remember co-workers having to use VPN when they work from home. They can access everything at the company as if they were physically on-site. I haven’t tried configuring it on my home network since if I ever needed anything, I ssh’d into my home NAS, and grabbed stuff from there. I guess VPN can be useful in that everything I do on the remote machine will seem like I’m at home, meaning all my mounted access to different directories on the NAS, access to the router, etc, are available while I’m away.

Been wanting to play around with VPN for a while since I know both DD-WRT and Tomato routers has OpenVPN bundled in them.

Instructions are clearly documented at the USB Tomato wiki (look here to get the easy rsa files in newer versions (14.04) of Ubuntu). Note that when pasting stuff into the web browser, include the BEGIN and END lines. Also note that in order to generate the files, you have to do so as root; sudo doesn’t cut it. On Ubuntu, do sudo -i to imitate su.

Keep the generated files in a safe place. The files that I keep on my laptop (client) to VPN into my home network are ca.crt, Client1.crt, and Client1.key. Then create this Client1 file:

##########################################
# ______ __
# /_ __/___ ____ ___ ____ _/ /_____
# / / / __ / __ `__ / __ `/ __/ __ 
# / / / /_/ / / / / / / /_/ / /_/ /_/ /
# /_/ ____/_/ /_/ /_/__,_/__/____/
# admin@domain.com
##########################################
# The hostname/IP and port of the server. You can have multiple remote entries to load balance between the servers.
remote server.dyndns.org 1194
# Specify that we are a client and that we will be pulling certain config file directives from the server.
client
ns-cert-type server
# On most systems, the VPN will not function unless you partially or fully disable the firewall for the TUN/TAP interface.
dev tun21
# Are we connecting to a TCP or UDP server?
proto udp
# Keep trying indefinitely to resolve the host name of the OpenVPN server. Useful for machines which are not permanently connected to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to a specific local port number.
nobind
# The persist options will try to avoid accessing certain resources on restart that may no longer be accessible because of the privilege downgrade.
persist-key
persist-tun
float
# SSL/TLS parms.
ca ca.crt
cert Client1.crt
key Client1.key
# Enable compression on the VPN link.
comp-lzo
# Silence repeating messages
;verb 3
# Silence repeating messages
mute 20

When I need to VPN, just do

sudo openvpn Client1 ## do this in directory where the 3 files are stored

Thank you open source community!

Update (12/14/2010): Password-protect OpenVPN

I wanted to add a password feature to my VPN since I’m afraid someone might get access to my key files. I asked how to do so on the Tomato forum, and was referred to this post. It is quite easy to implement. 10/25/2014: Did more research to see if it’s better to implement a passphrase for the key instead of what I implemented before, but this post confirms that the auth-user-pass-verify method is indeed the recommended way to implement authentication.

In the tomato web config, add the following:

init script (under Administration):

echo '#!/bin/sh
user1="user1name"
pass1="user1pass"
test "$user1" = "${username}" && test "$pass1" = "${password}" && exit 0
exit 1' > /tmp/quickAuth.sh
chmod 755 /tmp/quickAuth.sh

Restart the router or, better yet, execute the above code on the “System” page under “Tools”.

Under the “Advanced” tab on the VPN Server page, enter the following under “Custom Configuration”:

script-security 3
auth-user-pass-verify /tmp/quickAuth.sh via-env

Now, on my Client1 file above, add the line auth-user-pass somewhere (I placed it after comp-lzo).

Now when I vpn to the network, I have to enter a username and password. This is awesome.

UPDATE 1/1/2011: Issue with PeerGuardian/MoBlock

I have issues connecting to a computer on the local network through OpenVPN. See this post for more details. To connect to it, just turn off PeerGuardian (sudo pglcmd stop).

UPDATE 10/6/2011: Channel all internet traffic through VPN

The above method allows me to access computers on my home network. To direct all internet traffic from my current device to the VPN network (so that the IP the world would see is the VPN’s network), check the Direct clients to redirect Internet traffic checkbox in the Advanced Tab when setting up VPN in Tomato (according to this post). That way, I can use the internet securely when on a public network. I will only turn this feature on when I truly need it.

Unfortunately, there DNS names doesn’t resolve (only IP addresses will work). I seeked help here obtained a solution there and here. To fix the DNS issue, I added the following three lines to the end of the config we created earlier:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

and added

push "dhcp-option DNS 8.8.8.8"

to the “custom configuration” field under the “Advance” tab of the VPN server page on Tomato. The latter just says to use Google’s DNS server.

UPDATE 10/25/2014: Use on Android

I can VPN on Android via the OpenVPN app. It should work after I copy all my files (Client1.ovpn, Client1.key, Client1.crt, and ca.crt) into a single directory on Android, and import Client1.ovpn in the app. However, I don’t want to leave my keys on my phone like that for security reasons, so the Help file in the OpenVPN app suggests creating a pkcs12 file and adding that to the Android keychain. To do so, first remove the 3 lines referencing in Client1.key, Client1.crt, and ca.crt in Client1.ovpn file. Import this ovpn file instead. On Linux, do

openssl pkcs12 -export -in Client1.crt -inkey Client1.key -certfile ca.crt -out Client1.p12

to generate Client1.p12. Enter an extracting password (will be asked when importing into Android keychain). Transfer to phone and import it via the OpenVPN app (so only Client1.ovpn and Client1.p12 files needed); enter the extracting password. Now one should be able to connect to the VPN after entering the username and password from the auth-user-pass-verify method. This is cool!

Send and receive your phone’s SMS through Instant Messages

I read this post and found out about TalkMyPhone, an Android app that let’s you send and receive SMS messages from any instant messaging program such as Pidgin via the jabber protocol.

It comes in handy as I don’t like having a long conversation via SMS when a computer is in front of me; I can multi-task on the computer like I usually do without having to take my hands off the computer keyboard.

My setup is as follows:

  1. Register for an account on jabber.
  2. Make sure that this account is friend’s with my gmail gtalk account; done by IM’ing the gmail account from this web app (didn’t work in Pidgin).
  3. On my computer, sign on to the jabber account from 1, eg, through Pidgin.
  4. In TalkMyPhone’s settings, set to notify the address from 1. Leave the default setting of unchecked “Use a different account” (the phone’s google talk account will communicate with the account from 1).

I really like it, but I have a feeling it will eat up battery pretty fast. Since I’m in front of the computer, just keep the usb port plugged in for charging. Enjoy!