Virtual Private Network is a valuable technology that can be applied to a large variety of different tasks in many different ways, making your internet connection and browsing the web for whatever reasons more secure and anonymous. One of them is SSTP. What is this, what is this for, and how to install it on Debian – this we are going to discuss in the following article.
What is SSTP?
SSTP is a VPN protocol that is used to provide a secure connection between a VPN client and a VPN server, that is to connect to remote devices using a VPN. It was originally developed by Microsoft for Windows users but subsequently spread also among the users of other operating systems. The reason for this popularity consists in the level of security it provides, which is often considered higher compared to the PPTP or L2TP/IPSec protocols.
SSTP protocol works similarly to PPTP (Point-to-Point Tunneling Protocol) since it uses PPP (Point-to-Point Protocol) traffic, but here it is done via SLT/TLS channel. This is the reason why the level of security provided by SSTP is much higher than one of PPTP, as SSL/TLS provides a range of additional features aimed at enhancing the security of connection – checking traffic for integrity, negotiating key securely, encrypting information.
Servers’ authentification request during the connection is also due to the SSL/TLS protocol.
The features of SSTP protocol
Now, let’s break down a little the features, the strong and the weak points of the SSTP protocol.
Security. SSTP is considered a pretty much safe option, with its security considered being on the same as the Open VPN. This is due to the use of SSL as well as encapsulation of the data packets with HTTPS, and AES – Advanced Encryption Standard.
But there are also a couple of security issues accompanying SSTP:
- TCP meltdown. This is a connectivity problem that occurs when there is a conflict between the TCP connection of the VPN and the external TCP connection. This isn’t generally a big deal, but in some cases, it can be bothering.
- SSTP belongs to Microfost. SSTP is a closed-source solution that was developed by Microsoft and is owned by it. Therefore, even though it is aimed at securing and encrypting your data, it’s not excluded that the latter can be sometimes surveilled by, say, National Security Agency.
What about speed, it, as is often the case with VPN, may be reduced due to the use of powerful encryption – unless it is lowered by insufficient capacities of your devices – memory, CPU, bandwidths, etc.
To sum up, the advantages offered by SSTP, we can list:
- the easiness of configuration;
- security against blocking provided by TCP port 443;
- decent speed if you have sufficient system configuration.
As for disadvantages, it is worth mentioning:
- closed source nature and belonging to Microsoft, which is a kind of problem if you are worried about NSA;
- TCP meltdown susceptibility;
- the connection can still be terminated by network administrations if they identify the header.
Now that you know everything you need about SSTP, let’s look at how to install it on Debian.
How to set up SSTP VPN on Debian?
To connect via SSTP VPN, the first thing you need to do is to gather the information and files:
- VPN account (user name and password)
- VPN server certificate (file)
- VPN server name
Afterward, perform the following sequence of actions.
- First, add a package repository with SSTP client with the help of this command: $ sudo add-apt-repository ppa:eivnaes/network-manager-sstp
- Use the $ sudo apt update command to update the packages and then install your SSTP client with the command: $ sudo apt install sstp-client. To check the VPN now, use the command: $ sstpc.
- If you want, you can optionally install GNOME GUI with the command sudo apt install network-manager-sstp-gnome to configure your SSTP VPN connection.
- Add VPN to your graphical interface. Open the setting of your device and select “Network”, then click the “add” button in the VPN field. In the newly opened tab select “Identity” tab and enter the following information:
- Name of VPN connection (facultative)
- VPN server name
- Path to VPN server certificate
- User name and password
Save the settings and if everything is done correctly, now you are provided with a fully functional SSTP VPN connection.
SSTP VPN protocol is a popular and reliable way of providing a secure VPN connection, and we hope that this article has made things clear enough for you, and now you know how to set it up on Debian.
However, if you are still looking for a VPN provider, then check out this offer of virtual private network by HostZealot and you’ll definitely find a secure and reliable VPN solution for your professional or daily use. Thank you for reading this article and have a nice day!