/sstp-server

Secure Socket Tunneling Protocol (SSTP VPN) server for Linux.

Primary LanguagePythonMIT LicenseMIT

sstp-server

PyPI version Build Status

A Secure Socket Tunneling Protocol (SSTP) server implemented by Python.

Requirements

  • Python >= 3.4.4
  • pppd

For Python 2.7, use v0.4.x

Crypto Binding is supported using SSTP ppp API plug-in sstp-pppd-plugin.so from sstp-client.

Install

Install from PyPI: :

# pip install sstp-server

Please ensure your pip >= 9.0.1 to get correct version.

Install from GitHub: :

# pip install git+https://github.com/sorz/sstp-server.git

Arch Linux user may install sstp-server package from AUR.

If you share the authentication with services other than SSTP (for example, a RADIUS server that serve both a SSTP and WiFi authentication), crypto binding <https://docs.microsoft.com/en-us/openspecs/ windows_protocols/ms-sstp/89a68310-0b1e-451b-af9c-0c9ce500bb2e> is required to prevent MITM attacks. Crypto binding is enabled automatically if sstp-pppd-plugin.so is avaliable, see #37 <https://github.com/sorz/sstp-server/pull/37 #issuecomment-761107420> for instructions.

Usage

Create pppd configure file /etc/ppp/options.sstpd,

A example: :

name sstpd
require-mschap-v2
nologfd
nodefaultroute
ms-dns 8.8.8.8
ms-dns 8.8.4.4

Start server:

sudo sstpd -p 443 -c cert.pem -k key.pem --local 10.0.0.1 --remote 10.0.0.0/24

Or:

sudo sstpd -f /path/to/sstpd-server.ini -s site1

Known Issues

  • High CPU usage, may not suitable for high thougthput applications.

License

The MIT License (MIT)

Copyright (c) 2014-2020 Shell Chen