johnchapin.boostrot.net

Digital nomadery and shenanigans...

The Digital Nomad’s Guide to Entry Fees

Moment of panic. The flight lands in 15 minutes, and I’ve just realized that I’ll have to pay a Visa on Arrival (VOA) fee. What’s worse is that I spent my last few dollars on gum and a magazine before I left, and it wasn’t even a very good magazine.

My empty pockets won’t impress the immigration officer, and there isn’t a single solitary clause in any book of international law that requires countries to station an ATM, bank branch, money changer, or gold mine in the controlled arrivals area of international airports.

How could I have avoided this situation? This guide is an attempt to address some of the common monetary situations that need to be dealt with in airports, especially as they relate to paying VOA and similar fees.

The Digital Nomad’s Guide to Onward Travel

Like many travelers, I didn’t realize that airlines can and will refuse to board passengers who might be denied entry to their destination.

The country you’re trying to enter also wants to ensure that you leave. Many countries do this by making sure you have confirmed (and paid) travel arrangements to exit the country. This is called proof of onward travel.

Secure Comms With OpenBSD and OpenVPN, Part 5

This is the fifth and final part in a series of posts detailing how I’m securing my Internet communications using open-source software.

Part 1 – Set up of an OpenBSD VPS with full-disk encryption and the minimum OS install necessary to run OpenVPN.
Part 2 – Installation of OpenVPN and configuring the PKI system.
Part 3 – OpenVPN configuration and actually running the OpenVPN daemon.
Part 4 – Installation and configuration of the Tunnelblick OpenVPN client on Mac OS X.


OpenBSD 5.4

A few weeks after I set up and configured the VPN system on OpenBSD 5.3, a new version of OpenBSD was released. This isn’t too surprising of course, as the OpenBSD team releases every 6 months!

Secure Comms With OpenBSD and OpenVPN, Part 4

This is part 4 in a series of posts detailing how I’m securing my Internet communications using open-source software.

Part 1 – Set up of an OpenBSD VPS with full-disk encryption and the minimum OS install necessary to run OpenVPN.
Part 2 – Installation of OpenVPN and configuring the PKI system.
Part 3 – OpenVPN configuration and actually running the OpenVPN daemon.

It should be noted that even these measures are only securing part of my traffic. Everything that exits my VPN endpoint is protected only by whatever protocol-specific security measures are already in place (e.g. HTTPS for web traffic).


Tunnelblick Installation

On Mac OS X, Tunnelblick can be used to connect to the VPN server. It’s an open-source application that offers simple, OpenVPN-specific configuration and a convenient graphical interface.

To install, simply download and run the installer.

Secure Comms With OpenBSD and OpenVPN, Part 3

This is part 3 in a series of posts detailing how I’m securing my Internet communications using open-source software.

Part 1 – Set up of an OpenBSD VPS with full-disk encryption and the minimum OS install necessary to run OpenVPN.
Part 2 – Installation of OpenVPN and configuring the PKI system.

It should be noted that even these measures are only securing part of my traffic. Everything that exits my VPN endpoint is protected only by whatever protocol-specific security measures are already in place (e.g. HTTPS for web traffic).


Configuring OpenVPN

With the OpenVPN package installed and the PKI components in place, configuring and running the actual server software is straightforward. The OpenVPN package includes a sample server configuration file that makes a good starting point.

Secure Comms With OpenBSD and OpenVPN, Part 2

This is part 2 in a series of posts detailing how I’m securing my Internet communications using open-source software.

In part 1, I set up an OpenBSD VPS with full-disk encryption and the minimum OS install necessary to run OpenVPN.

It should be noted that even these measures are only securing part of my traffic. Everything that exits my VPN endpoint is protected only by whatever protocol-specific security measures are already in place (e.g. HTTPS for web traffic).


Part 5 of this series covers some changes to this process for OpenBSD 5.4!

OpenVPN Installation

Installing and configuring the OpenVPN package can seem daunting at first, but given a relatively simple VPN architecture (many clients, one server), the setup is straightforward. Many of the steps below are cribbed from the OpenVPN section of “Building VPNs on OpenBSD”, which is 4 years old but still informative.

Secure Comms With OpenBSD and OpenVPN, Part 1

This is part 1 in a series of posts detailing how I secure my Internet communications using OpenBSD, OpenVPN, and other open-source software.

It should be noted that even these measures are only securing part of my traffic. Everything that exits my VPN endpoint is protected only by whatever protocol-specific security measures are already in place (e.g. HTTPS for web traffic).


Virtual Private Server

I prefer a virtual private server (VPS) over buying, configuring, shipping, upgrading, and disposing of a Real Machine™. Using QEMU/KVM, the hosting company TransIP supports VPSs running OpenBSD 5.3. I’m currently using their “Blade VPS X1” product, which costs €10/month and provides 1GB memory, 50GB storage, 1TB transfer, and importantly, a static IPv4 address.

Oases of the Digital Nomad

The weekday routine in Ciudad de Panama:

  1. Wake up, get out of bed, drag a comb across my head.
  2. Eat breakfast.
  3. GTFO before it gets too hot.
  4. Find an oasis.

Out Into the World.

Several people have asked me, “John, you handsome devil, how exactly did you manage to arrange your life to be able to pick up and go out into the world with no plans and no return ticket?”

The answer, for me at least, was and is “persistence”. I have persistently and obsessively, over the course of several months, poured over the details of my life and made sure that every action I took moved me closer to location independence. Not all of those decisions have been easy or straightforward.