As the title says, I have my own instance of OpenVPN running in a vps (default settings). Is that “safe” enough for p2p? Any settings I should change? Anything I should watch out for? I guess it would show that the IP address of my vps will be going to these p2p sites and connecting to the IP address of whoever I’m transferring from, but how hard is it for the vps traffic to be traced back to me?
Someone else asked “safe from what?” And that’s the real question.
In lieu of an answer to that though, no. It isn’t. The whole point of using a vpn to do p2p is to accomplish three things: traffic anonymization, legal protection and encrypted data transfer.
A vpn on a vps doesn’t anonymize your traffic because the vps is in your name. The vps provider is likely in compliance with kyc laws and will happily give you up to the law the moment they come knocking. If you’re using a domain with it it’s even easier to check that it’s you by looking at the whois records. On the off chance you’re getting a vps with enough storage and transfer included to act as your seedbox without kyc using cash or monero or something you’re likely paying more than the 2-3$ a month that the p2p vpns tend to charge.
A vpn on a vps most likely doesn’t provide you any legal protection either! Generally speaking, privacy focused vpn providers use nonpersistent systems where the secrets that can be subject to lawful intercept by the authorities are not stored on the systems hard drive and have protections against being read out of ram. Not only are almost all vpses generally held to be vulnerable to having their ram contents read by the provider, it is extremely unlikely that you set up openvpn without a configuration file on disk that contains your secret. This is just one example of a well documented vector of legal attack against a vpn, there are many. Paying an expert in legal attacks takes the onus off you.
A vpn on a vps doesn’t even accomplish encrypted data transfer, since the tunnel is between your pc and your vps, not whatever the vps connects to. Encryption keeps untrustworthy devices upstream of you from reading the data you send and receive. You might have prevented your untrustworthy isp devices from viewing your data, but you didn’t prevent untrustworthy vps provider devices from viewing your data. Even if your vps is trustworthy, the infrastructure it uses is the same infrastructure whose built in lawful intercept backdoors were compromised last year with no firm resolution. This wouldn’t matter nearly as much if your traffic were anonymized or had the shield of a crew of computer security experts running the system you use as a vpn, but as outlined above, you don’t.
Running your own vpn on a vps is cool, and I’m glad you have that ability, but it’s a lot like building your own car from scratch. It is possible, and a phenomenal learning experience, but not the suggested route for anyone.
Use a p2p vpn service instead. It’s much cheaper and better in almost every way.