Have you ever visited or tried to log into a website, and been greeted by odd error messages like "Access Denied" or "Oops something went wrong". Your thinking "What the heck? I'm just trying to use your site as it was intended". Then you figure the site must be having some type of technical issue, and either move on, or try back later. Well, even if you try back later for days you still get the same errors. Then you turn off your VPN, magically the site works perfectly fine. This is your first introduction into the world of banned service providers AKA black/block lists
I will preface this by saying that the examples below were tested on one of the the largest VPN providers out there. You might or might not have issues using your VPN provider, but weird errors are something to keep in mind when sites just seem to break, and you can't figure out why. It might look to you like the site is broken, but this is just the site designers way of protecting themselves from abuse.
When you see all of these errors, odd messages, or connection issues, much of it is done on purpose. Websites will setup security services or appliances to block connections from networks that give them issues or cause trouble. VPN providers or large hosting services like Amazon usually end up on these lists. VPN's and hosting providers are services people can hide behind to abuse websites. This abusive behaivor is something the websites don't want to deal with. They will throw up a message or error to let you know that there was an issue. They will never tell you what that issue was, nor will they likely ever tell you that you have been blocked. If they did this then an attacker might change tactics or providers to see if they can get through another way. That is the worst part of this process. The site won't tell you it's messing with you, it will just make it look like it has broken itself in a gentle and annoying way. From the websites point of view, it's just protecting itself.
Sites perform all kinds of antics when encountering IP's they don't trust. For example ...
Note: All sites below work perfectly fine with VPN off. These errors only happen with VPN on.
Hopefully you don't encounter these issues with your VPN provider. But if one day you start seeing odd problems with a website, and you just can't figure out what's going on, always try to turn your VPN off if you have one. If your seeing one of the type of issues above, and you are not using a VPN, then you might just be on a block of IP address's from a provider that is causing grief for certain websites. If that happens, this is where a VPN might be able to help you. If you can find a VPN that has not been marked as troublesome by the same website your having issue with, then you can use it to access the site. Go figure.
I wanted to play some video files from a Linux machine I have on the network, and wanted the ease of just opening Chrome OS's file manager, mounting a network file system, and playing the video file of my choosing with any of the installed apps from preferably from Android, but possibly from the Linux VM as well. You can do this easily with files mounted from a USB thumb drive or local storage.
Try to use the Chrome OS file manager, and install a service (3 dot menu -> add new service) for sftp or smb. Mount a network share, then try to play a video file. You will not be able to select any video player installed via a Linux container (Crostini) or Android app. Just the internal player is available, and will happily play any file it supports. The internal video player is garbage for features and codecs supported.
Let's get sneaky. Let's mount an sshfs mount in a Linux container, mounted to my home dir (available via "My Files -> "Linux Files"), that is auto shared to Chrome OS files app. Then it will think these files are local, and allow applications to access them when right clicking on video files via the share in the files app. Now when we right click on the newly mounted files, and use "open with" we see all installed video apps available. Selecting the Android app mxplayer results in the file not being allowed to be read, and gives a error of "can't play this link". Android VLC just opens and closes quickly when trying to play the file. If I right click "open with", then select a Linux container video app I installed (mpv, fantastic Linux video player), the video starts playing. The internal Chrome OS video player can access and play the file as well. While this is nice and I love mpv, running that out of the Linux container, really heats up the system likely because there is no special acceleration at all. Playing things with mxplayer from Android seems to perform better.
After thinking about this, what I think is going on is the Chrome OS security model at work. The Linux container can not access any files in Chrome OS. Yes, you can right click and select "Share with Linux" on regular directories, but that only shares files into the Linux container. I need to share files directly out of the Linux container. The Android apps can not directly access the files shared from the Linux container. Chrome OS is sitting in the middle of both of these contained areas, and it has very few decent apps that do anything useful natively. It relies on Android containers (ARC++) or Linux containers (via crosvm) to provide apps that are useful. Which means you get stuck in either one of their containers to do your work, or you end up copying files back and forth between containers. So how do we make this work?
If you installed the Chrome OS Linux VM via the "Linux (beta)" in the settings are then you have access to a fairly full featured Linux OS (Debian). You can use the Linux tools of your choice, like sshfs (fuse) or samba, to access files over a network. Put that mount in your home dir and access it via the "My Files -> Linux Files" in the file browser. Then install a Linux video player like vlc or mpv, and select one of those from the 'open with' menu and the file will happily play. This is due to both the mount and the video player app being in the same container. You could also just play the file via the command line in the container via the mount you just made. Using the file manager is just a GUI way of doing it. This does not solve my original problem of wanting to use and Android app to play the video.
If you don't want to get into using an Linux VM on Chrome OS, then you can play videos using a Android app that can mount smb, ssh, nfs or whatever. I choose to use FX File Explorer Pro. It supports sftp, smb, webdav, and ftp. You can make a mount from within this program, and after mounting find your video file and choose "open with" and choose your favorite Android video player you have installed. I like MxPlayer Pro or VLC. This works without issue as we are staying in the Android container with the apps we use to play our video.
I really wanted the convenience of using the native Chrome OS file manager to navigate using Android apps or Linux apps on a network file share. I guess the security model won't allow it for now. I did happen upon something promising via a chrome flag called "arc-file-picker-experiment" which might allow Android access to network shares. I turned it on, and it broke access the the Linux containers "Linux Files" area in the file manager. It also did not give me access to any Android apps via the "open with" menu on the sftp file service share.
I fired up SSHDroid using Android 10 for the first time, and quickly noticed a warning that the app was not made for Android 10, and might not work correctly. I was happy to see that it did work as the daemon fired right up and I ssh'ed in without issue. I tried getting to my pictures area on my phone so I could back up some of the original raw files. I was greeted with an "Access Denied" to /storage/emulated/0/DCIM/Camera area. Unfortunately SSHDroid is not allowed access to the /storage area anymore in Android 10. Now to find a way to get to my raw picture files.
It seems that SimpleSSHD is not being updated any time soon, and for that matter does not even show up in the Google Play store anymore, I wanted to see if any other sshd programs for Android allowed access to the photos area of the phone. The one that seems to allow this that I found is SimpleSSHD. Upon first startup it asks for access to media which includes photos and videos. I proceed to start up the sshd server and ssh in. I was able to access the /storage/emulated/0/DCIM/ area with my photos. SimpleSSHD works great. I don't see any way to give the dev some money by buying the app, or in app purchases, so I guess I'll just say thanks for making a great sshd app that works on Android 10.
UPDATE: Since using SimpleSSHD last seems a few things have changed. There is no root login anymore with a default password. Dynamic root passwords are generated and displayed on the SimpleSSHD screen every time you connect. So I ssh'ed in the first time from a machine, and made a new file in the home dir you land in called "authorized_keys". There is no vi or vim or nano so I just put in my ssh public key using echo like "echo 'YOURKEYHERE' > authorized_keys". I did find out unfortunately that it does not support elliptic-curve signatures keys (ED25519). So I had to break out a old rsa key to get it working. This is not the developers fault. Dropbear does not support these types of keys yet.