The Dotcloud provided by duostack.com is a application development platform for simple deployment of your stuff. It also provides an ssh-interface via: dotcloud ssh project.module to be able to use it without the hassle of going through the api, you will need to create an own dsa-key for ssh to use and deploy this public key on the machine ssh-keygen -t dsa -f dotcloud_project.dss cat dotcloud_project.dss.pub (copy the contents to the dotclouds ~/.ssh/authorized_keys2) find your dotcloud host ip via dotcloud info project.module You will gain a user shell with ssh dotcloud@module.project -p 5960 we will need to build some stuff in order to get a working copy of tinc. Everything needs to be done in userspace. mkdir build cd build curl http://www.openssl.org/source/openssl-1.0.0d.tar.gz | tar xz cd openssl-1.0.0d ./config --prefix=$HOME/usr -fPIC make install cp lib* $HOME/usr/lib cd .. curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz cd lzo-2.04 ./configure --prefix=$HOME/usr curl http://zlib.net/zlib-1.2.5.tar.gz | tar xz cd zlib-1.2.5/ ./configure --prefix=$HOME/usr make install before building we need to patch the tinc daemon to run without the need for a tun device. tutorial is here: https://hackerspace.be/TincVPN curl http://www.tinc-vpn.org/packages/tinc-1.0.14.tar.gz | tar xz cd tinc-1.0.14 #replace the device.c with the patched (empty) one from the webpage ./configure --prefix=$HOME/usr --sysconfdir=$HOME/etc \ --localstatedir=$HOME/var --with-openssl=`pwd`/../openssl-1.0.0d/ \ --with-openssl-lib=`pwd`/../openssl-1.0.0d/ \ --with-zlib-include=$HOME/usr/include --with-zlib-lib=$HOME/usr/lib make make install mkdir ~/etc mkdir -p ~/var/run cd ~/painload/retiolum/scripts/tinc_setup ./install cloudkrebs 10.7.7.221 be sure to fix the portnumber in the generated host file and add your own address in hosts/cloudkrebs: Address = my.public.address Port = 1655 PUBKEY also write the right in tinc.conf: Name = cloudkrebs Mode = switch #device = ... # no device :)