2ho Client for Linux

For Generic Linux

For the first releases, we will be supporting Linux in a more generic sense as Linux distros vary a fair bit. We will come back to provide distro-specific packages at a later date.

At this time, the 2hO Client software for Linux is available for:

  • Intel/AMD x64 (e.g. 64 bit Ubuntu on PC hardware)
  • ARM 32 bit (e.g. Raspberry Pi, Armbian, etc. Compiled as "linux/armhf")

The Linux client user interface currently supports:

  • A text-based console app
  • A GUI using WebView2 on supported platforms
  • A web-based interface manually enabled

Installing is pretty much a matter of copying a couple of binaries, installing the service, and logging in.


If you know what you're doing, you can use a variation on the following...

$ sudo apt update -y; sudo apt upgrade -y
$ sudo apt install wireguard -y
$ sudo mkdir /usr/local/bin
$ wget -c https://dist.2ho.ca/dist/2hoClient_linux_arm-stable.tgz -O - | sudo tar -xzv -C /usr/local/bin/
$ 2hoctl service install
$ 2hoctl login username
$ 2hoctl help


Just for fun, and perhaps to prove the system requirements are not much, the following instructions were composed using WiFi on a Raspberry Pi Zero 2 W with Raspberry Pi OS 32 bit. But, the procedure would be similar on Ubuntu or other Linuxes.

Feel free to take liberties with this installation technique. This is not necessarily the best way to install things. But it's easy to understand. No user-serviceable parts inside. Void where prohibited. Your mileage may vary.

Before installing anything on Linux, there are a few things you should configure to ensure the system is secure. e.g. Change default passwords, disable root login, install and configure a firewall, etc. Securing your host, we leave up to you. But make sure you do it. There is nothing special to do there in terms of the 2hO Client software. Vanilla is fine.

Before installing the 2hO Client, you need to make sure you have a working installation of WireGuard* and wireguard-tools. WireGuard is awesome and is the foundational technology that makes our software go. You can get detailed installation instructions for your distro from the WireGuard website.

You only need to worry about installing WireGuard on Linux. The installer does this automatically on other platforms.

Install WireGuard

Depending on your distro, WireGuard may already be installed. Take a quick look with the following commands.

$ which wg

If you find something, you can skip this part. If not...

Make sure your system is up to date. Also, make note of which architecture you are on.

$ sudo apt update -y 
$ sudo apt upgrade -y
$ uname -m

Next, install WireGuard with your package manager. Then check for WireGuard again.

$ sudo apt install wireguard -y
Reading ... done
$ which wg 

If you see the wg binary, you are good to move on.

Install the 2hO Client Software

Download the 2hO Client archive from the links above. Then unpack it. Make sure /usr/local/bin is in your path. It probably is.

$ wget https://dist.2ho.ca/dist/2hoClient_linux_arm.tgz
$ sudo tar -xvzf 2hoClient_linux_arm.tgz -C /usr/local/bin
$ which 2hoctl

Now, install the service with the following command.

$ sudo 2hoctl service install
Creating /etc/2ho
Creating new config      
Creating /etc/2ho/wg2ho.conf
Creating /var/log/2ho

You can check the status with...

$ 2hoctl 
The 2hO Network Agent
No account information provided
usage: 2hoctl login [username]
    Internet : Y    Sync : Y    Tunnel : Y    AutoStart : Y    Auth : N
                           This computer             : online       : never

You can see all the commands with "help".

$ 2hoctl help
usage: 2hoctl  ... where  are:
       status, about, version          Show... 
       tunnel [start|stop]             Start or stop the tunnel
       tunnel autostart [yes|no]       Start the tunnel on boot
       login [username], logout        Add credentials
       help                            This help    

If you have not already signed up, you need to register for a free account. Go to 2ho.ca and click Sign Up.

Once registered, you can add your credentials and check the status.

$ 2hoctl login username
Password: ********
username is authenticated

$ 2hoctl
The 2hO Network Agent
Internet : Y    Sync : Y    Tunnel : Y    AutoStart : Y    Auth : Y

You won't see much after installing only the first device. You need more than one computer running to make use of the software. You need to connect something to something else.

Wait a couple of minutes (2-3 minutes, not seconds) and try again. It takes a couple of minutes for all of your devices to check in and sync information. Once they have, you will see a list of your devices and when they were last heard from.

$ 2hoctl 
The 2hO Network Agent
Internet : Y    Sync : Y    Tunnel : Y    AutoStart : Y    Auth : Y
    mynas.myaccount.2ho.ca  This computer             : online       : 1m ago
                hub.2ho.ca  2hO server                : online       : 38s ago
 thinkpad.myaccount.2ho.ca  My notebook               : local        : just now
  macbook.myaccount.2ho.ca  My kid's computer         : local        : 25s ago
   office.myaccount.2ho.ca  My accounting PC          :              : never
   server.myaccount.2ho.ca  My office server          : online       : 47s ago

You can test your connections with a ping. Use ^C (control-C) to stop it.

$ ping macbook.myaccount.2ho.ca
PING macbook.myaccount.2ho.ca ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=64 time=0.824 ms
64 bytes from ( icmp_seq=2 ttl=64 time=0.708 ms
64 bytes from ( icmp_seq=3 ttl=64 time=0.722 ms
--- macbook.myaccount.2ho.ca ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.708/0.751/0.824/0.051 ms

If a connection is not reachable. It could be that it is turned off or is without an Internet connection (in the trunk of my car). As long as there is a connection, you should be able to reach it.

To connect to something on one of your devices, you simply use the friendly DNS name in the connection list. e.g. I could connect to a windows file share with \\server.myaccount.2ho.ca\ShareName

The Settings app

The Client also includes a web GUI. You can start it with:

$ settings2ho 
Listening on

This will start a small webserver on http://deviceip:3999. We suggest you only start it when you need it as it can control your tunnels. Use ^C (control-C) to stop it.

* "WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.