Obfs4proxy and Shapeshifter are an absolute PITA to install.
Get your own VPS server (VPS in EU/US with 2GB of ram, 40GB of disk space and TBs/month of traffic go for $10 a year, it's that cheap). Never get anything in the UK and even USA is weird. I'd stick with EU.
Install your software (wireguard + obsfuscation or even tailscale with your own DERP server)
Another simpler alternative is just `ssh -D port` and use it as a SOCKS server. It's usually not blocked but very obvious.
In my experience, in China as of 2016, "ssh -D" vasn't reliable at all, I wrote more details at https://blog.zorinaq.com/my-experience-with-the-great-firewa... (see "idea 1")
I just spent 3 months in China this summer. The GFW has become much more sophisticated than I remember. I found only one method that reliably worked. That was to use Holafly (an international eSIM provider) and use its built-in VPN. China largely doesn’t care if foreigners get around the GFW, I guess.
Another method that usually worked was ProtonVPN with protocol set to Wireguard. Not sure why this worked, it’s definitely a lot more detectable than other methods I tried. But as long as I rotated which US server I used every few days, this worked fine.
No luck with shadowsocks, ProtonVPN “stealth” mode, Outline+Digital Ocean, or even Jump / Remote Desktop. Jump worked the longest at several hours before it became unbearably slow, I’m still not sure if I was actually throttled or my home computer started misbehaving.
I didn’t get around to setting up a pure TLS proxy, or proxying traffic through a domain that serves “legitimate” traffic, so no idea if that still works.
Holafly (and other "travel" eSim providers) have been caught routing traffic through China.
https://www.itnews.com.au/news/travel-esims-secretly-route-t...
That article seems bogus.
IP blocks are routinely bought and sold, and hence their geo location database entries are not reliable.
If you’re physically in the EU or the UK and your traffic is routed through China it would be unusably slow and immediately noticeable to non-technical users.
Exclusively use Shadowsocks here in the mainland. Was surprised to see Ngrok to work as well, but prolly not very long/reliable.
It is a tunnel, cant be used to browse a site through it isn't it?
If you have a working tunnel the rest is trivial.
Regarding your usage:
Organic Maps app can download all maps for offile and works OK in China.
It uses openstreetmap data.
1024 bit RSA keys is laughable. I'm inclined to think this was not by accident.
Idea 1 and 2 are basically the same.
Which countries you need to avoid depends on your threat model. For example, there is need to avoid the USA if all you're trying to do is bypass the Chinese firewall. There might even be a legitimate use case for pretending to have a UK IP address.
Since OP is in Southeast Asia, a VPS in JP or SG will probably hit a decent balance between latency and censorship avoidance.
Where are you finding a VPS in the EU for $10/year? Any I've seen are about 5-6 times that much.
https://billing.chunkserve.com/cart.php?a=confproduct&i=0
https://my.servitro.com/cart.php?a=view
https://manager.ouiheberg.com/cart.php?a=confproduct&i=0
1GB or even 512MB and 10GB of storage is very easy and completely doable to use for a VPN + HTTPS server
Traffic is super cheap nowadays.
Your real issue will be IP reputation.
https://lowendtalk.com/categories/offers
Is a good source.
Check LowEndTalk and LowEndBox
https://lowendtalk.com/
Can recommend. Always a little crazy, always insanely cheap. If it doesn't work out, you can just switch to another provider.