Skip to content
Menu
ChaoTic
  • Home
  • Python
  • APEX
  • PL/SQL
  • Oralce DB
  • Docker
  • OCI
  • Nginx
  • C#
  • Linux
  • JavaScript
  • Privacy Policy
ChaoTic

Ubuntu 20.04 x86 openVPN

Posted on October 20, 2022December 20, 2022

Enable Root (ignore it, it is unsafe to use Root. I keep it to remind myself how wrong this is). Go directly to “Install VPN and Configure it “

sudo passwd root
su root

Enable root login over SSH

sudo nano /etc/ssh/sshd_config

add line

PermitRootLogin yes

Save and exit the file

systemctl restart sshd

Install VPN and Configure it

download this script as ubuntu user

wget https://git.io/vpn -O openvpn-install.sh

Enable Key-phase Authentication

find the lines of creating SSL certificate in the script and remove “nopass”

$ grep -n '"$client" nopass' openvpn-install.sh
241:	EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full "$client" nopass
458:			EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full "$client" nopass

Use nano to open the .sh file and remove “nopass” from line 241 and 458.

Running openvpn-install.sh to install OpenVPN server

chmod +x openvpn-install.sh   --makes it executable
bash openvpn-install.sh

Make sure you provide needed information

Welcome to this OpenVPN road warrior installer!

Which protocol should OpenVPN use?
   1) UDP (recommended)
   2) TCP
Protocol [1]: 1

What port should OpenVPN listen to?
Port [1194]: 

Select a DNS server for the clients:
   1) Current system resolvers
   2) Google
   3) 1.1.1.1
   4) OpenDNS
   5) Quad9
   6) AdGuard
DNS server [1]: 2

Enter a name for the first client:
Name [client]: anything

OpenVPN installation is ready to begin.
Press any key to continue...

this will create a file on root home directory anything.ovpn. Copy it to ubuntu user home directory.

cp the .ovpn to /home/ubuntu/ovpnusers

cd 
mkdir ovpnuser
sudo cp /root/anything.ovpn /home/ubuntu/ovpnuser

Download .ovpn file onto your local machine

# logoff from ssh 
exit
# execute this on your local machine. both windows or mac should work

scp ubuntu@server_id:/home/ubuntu/ovpnuser/anything.ovpn .
# this would download the anything.ovpn file to your current folder

Once you have the .ovpn file on your local machine, drag and drop it into your openvpn application.

Start the connection and enter the key-phase.

OpenVPN Maintenance

Update to the newest Version

to check the openvpn version

openvpn --version

Somehow, the openvpn is not in the ubuntu repo. At least not the newest version. But to stay secure, updated to the newest (stable) version is always a appreciated. Here is how. And here is official guide.

  • add repo to vm
sudo -s

curl -fsSL https://swupdate.openvpn.net/repos/repo-public.gpg | gpg --dearmor > /etc/apt/trusted.gpg.d/openvpn-repo-public.gpg


# watch out here <version> <osrelease>
echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/openvpn-repo-public.gpg] https://build.openvpn.net/debian/openvpn/<version> <osrelease> main" > /etc/apt/sources.list.d/openvpn-aptrepo.list

# I am running ubuntu 22.0.4, in my case I need 
echo "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/openvpn-repo-public.gpg] https://build.openvpn.net/debian/openvpn/stable jammy main" > /etc/apt/sources.list.d/openvpn-aptrepo.list

<version> <osrelease> need to be substringed,

Where <version> can be one of

  1. stable: stable releases only – no alphas, betas or RCs
  2. testing: latest releases, including alphas/betas/RCs
  3. release/2.3: OpenVPN 2.3 releases
  4. release/2.4: OpenVPN 2.4 releases, including alphas/betas/RCs
  5. release/2.5: OpenVPN 2.5 releases, including alphas/betas/RCs
  6. release/2.6: OpenVPN 2.6 releases, including alphas/betas/RCs

and <osrelease> depends your distribution:

  • stretch (Debian 9.x)
  • buster (Debian 10.x)
  • bullseye (Debian 11.x)
  • xenial (Ubuntu 16.04 LTS)
  • bionic (Ubuntu 18.04 LTS)
  • focal (Ubuntu 20.04 LTS)
  • jammy (Ubuntu 22.04 LTS)
  • kinetic (Ubuntu 22.10)
  • sudo apt update
sudo apt update 
  • sudo apt upgrade
sudo apt upgrade

Regular Admin tasks

--run 
bash openvpn-install.sh
-- outputs ----
Looks like OpenVPN is already installed

What do you want to do?
   1) Add a cert for a new user
   2) Revoke existing user cert
   3) Remove OpenVPN
   4) Exit
Select an option [1-4]: 

Final Step: Portforwarding

if you running this at home, like I am. The final step is going on to your router and under port forwarding, enable 1194 to your vpn server’s private ip address.

Enbale UFW to be sure 🙂

sudo ufw enable 
sudo ufw allow 22 -- for ssh and sftp
sudo ufw allow 1194 -- for openvpn 

# for ubuntu, no reload needed.

Read Logs about All VPN collection

grep VPN /var/log/syslog
-- for me it is 
grep chaoyuVPN /var/log/syslog

Read more here!

Leave a Reply Cancel reply

You must be logged in to post a comment.

Recent Posts

  • Oracle APEX cheat sheets (on going)
  • Second Take on React Native – ReadCast
  • Switch Between APEX builder Authentication schemes
  • Use BitBucket Pipelines to Automate Oracle APEX deployment
  • MARKDown TEST

Categories

  • APEX
  • C#
  • chatgpt
  • Docker
  • JavaScript
  • Linux
  • Nginx
  • OCI
  • Oracle APEX
  • Oralce DB
  • PL/SQL
  • Python
  • Uncategorized
©2025 ChaoTic | Powered by SuperbThemes
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
Scroll Up