Reading Time: 6 minutes

Note: This article is specific to Linux OpenVPN users. If you’re on VIMES just for the giggles, this one might not be for you.

Hey there nerd Linux user. OpenVPN is possibly the best VPN protocol available. It is secure, stable and invisible to your ISP. The current Linux clients didn’t work for my needs so whipped up a real quick and dirty solution that may help you folks playing along at home.

There are plenty of clients available to connect to OpenVPN servers, the Windows GUI client is great, and Tunnelblick on Mac OSX is functional, however Linux users have it harder.

Image result for fat person wind tunnel
Harder and harder.

There are heaps of OpenVPN clients available for Linux, most distros support adding OpenVPN connections directly in the network manager, and good commercial OpenVPN based products like NordVPN (used for hiding your internet traffic), have functional Linux clients, but both options are problematic, and if you are reading this article, you have likely encountered these issues before.

The Problem With Current Linux Clients

Every day I need to connect to multiple VPNs, often at the same time. I use Debian Linux (with Deepin for the DE) and setting up OpenVPN connections in the network manager is a tedious process and also seems to be problematic in execution. It also didn’t seem to be able to handle multiple concurrent connections. The real letdown is that I already have all of the OpenVPN connections configured and saved in .ovpn files, which on Windows I just drop in to the config folder and can then select from the list.

Image result for openvpn windows gui
Stock Image, my actual desktop wallpaper is this.

DIY OpenVPN Client

For a long time I just used the terminal to manage connections, so lets start there. First make sure OpenVPN is installed on your PC. Open the terminal and type:

sudo apt install openvpn

By default, OpenVPN ends up in /etc/openvpn but for what we are doing this doesn’t matter too much. I actually store my .ovpn files in /home/USER/openvpn but this is just preference. stick them on your desktop if you want.

OVPN Files

Image result for hot nerd gif
Well done, you got this far…

.ovpn files are config files that hold the information needed to connect to a specific network. You can open them in any text editor to see the contents. Mine all tend to look like this:

client
--auth-user-pass
dev tap
proto udp
remote IP_or_Domain_Name 1194
resolv-retry infinite
nobind
persist-key
persist-tun
<ca>
-----BEGIN CERTIFICATE-----
Long string of text that is your certificate
-----END CERTIFICATE-----
</ca>
comp-lzo
verb 3

Most folks seem to have a separate certificate file (.cer or .pem) so there may be a file path pointing to that cert location. I put my cetificates inline as it makes the .ovpn file portable and cross platform. (just copy and past the content from the .cer or .pem file and drop it between the ca and /ca tags). Save the .ovpn files where ever you feel like it.

Connecting to OpenVPN via Terminal

Now lets test the connection to the VPN. In the terminal type:

sudo openvpn --config '/path/to/opencpn.ovpn'

If everything works you will get prompted first for your sudo password, then for a username and password required to connect to the remote network (if configured). Then you’ll get a bunch of text that looks similar to this:

And you get to feel like Neo.

Test pinging an address on the remote network. To disconnect just hit Ctrl+C . You can open multiple terminal sessions and run multiple connections this way… but it can get confusing.

The Script(s)

I get sometimes super confused about what networks I am connected to, especially when I end up with five or more open terminal sessions each with a different connection. I also accidentally close the terminal all the time, which doesn’t kill the connection, but i now can’t close it easily if i do want to. I also get conflicts or try to open the same VPN more than once because I am just damned confused and don’t have an easy way to see what is going on.

So here are some scripts I put together to make it easier to manage.

Copy this text into a text-editor and save it as convpn.sh in a location of your choosing. You may want to save this file to your desktop, (or create a shortcut to this file from yoru task bar etc.) for easy access.

This script is configured for the .ovpn files to be located in a folder called openvpn in your home directory. If you are saving else where just change the path after —filename=.

top -c -n 1 -p `pidof openvpn | sed 's/ /,/g'`
vpnfile=$(zenity --file-selection --title="Choose OpenVPN Connection" --filename=$HOME/openvpn/ --file-filter='*.ovpn')
echo "connecting to" $vpnfile
sudo openvpn --config $vpnfile --daemon
top -c -n 1 -p `pidof openvpn | sed 's/ /,/g'`

Now copy this text into a text-editor and save it as disvpn.sh

top -c -n 1 -p pidof openvpn | sed 's/ /,/g'
 vpnfile=$(zenity --file-selection --title="Choose OpenVPN Connection" --filename=$HOME/openvpn/ --file-filter='*.ovpn')
 echo "disconnecting" $vpnfile
 sudo pkill -f "openvpn --config $vpnfile --daemon"  
 top -c -n 1 -p pidof openvpn | sed 's/ /,/g'

Now copy this text into a text-editor and save it as showvpn.sh

top -c -n 1 -p pidof openvpn | sed 's/ /,/g'

Make the Scripts Executable

Execute GIF

Open the file browser and navigate to the location you saved the .sh files to. Right click each file and select properties.

This next step may vary with your distro, but you should have an option to tick that will allow you to execute the .sh script as a program.

This view is from Deepin on Debian.

Now lets test it out. Double click convpn.sh and choose run in terminal

You will then get a file browser prompt to select the .ovpn file you want to use. Just select the file and press ok.

You then will get prompted for your computer password, and then your network username and password (if configured).

Once connected you will get this display, showing what networks you are currently connected to.

Pressing enter will close the terminal.

To disconnect from the VPN, double click the disvpn.sh file and then select the .ovpn file from the prompt that you want to disconnect from. Once again you will be shown the current network status. If empty then you are not connected to anything.

At any time you can double click the showvpn.sh to see what VPNs you are connected to.

Add an Alias for Speed in Terminal

Image result for mr bean gif

If you are a Linux user, chances are that you always have a terminal session open anyway. This script works perfectly in that case too, but lets add some aliases for speed.

In the terminal type:

sudo nano ~/.bashrc
And you should get this…

Now scroll down in the file under #My Custom aliases and enter the following:

alias convpn="bash convpn.sh"
alias disvpn="bash disvpn.sh"
alias showvpn="bash showvpn.sh"

You will need to include the path to the .sh file if you didn’t save them in your home directory. Press Ctrl+X and select yes to save.

Now you can type convpn at any time to connect to a VPN easily. You can also type disvpn to disconnect and showvpn to show the active connections.

What Does This Script Do?

Image result for what does it do gif

This script is very not complicated. All it does is calls a file-browser window to locate the ovpn config file, and then runs a standard OpenVPN connection command against that. It does run OpenVPN as a daemon, which prevents things from stopping if you do run this in the terminal.

To show the running connections it is just using top but restricts the output to only show the OpenVPN services.

Simple but effective and works on pretty much every platform with minimal fuss.

Let us know if you have a better way.

Leroy Butts

Leroy Butts wishes people would start calling him Big Leroy, but knows they probably wont. He is a lover of fiction, technology and design and is an editor and columnist for VIMES. When not making dick jokes on the internet, Leroy is a Systems Administrator and IT Security Consultant. Leroy also writes on his personal site Astronaut.Garden
Leroy Butts

4 thoughts on “Quick Tips: A DIY GUI OpenVPN Client On Linux”

Leave a Reply

Your email address will not be published.