Note: This article is specific to Linux OpenVPN users. If you’re on VIMES just for the giggles, this one might not be for you.
Hey there nerd Linux user. OpenVPN is possibly the best VPN protocol available. It is secure, stable and invisible to your ISP. The current Linux clients didn’t work for my needs so whipped up a real quick and dirty solution that may help you folks playing along at home.
There are heaps of OpenVPN clients available for Linux, most distros support adding OpenVPN connections directly in the network manager, and good commercial OpenVPN based products like NordVPN (used for hiding your internet traffic), have functional Linux clients, but both options are problematic, and if you are reading this article, you have likely encountered these issues before.
The Problem With Current Linux Clients
Every day I need to connect to multiple VPNs, often at the same time. I use Debian Linux (with Deepin for the DE) and setting up OpenVPN connections in the network manager is a tedious process and also seems to be problematic in execution. It also didn’t seem to be able to handle multiple concurrent connections. The real letdown is that I already have all of the OpenVPN connections configured and saved in .ovpn files, which on Windows I just drop in to the config folder and can then select from the list.
DIY OpenVPN Client
For a long time I just used the terminal to manage connections, so lets start there. First make sure OpenVPN is installed on your PC. Open the terminal and type:
sudo apt install openvpn
By default, OpenVPN ends up in /etc/openvpn but for what we are doing this doesn’t matter too much. I actually store my .ovpn files in /home/USER/openvpn but this is just preference. stick them on your desktop if you want.
.ovpn files are config files that hold the information needed to connect to a specific network. You can open them in any text editor to see the contents. Mine all tend to look like this:
client --auth-user-pass dev tap proto udp remote IP_or_Domain_Name 1194 resolv-retry infinite nobind persist-key persist-tun <ca> -----BEGIN CERTIFICATE----- Long string of text that is your certificate -----END CERTIFICATE----- </ca> comp-lzo verb 3
Most folks seem to have a separate certificate file (.cer or .pem) so there may be a file path pointing to that cert location. I put my cetificates inline as it makes the .ovpn file portable and cross platform. (just copy and past the content from the .cer or .pem file and drop it between the ca and /ca tags). Save the .ovpn files where ever you feel like it.
Connecting to OpenVPN via Terminal
Now lets test the connection to the VPN. In the terminal type:
sudo openvpn --config '/path/to/opencpn.ovpn'
If everything works you will get prompted first for your sudo password, then for a username and password required to connect to the remote network (if configured). Then you’ll get a bunch of text that looks similar to this:
Test pinging an address on the remote network. To disconnect just hit Ctrl+C . You can open multiple terminal sessions and run multiple connections this way… but it can get confusing.
I get sometimes super confused about what networks I am connected to, especially when I end up with five or more open terminal sessions each with a different connection. I also accidentally close the terminal all the time, which doesn’t kill the connection, but i now can’t close it easily if i do want to. I also get conflicts or try to open the same VPN more than once because I am just damned confused and don’t have an easy way to see what is going on.
So here are some scripts I put together to make it easier to manage.
Copy this text into a text-editor and save it as convpn.sh in a location of your choosing. You may want to save this file to your desktop, (or create a shortcut to this file from yoru task bar etc.) for easy access.
This script is configured for the .ovpn files to be located in a folder called openvpn in your home directory. If you are saving else where just change the path after —filename=.
top -c -n 1 -p `pidof openvpn | sed 's/ /,/g'` vpnfile=$(zenity --file-selection --title="Choose OpenVPN Connection" --filename=$HOME/openvpn/ --file-filter='*.ovpn') echo "connecting to" $vpnfile sudo openvpn --config $vpnfile --daemon top -c -n 1 -p `pidof openvpn | sed 's/ /,/g'`
Now copy this text into a text-editor and save it as disvpn.sh
top -c -n 1 -p pidof openvpn | sed 's/ /,/g' vpnfile=$(zenity --file-selection --title="Choose OpenVPN Connection" --filename=$HOME/openvpn/ --file-filter='*.ovpn') echo "disconnecting" $vpnfile sudo pkill -f "openvpn --config $vpnfile --daemon" top -c -n 1 -p pidof openvpn | sed 's/ /,/g'
Now copy this text into a text-editor and save it as showvpn.sh
top -c -n 1 -p pidof openvpn | sed 's/ /,/g'
Make the Scripts Executable
Open the file browser and navigate to the location you saved the .sh files to. Right click each file and select properties.
This next step may vary with your distro, but you should have an option to tick that will allow you to execute the .sh script as a program.
Now lets test it out. Double click convpn.sh and choose run in terminal
You will then get a file browser prompt to select the .ovpn file you want to use. Just select the file and press ok.
You then will get prompted for your computer password, and then your network username and password (if configured).
Once connected you will get this display, showing what networks you are currently connected to.
Pressing enter will close the terminal.
To disconnect from the VPN, double click the disvpn.sh file and then select the .ovpn file from the prompt that you want to disconnect from. Once again you will be shown the current network status. If empty then you are not connected to anything.
At any time you can double click the showvpn.sh to see what VPNs you are connected to.
Add an Alias for Speed in Terminal
If you are a Linux user, chances are that you always have a terminal session open anyway. This script works perfectly in that case too, but lets add some aliases for speed.
In the terminal type:
sudo nano ~/.bashrc
Now scroll down in the file under #My Custom aliases and enter the following:
alias convpn="bash convpn.sh" alias disvpn="bash disvpn.sh" alias showvpn="bash showvpn.sh"
You will need to include the path to the .sh file if you didn’t save them in your home directory. Press Ctrl+X and select yes to save.
Now you can type convpn at any time to connect to a VPN easily. You can also type disvpn to disconnect and showvpn to show the active connections.
What Does This Script Do?
This script is very not complicated. All it does is calls a file-browser window to locate the ovpn config file, and then runs a standard OpenVPN connection command against that. It does run OpenVPN as a daemon, which prevents things from stopping if you do run this in the terminal.
To show the running connections it is just using top but restricts the output to only show the OpenVPN services.
Simple but effective and works on pretty much every platform with minimal fuss.
Let us know if you have a better way.
Latest posts by Leroy Butts (see all)
- Quick Tips: A DIY GUIOpenVPN Client On Linux - 14th July 2019
- 5 More Audio Books You Should Listen To Now - 29th April 2019
- Darknet Diaries – A Day In The Life Of A Pen Tester - 20th April 2019