OpenVPN install: Set up your own OpenVPN server on Debian, Ubuntu, Fedora CentOS, and Arch Linux
OpenVPN-install
OpenVPN installer for Debian, Ubuntu, Fedora, CentOS and Arch Linux.
This script will let you set up your own secure VPN server in just a few minutes.
Features
This fork includes the following features :
- Every feature of the original script
- Better encryption, see below
- Better DNS resolvers, see below
- A choice between TCP and UDP (UDP is still recommended)
- Run server in unprivileged mode, reducing risks to the system
- Block DNS leak on Windows 10
- No comp-lzo, as compression is a vector for oracle attacks, e.g. CRIME or BREACH
- Arch Linux support
- Up-to-date OpenVPN thanks to EPEL for CentOS and swupdate.openvpn.net for Ubuntu and Debian. These are third-party yet trusted repositories.
- Randomized certificate name
- Other improvements!
DNS
The script will ask you which DNS resolvers you want to use when connected to the VPN.
Here are the possibilities :
- Current system resolvers, those that are in
/etc/resolv.conf - Cloudflare, recommended, fastest resolvers available (Anycast servers)
- Quad9, recommended, security and privacy oriented, fast worldwide (Anycast servers)
- FDN’s DNS Servers, recommended if you’re in western Europe (France)
- DNS.WATCH DNS Servers, recommended if you’re in western Europe (Germany)
- OpenDNS, not recommended but fast worldwide (Anycast servers)
- Google Public DNS, not recommended, but fast worldwide (Anycast servers)
- Yandex Basic DNS, not recommended, but fast in Russia
- AdGuard DNS, located in Russia, blocks ads and trackers
- Soon: local resolver 😀
Here is a preview of the installer :
Usage
You have to enable the TUN module otherwise OpenVPN won’t work. Ask your host if you don’t know how to do it. If the TUN module is not enabled, the script will warn you and exit.
You can get a cheap VPS to run this script for $2.50/month worldwide at Vultr or 3€/month for unlimited bandwidth in France at PulseHeberg.
First, get the script and make it executable :
wget https://raw.githubusercontent.com/Angristan/OpenVPN-install/master/openvpn-install.sh
chmod +x openvpn-install.sh
Then run it :
./openvpn-install.sh
The first time you run it, you’ll have to follow the assistant and answer a few questions to set up your VPN server.
When OpenVPN is installed, you can run the script again, and you will get the choice to :
- Add a client
- Remove a client
- Uninstall OpenVPN
Copyright (c) 2016 Nyr, Angristan
Source: https://github.com/Angristan/
