{"id":689,"date":"2025-01-09T20:09:28","date_gmt":"2025-01-09T20:09:28","guid":{"rendered":"https:\/\/broadlypointless.com\/?p=689"},"modified":"2025-01-09T20:10:00","modified_gmt":"2025-01-09T20:10:00","slug":"pia-openvpn-on-linux","status":"publish","type":"post","link":"https:\/\/broadlypointless.com\/?p=689","title":{"rendered":"PIA Openvpn on Linux"},"content":{"rendered":"\n

Autoconnect\u00a0Private Internet Access VPN on Boot Linux<\/a><\/h2>\n\n\n\n

Update Linux repos as always<\/p>\n\n\n\n

sudo apt-get update<\/code><\/pre>\n\n\n\n
Install and Configure OpenVPN<\/h3>\n\n\n\n
Install OpenVPN and unzip<\/p>\n\n\n\n
sudo apt-get install openvpn unzip -y<\/code><\/pre>\n\n\n\n
Enter the OpenVPN folder<\/p>\n\n\n\n
cd \/etc\/openvpn<\/code><\/pre>\n\n\n\n
Download the Private Internet Access OpenVPN configuration files (extension .ovpn)<\/p>\n\n\n\n
sudo wget --no-check-certificate https:\/\/www.privateinternetaccess.com\/openvpn\/openvpn.zip<\/code><\/pre>\n\n\n\n
Unzip the openvpn configuration files<\/p>\n\n\n\n
sudo unzip openvpn.zip<\/code><\/pre>\n\n\n\n
You can list all of the countries you can connect to with this command inside the \/etc\/openvpn<\/code> folder<\/p>\n\n\n\n
ls -lh *.ovpn<\/code><\/pre>\n\n\n\n
See the long list, you will specify the ovpn file when you connect to Private Internet Access’s VPN servers<\/p>\n\n\n\n
-rw-r--r-- 1 root root 238 Nov 25 20:47 AU Melbourne.ovpn\n-rw-r--r-- 1 root root 228 Nov 25 20:47 AU Sydney.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Brazil.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 CA North York.ovpn\n-rw-r--r-- 1 root root 235 Nov 25 20:47 CA Toronto.ovpn\n-rw-r--r-- 1 root root 232 Nov 25 20:47 Denmark.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 France.ovpn\n-rw-r--r-- 1 root root 232 Nov 25 20:47 Germany.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 Hong Kong.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 India.ovpn\n-rw-r--r-- 1 root root 232 Nov 25 20:47 Ireland.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Israel.ovpn\n-rw-r--r-- 1 root root 230 Nov 25 20:47 Italy.ovpn\n-rw-r--r-- 1 root root 230 Nov 25 20:47 Japan.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Mexico.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 Netherlands.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 New Zealand.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 Romania.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Russia.ovpn\n-rw-r--r-- 1 root root 227 Nov 25 20:47 Singapore.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Sweden.ovpn\n-rw-r--r-- 1 root root 230 Nov 25 20:47 Switzerland.ovpn\n-rw-r--r-- 1 root root 231 Nov 25 20:47 Turkey.ovpn\n-rw-r--r-- 1 root root 234 Nov 25 20:47 UK London.ovpn\n-rw-r--r-- 1 root root 239 Nov 25 20:47 UK Southampton.ovpn\n-rw-r--r-- 1 root root 238 Nov 25 20:47 US California.ovpn\n-rw-r--r-- 1 root root 232 Nov 25 20:47 US East.ovpn\n-rw-r--r-- 1 root root 235 Nov 25 20:47 US Florida.ovpn\n-rw-r--r-- 1 root root 235 Nov 25 20:47 US Midwest.ovpn\n-rw-r--r-- 1 root root 239 Nov 25 20:47 US New York City.ovpn\n-rw-r--r-- 1 root root 235 Nov 25 20:47 US Seattle.ovpn\n-rw-r--r-- 1 root root 241 Nov 25 20:47 US Silicon Valley.ovpn\n-rw-r--r-- 1 root root 233 Nov 25 20:47 US Texas.ovpn\n-rw-r--r-- 1 root root 232 Nov 25 20:47 US West.ovpn<\/code><\/pre>\n\n\n\n
Create a login details text file so you can log on to the PIA VPN automatically<\/p>\n\n\n\n
sudo nano \/etc\/openvpn\/login.txt<\/code><\/pre>\n\n\n\n
Input your username and password, replace username with your actual username and password with your actual VPN password in this format<\/p>\n\n\n\n
username\npassword<\/code><\/pre>\n\n\n\n
Ctrl+X, Y and Enter to Save and Exit<\/p>\n\n\n\n
Change the permission of the login.txt file so it is only owned by root which will solve this error WARNING: file '\/etc\/openvpn\/login.txt' is group or others accessible<\/code><\/p>\n\n\n\n
sudo chmod 700 \/etc\/openvpn\/login.txt<\/code><\/pre>\n\n\n\n
Fix DNS issues by using the Google DNS servers<\/p>\n\n\n\n
echo \"nameserver 8.8.8.8\" | sudo tee -a \/etc\/resolv.conf\necho \"nameserver 8.8.4.4\" | sudo tee -a \/etc\/resolv.conf<\/code><\/pre>\n\n\n\n
Make the DNS changes permanent. This sets the resolv.conf<\/code> file to immutable (i.e. unchangeable)<\/p>\n\n\n\n
sudo chattr +i \/etc\/resolv.conf<\/code><\/pre>\n\n\n\n
Test the PIA VPN is working, here I’m using Sweden but you can choose any country from the list generated before<\/p>\n\n\n\n
cd \/etc\/openvpn\nsudo openvpn --config \/etc\/openvpn\/Sweden.ovpn --auth-user-pass \/etc\/openvpn\/login.txt<\/code><\/pre>\n\n\n\n
If you see success like below, your VPN public IP address is highlighted in red, let’s verify that’s what we get then start a new SSH session<\/p>\n\n\n\n
Wed May 4 08:42:37 2016 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016\nWed May 4 08:42:37 2016 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08\nWed May 4 08:42:37 2016 UDPv4 link local: [undef]\nWed May 4 08:42:37 2016 UDPv4 link remote: [AF_INET]185.3.135.34:1194\nWed May 4 08:42:37 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this\nWed May 4 08:42:37 2016 [Private Internet Access] Peer Connection Initiated with [AF_INET]185.3.135.34:1194\nWed May 4 08:42:40 2016 TUN\/TAP device tun0 opened\nWed May 4 08:42:40 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0\nWed May 4 08:42:40 2016 \/sbin\/ip link set dev tun0 up mtu 1500\nWed May 4 08:42:40 2016 \/sbin\/ip addr add dev tun0 local 10.177.1.6 peer 10.177.1.5\nWed May 4 08:42:40 2016 Initialization Sequence Completed<\/code><\/pre>\n\n\n\n
Start a new SSH session and check the IP address you are getting<\/p>\n\n\n\n
wget http:\/\/ipinfo.io\/ip -qO -<\/code><\/pre>\n\n\n\n
It should match the UDPv4 link remote address shown in the previous command. You should see something different than your regular IP address found on whatsmyip.org<\/a> or on your wireless router from your ISP.<\/p>\n\n\n\n
185.3.135.34<\/code><\/pre>\n\n\n\n
It matches so we’re all good, now it’s time to autoconnect to Private Internet Access on boot.<\/p>\n\n\n\n
First you should use Ctrl+C in the SSH session showing the Private Internet Access VPN is connected to disconnect from the VPN.<\/p>\n\n\n\n
Autoconnect PIA VPN on Boot<\/h3>\n\n\n\n
Create the OpenVPN autoconnect init.d startup script file<\/p>\n\n\n\n
sudo nano \/etc\/init.d\/openvpnauto<\/code><\/pre>\n\n\n\n
Paste this OpenVPN autoconnect startup script, if you do not want to use Sweden.ovpn then replace it in the DAEMON_OPTS line<\/p>\n\n\n\n
#!\/bin\/sh\n### BEGIN INIT INFO\n# Provides:          OpenVPN Autoconnect\n# Required-Start:    $local_fs $remote_fs $network\n# Required-Stop:     $local_fs $remote_fs $network\n# Default-Start:     2 3 4 5\n# Default-Stop:      0 1 6\n# Short-Description: OpenVPN Autoconnect\n# Description:       OpenVPN Autoconnect\n### END INIT INFO\n\n\n# Documentation available at\n# http:\/\/refspecs.linuxfoundation.org\/LSB_3.1.0\/LSB-Core-generic\/LSB-Core-generic\/iniscrptfunc.html\n# Debian provides some extra functions though\n. \/lib\/lsb\/init-functions\n\n\nDAEMON_NAME=\"openvpnauto\"\nDAEMON_USER=root\nDAEMON_PATH=\"\/usr\/sbin\/openvpn\"\nDAEMON_OPTS=\"--config \/etc\/openvpn\/Sweden.ovpn --auth-user-pass \/etc\/openvpn\/login.txt\"\nDAEMON_PWD=\"\/etc\/openvpn\"\nDAEMON_DESC=$(get_lsb_header_val $0 \"Short-Description\")\nDAEMON_PID=\"\/var\/run\/${DAEMON_NAME}.pid\"\nDAEMON_NICE=0\nDAEMON_LOG='\/var\/log\/openvpnauto.log'\n\n[ -r \"\/etc\/default\/${DAEMON_NAME}\" ] && . \"\/etc\/default\/${DAEMON_NAME}\"\n\ndo_start() {\n  local result\n\n    pidofproc -p \"${DAEMON_PID}\" \"${DAEMON_PATH}\" > \/dev\/null\n    if [ $? -eq 0 ]; then\n        log_warning_msg \"${DAEMON_NAME} is already started\"\n        result=0\n    else\n        log_daemon_msg \"Starting ${DAEMON_DESC}\" \"${DAEMON_NAME}\"\n        touch \"${DAEMON_LOG}\"\n        chown $DAEMON_USER \"${DAEMON_LOG}\"\n        chmod u+rw \"${DAEMON_LOG}\"\n        if [ -z \"${DAEMON_USER}\" ]; then\n            start-stop-daemon --start --quiet --oknodo --background \\\n                --nicelevel $DAEMON_NICE \\\n                --chdir \"${DAEMON_PWD}\" \\\n                --pidfile \"${DAEMON_PID}\" --make-pidfile \\\n                --exec \"${DAEMON_PATH}\" -- $DAEMON_OPTS\n            result=$?\n        else\n            start-stop-daemon --start --quiet --oknodo --background \\\n                --nicelevel $DAEMON_NICE \\\n                --chdir \"${DAEMON_PWD}\" \\\n                --pidfile \"${DAEMON_PID}\" --make-pidfile \\\n                --chuid \"${DAEMON_USER}\" \\\n                --exec \"${DAEMON_PATH}\" -- $DAEMON_OPTS\n            result=$?\n        fi\n        log_end_msg $result\n    fi\n    return $result\n}\n\ndo_stop() {\n    local result\n\n    pidofproc -p \"${DAEMON_PID}\" \"${DAEMON_PATH}\" > \/dev\/null\n    if [ $? -ne 0 ]; then\n        log_warning_msg \"${DAEMON_NAME} is not started\"\n        result=0\n    else\n        log_daemon_msg \"Stopping ${DAEMON_DESC}\" \"${DAEMON_NAME}\"\n        killproc -p \"${DAEMON_PID}\" \"${DAEMON_PATH}\"\n        result=$?\n        log_end_msg $result\n        rm \"${DAEMON_PID}\"\n    fi\n    return $result\n}\n\ndo_restart() {\n    local result\n    do_stop\n    result=$?\n    if [ $result = 0 ]; then\n        do_start\n        result=$?\n    fi\n    return $result\n}\n\ndo_status() {\n    local result\n    status_of_proc -p \"${DAEMON_PID}\" \"${DAEMON_PATH}\" \"${DAEMON_NAME}\"\n    result=$?\n    return $result\n}\n\ndo_usage() {\n    echo $\"Usage: $0 {start | stop | restart | status}\"\n    exit 1\n}\n\ncase \"$1\" in\nstart)   do_start;   exit $? ;;\nstop)    do_stop;    exit $? ;;\nrestart) do_restart; exit $? ;;\nstatus)  do_status;  exit $? ;;\n*)       do_usage;   exit  1 ;;\nesac<\/code><\/pre>\n\n\n\n
Ctrl+X, Y and Enter to Save<\/p>\n\n\n\n
Enable the OpenVPN PIA Autoconnect script<\/p>\n\n\n\n
sudo chmod +x \/etc\/init.d\/openvpnauto\nsudo update-rc.d openvpnauto defaults 98<\/code><\/pre>\n\n\n\n
Now you can connect to PIA’s VPN automatically by running<\/p>\n\n\n\n
sudo service openvpnauto start<\/code><\/pre>\n\n\n\n
You can retest your IP to verify it’s not your ISP’s IP address<\/p>\n\n\n\n
wget http:\/\/ipinfo.io\/ip -qO -<\/code><\/pre>\n\n\n\n
If it is not your regular IP shown on whatsmyip.org then you can reboot and test your IP address again<\/p>\n\n\n\n
sudo reboot<\/code><\/pre>\n\n\n\n
Test your IP again and compare it to whatsmyip.org’s result<\/p>\n\n\n\n
wget http:\/\/ipinfo.io\/ip -qO -<\/code><\/pre>\n\n\n\n
Now you’ve set up installing and autoconnecting to Private Internet Access VPN on Linux on boot<\/p>\n","protected":false},"excerpt":{"rendered":"
Autoconnect\u00a0Private Internet Access VPN on Boot Linux Update Linux repos as always Install and Configure OpenVPN Install OpenVPN and unzip Enter the OpenVPN folder Download the Private Internet Access OpenVPN configuration files (extension .ovpn) Unzip the openvpn configuration files You can list all of the countries you can connect to with this command inside the \/etc\/openvpn […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-689","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/posts\/689","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=689"}],"version-history":[{"count":2,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/posts\/689\/revisions"}],"predecessor-version":[{"id":691,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=\/wp\/v2\/posts\/689\/revisions\/691"}],"wp:attachment":[{"href":"https:\/\/broadlypointless.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/broadlypointless.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}