How to install OpenVPN on Linux


You can easily install OpenVPN on Debian, Ubuntu and CentOS by using only one command line:

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

Result:

[root@keyword-optimization-tools ~]# wget https://git.io/vpn -O openvpn-install.
sh && bash openvpn-install.sh
--2017-02-27 03:37:01--  https://git.io/vpn
Resolving git.io (git.io)... 54.243.154.49, 54.235.212.238, 75.101.145.225, ...
Connecting to git.io (git.io)|54.243.154.49|:443... connected.
HTTP request sent, awaiting response... 302 Found
Welcome to this quick OpenVPN "road warrior" installer

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 144.172.71.212

Which protocol do you want for OpenVPN connections?
   1) UDP (recommended)
   2) TCP
Protocol [1-2]: 1

What port do you want OpenVPN listening to?
Port: 1194

Which DNS do you want to use with the VPN?
   1) Current system resolvers
   2) Google
   3) OpenDNS
   4) NTT
   5) Hurricane Electric
   6) Verisign
DNS [1-6]: 2

Finally, tell me your name for the client certificate
Please, use one word only, no special characters
Client name: client

Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base                                                     | 3.6 kB     00:00
epel/x86_64/metalink                                     |  12 kB     00:00
epel                                                     | 4.3 kB     00:00
extras                                                   | 3.4 kB     00:00
mariadb                                                  | 2.9 kB     00:00
remi-safe                                                | 2.9 kB     00:00
updates                                                  | 3.4 kB     00:00
(1/5): epel/x86_64/updateinfo                              | 745 kB   00:00
(2/5): remi-safe/primary_db                                | 907 kB   00:00
(3/5): extras/7/x86_64/primary_db                          | 122 kB   00:00
(4/5): epel/x86_64/primary_db                              | 4.6 MB   00:00
(5/5): updates/7/x86_64/primary_db                         | 2.9 MB   00:04
Determining fastest mirrors
 * base: mirror.scalabledns.com
 * epel: mirror.hmc.edu
 * extras: mirror.supremebytes.com
 * remi-safe: mirror.bebout.net
 * updates: centos-distro.1gservers.com
Package epel-release-7-9.noarch already installed and latest version
Nothing to do
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.scalabledns.com
 * epel: mirror.hmc.edu
 * extras: mirror.supremebytes.com
 * remi-safe: mirror.bebout.net
 * updates: centos-distro.1gservers.com
Package iptables-1.4.21-17.el7.x86_64 already installed and latest version
Package wget-1.14-13.el7.x86_64 already installed and latest version
Package ca-certificates-2015.2.6-73.el7.noarch already installed and latest vers
ion
Resolving Dependencies
--> Running transaction check
---> Package openssl.x86_64 1:1.0.1e-60.el7 will be updated
---> Package openssl.x86_64 1:1.0.1e-60.el7_3.1 will be an update
--> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-60.el7_3.1 for packag
e: 1:openssl-1.0.1e-60.el7_3.1.x86_64
---> Package openvpn.x86_64 0:2.3.14-1.el7 will be installed
--> Processing Dependency: libpkcs11-helper.so.1()(64bit) for package: openvpn-2
.3.14-1.el7.x86_64
--> Running transaction check
---> Package openssl-libs.x86_64 1:1.0.1e-60.el7 will be updated
--> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-60.el7 for package: 1
:openssl-devel-1.0.1e-60.el7.x86_64
---> Package openssl-libs.x86_64 1:1.0.1e-60.el7_3.1 will be an update
---> Package pkcs11-helper.x86_64 0:1.11-3.el7 will be installed
--> Running transaction check
---> Package openssl-devel.x86_64 1:1.0.1e-60.el7 will be updated
---> Package openssl-devel.x86_64 1:1.0.1e-60.el7_3.1 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch         Version                   Repository     Size
================================================================================
Installing:
 openvpn             x86_64       2.3.14-1.el7              epel          454 k
Updating:
 openssl             x86_64       1:1.0.1e-60.el7_3.1       updates       713 k
Installing for dependencies:
 pkcs11-helper       x86_64       1.11-3.el7                epel           56 k
Updating for dependencies:
 openssl-devel       x86_64       1:1.0.1e-60.el7_3.1       updates       1.2 M
 openssl-libs        x86_64       1:1.0.1e-60.el7_3.1       updates       959 k

Transaction Summary
================================================================================
Install  1 Package (+1 Dependent package)
Upgrade  1 Package (+2 Dependent packages)

Total download size: 3.3 M
Downloading packages:
updates/7/x86_64/prestodelta                               | 312 kB   00:01
Delta RPMs reduced 2.8 M of updates to 780 k (72% saved)
(1/5): openssl-libs-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_64 | 138 kB   00:00
(2/5): openssl-devel-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_6 | 283 kB   00:00
(3/5): openvpn-2.3.14-1.el7.x86_64.rpm                     | 454 kB   00:00
(4/5): pkcs11-helper-1.11-3.el7.x86_64.rpm                 |  56 kB   00:00
(5/5): openssl-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_64.drpm | 359 kB   00:01
Finishing delta rebuilds of 3 package(s) (2.8 M)
--------------------------------------------------------------------------------
Total                                              259 kB/s | 1.3 MB  00:04
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : 1:openssl-libs-1.0.1e-60.el7_3.1.x86_64                      1/8
  Installing : pkcs11-helper-1.11-3.el7.x86_64                              2/8
  Installing : openvpn-2.3.14-1.el7.x86_64                                  3/8
  Updating   : 1:openssl-1.0.1e-60.el7_3.1.x86_64                           4/8
  Updating   : 1:openssl-devel-1.0.1e-60.el7_3.1.x86_64                     5/8
  Cleanup    : 1:openssl-devel-1.0.1e-60.el7.x86_64                         6/8
  Cleanup    : 1:openssl-1.0.1e-60.el7.x86_64                               7/8
  Cleanup    : 1:openssl-libs-1.0.1e-60.el7.x86_64                          8/8
  Verifying  : 1:openssl-1.0.1e-60.el7_3.1.x86_64                           1/8
  Verifying  : 1:openssl-devel-1.0.1e-60.el7_3.1.x86_64                     2/8
  Verifying  : pkcs11-helper-1.11-3.el7.x86_64                              3/8
  Verifying  : openvpn-2.3.14-1.el7.x86_64                                  4/8
  Verifying  : 1:openssl-libs-1.0.1e-60.el7_3.1.x86_64                      5/8
  Verifying  : 1:openssl-libs-1.0.1e-60.el7.x86_64                          6/8
  Verifying  : 1:openssl-devel-1.0.1e-60.el7.x86_64                         7/8
  Verifying  : 1:openssl-1.0.1e-60.el7.x86_64                               8/8

Installed:
  openvpn.x86_64 0:2.3.14-1.el7

Dependency Installed:
  pkcs11-helper.x86_64 0:1.11-3.el7

Updated:
  openssl.x86_64 1:1.0.1e-60.el7_3.1

Dependency Updated:
  openssl-devel.x86_64 1:1.0.1e-60.el7_3.1
  openssl-libs.x86_64 1:1.0.1e-60.el7_3.1

Complete!
--2017-02-27 03:52:56--  https://github.com/OpenVPN/easy-rsa/releases/download/3
.0.1/EasyRSA-3.0.1.tgz
Resolving github.com (github.com)... 192.30.253.113, 192.30.253.112
Connecting to github.com (github.com)|192.30.253.113|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-cloud.s3.amazonaws.com/releases/4519663/9dab10e8-7b6a-1
1e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA
ISTNZFOVBIJMK3TQ%2F20170227%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20170227T
035235Z&X-Amz-Expires=300&X-Amz-Signature=e2f962e7b44817e299ff32360aa8985978c432
8c196e90ce426dd0ca78d0bc72&X-Amz-SignedHeaders=host&actor_id=0&response-content-
disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=a
pplication%2Foctet-stream [following]
--2017-02-27 03:52:56--  https://github-cloud.s3.amazonaws.com/releases/4519663/
9dab10e8-7b6a-11e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-
Credential=AKIAISTNZFOVBIJMK3TQ%2F20170227%2Fus-east-1%2Fs3%2Faws4_request&X-Amz
-Date=20170227T035235Z&X-Amz-Expires=300&X-Amz-Signature=e2f962e7b44817e299ff323
60aa8985978c4328c196e90ce426dd0ca78d0bc72&X-Amz-SignedHeaders=host&actor_id=0&re
sponse-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response
-content-type=application%2Foctet-stream
Resolving github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)... 52.21
6.224.192
Connecting to github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)|52.2
16.224.192|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 40960 (40K) [application/octet-stream]
Saving to: `/root/EasyRSA-3.0.1.tgz'

100%[======================================>] 40,960      --.-K/s   in 0.1s

2017-02-27 03:52:57 (333 KB/s) - `/root/EasyRSA-3.0.1.tgz' saved [40960/40960]


init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki

Generating a 2048 bit RSA private key
...................+++
.............................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.tEnNCC3zek'
-----
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
................................+...............................................

........................................................++*++*

DH parameters of size 2048 created at /etc/openvpn/easy-rsa/pki/dh.pem

Generating a 2048 bit RSA private key
................................................................................

.................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/server.key.oJ4NwLj
U2W'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :PRINTABLE:'server'
Certificate is to be certified until Feb 25 03:56:56 2027 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated
Generating a 2048 bit RSA private key
.....+++
..........................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/client.key.poyoQwd
QVx'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :PRINTABLE:'client'
Certificate is to be certified until Feb 25 03:56:57 2027 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf

An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem

61
Created symlink from /etc/systemd/system/multi-user.target.wants/openvpn@server.
service to /usr/lib/systemd/system/openvpn@.service.

Finished!

Your client configuration is available at /root/client.ovpn
If you want to add more clients, you simply need to run this script again!

install openvpn on linux

Finish, now you retype that command to create new account, remove account, uninstall OpenVPN

Result:
Looks like OpenVPN is already installed

What do you want to do?
   1) Add a new user
   2) Revoke an existing user
   3) Remove OpenVPN
   4) Exit
Select an option [1-4]:

If you get the error during the installation:

TUN is not available

You can easily fix it by using these command lines:

mkdir /dev/net
mknod /dev/net/tun c 10 200
modprobe tun

Leave a Reply