You can easily install OpenVPN on Debian, Ubuntu and CentOS by using only one command line:
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
Result:
[root@keyword-optimization-tools ~]# wget https://git.io/vpn -O openvpn-install. sh && bash openvpn-install.sh --2017-02-27 03:37:01-- https://git.io/vpn Resolving git.io (git.io)... 54.243.154.49, 54.235.212.238, 75.101.145.225, ... Connecting to git.io (git.io)|54.243.154.49|:443... connected. HTTP request sent, awaiting response... 302 Found Welcome to this quick OpenVPN "road warrior" installer I need to ask you a few questions before starting the setup You can leave the default options and just press enter if you are ok with them First I need to know the IPv4 address of the network interface you want OpenVPN listening to. IP address: 144.172.71.212 Which protocol do you want for OpenVPN connections? 1) UDP (recommended) 2) TCP Protocol [1-2]: 1 What port do you want OpenVPN listening to? Port: 1194 Which DNS do you want to use with the VPN? 1) Current system resolvers 2) Google 3) OpenDNS 4) NTT 5) Hurricane Electric 6) Verisign DNS [1-6]: 2 Finally, tell me your name for the client certificate Please, use one word only, no special characters Client name: client Okay, that was all I needed. We are ready to setup your OpenVPN server now Press any key to continue... Loaded plugins: fastestmirror Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast base | 3.6 kB 00:00 epel/x86_64/metalink | 12 kB 00:00 epel | 4.3 kB 00:00 extras | 3.4 kB 00:00 mariadb | 2.9 kB 00:00 remi-safe | 2.9 kB 00:00 updates | 3.4 kB 00:00 (1/5): epel/x86_64/updateinfo | 745 kB 00:00 (2/5): remi-safe/primary_db | 907 kB 00:00 (3/5): extras/7/x86_64/primary_db | 122 kB 00:00 (4/5): epel/x86_64/primary_db | 4.6 MB 00:00 (5/5): updates/7/x86_64/primary_db | 2.9 MB 00:04 Determining fastest mirrors * base: mirror.scalabledns.com * epel: mirror.hmc.edu * extras: mirror.supremebytes.com * remi-safe: mirror.bebout.net * updates: centos-distro.1gservers.com Package epel-release-7-9.noarch already installed and latest version Nothing to do Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.scalabledns.com * epel: mirror.hmc.edu * extras: mirror.supremebytes.com * remi-safe: mirror.bebout.net * updates: centos-distro.1gservers.com Package iptables-1.4.21-17.el7.x86_64 already installed and latest version Package wget-1.14-13.el7.x86_64 already installed and latest version Package ca-certificates-2015.2.6-73.el7.noarch already installed and latest vers ion Resolving Dependencies --> Running transaction check ---> Package openssl.x86_64 1:1.0.1e-60.el7 will be updated ---> Package openssl.x86_64 1:1.0.1e-60.el7_3.1 will be an update --> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-60.el7_3.1 for packag e: 1:openssl-1.0.1e-60.el7_3.1.x86_64 ---> Package openvpn.x86_64 0:2.3.14-1.el7 will be installed --> Processing Dependency: libpkcs11-helper.so.1()(64bit) for package: openvpn-2 .3.14-1.el7.x86_64 --> Running transaction check ---> Package openssl-libs.x86_64 1:1.0.1e-60.el7 will be updated --> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-60.el7 for package: 1 :openssl-devel-1.0.1e-60.el7.x86_64 ---> Package openssl-libs.x86_64 1:1.0.1e-60.el7_3.1 will be an update ---> Package pkcs11-helper.x86_64 0:1.11-3.el7 will be installed --> Running transaction check ---> Package openssl-devel.x86_64 1:1.0.1e-60.el7 will be updated ---> Package openssl-devel.x86_64 1:1.0.1e-60.el7_3.1 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: openvpn x86_64 2.3.14-1.el7 epel 454 k Updating: openssl x86_64 1:1.0.1e-60.el7_3.1 updates 713 k Installing for dependencies: pkcs11-helper x86_64 1.11-3.el7 epel 56 k Updating for dependencies: openssl-devel x86_64 1:1.0.1e-60.el7_3.1 updates 1.2 M openssl-libs x86_64 1:1.0.1e-60.el7_3.1 updates 959 k Transaction Summary ================================================================================ Install 1 Package (+1 Dependent package) Upgrade 1 Package (+2 Dependent packages) Total download size: 3.3 M Downloading packages: updates/7/x86_64/prestodelta | 312 kB 00:01 Delta RPMs reduced 2.8 M of updates to 780 k (72% saved) (1/5): openssl-libs-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_64 | 138 kB 00:00 (2/5): openssl-devel-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_6 | 283 kB 00:00 (3/5): openvpn-2.3.14-1.el7.x86_64.rpm | 454 kB 00:00 (4/5): pkcs11-helper-1.11-3.el7.x86_64.rpm | 56 kB 00:00 (5/5): openssl-1.0.1e-60.el7_1.0.1e-60.el7_3.1.x86_64.drpm | 359 kB 00:01 Finishing delta rebuilds of 3 package(s) (2.8 M) -------------------------------------------------------------------------------- Total 259 kB/s | 1.3 MB 00:04 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : 1:openssl-libs-1.0.1e-60.el7_3.1.x86_64 1/8 Installing : pkcs11-helper-1.11-3.el7.x86_64 2/8 Installing : openvpn-2.3.14-1.el7.x86_64 3/8 Updating : 1:openssl-1.0.1e-60.el7_3.1.x86_64 4/8 Updating : 1:openssl-devel-1.0.1e-60.el7_3.1.x86_64 5/8 Cleanup : 1:openssl-devel-1.0.1e-60.el7.x86_64 6/8 Cleanup : 1:openssl-1.0.1e-60.el7.x86_64 7/8 Cleanup : 1:openssl-libs-1.0.1e-60.el7.x86_64 8/8 Verifying : 1:openssl-1.0.1e-60.el7_3.1.x86_64 1/8 Verifying : 1:openssl-devel-1.0.1e-60.el7_3.1.x86_64 2/8 Verifying : pkcs11-helper-1.11-3.el7.x86_64 3/8 Verifying : openvpn-2.3.14-1.el7.x86_64 4/8 Verifying : 1:openssl-libs-1.0.1e-60.el7_3.1.x86_64 5/8 Verifying : 1:openssl-libs-1.0.1e-60.el7.x86_64 6/8 Verifying : 1:openssl-devel-1.0.1e-60.el7.x86_64 7/8 Verifying : 1:openssl-1.0.1e-60.el7.x86_64 8/8 Installed: openvpn.x86_64 0:2.3.14-1.el7 Dependency Installed: pkcs11-helper.x86_64 0:1.11-3.el7 Updated: openssl.x86_64 1:1.0.1e-60.el7_3.1 Dependency Updated: openssl-devel.x86_64 1:1.0.1e-60.el7_3.1 openssl-libs.x86_64 1:1.0.1e-60.el7_3.1 Complete! --2017-02-27 03:52:56-- https://github.com/OpenVPN/easy-rsa/releases/download/3 .0.1/EasyRSA-3.0.1.tgz Resolving github.com (github.com)... 192.30.253.113, 192.30.253.112 Connecting to github.com (github.com)|192.30.253.113|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://github-cloud.s3.amazonaws.com/releases/4519663/9dab10e8-7b6a-1 1e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA ISTNZFOVBIJMK3TQ%2F20170227%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20170227T 035235Z&X-Amz-Expires=300&X-Amz-Signature=e2f962e7b44817e299ff32360aa8985978c432 8c196e90ce426dd0ca78d0bc72&X-Amz-SignedHeaders=host&actor_id=0&response-content- disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=a pplication%2Foctet-stream [following] --2017-02-27 03:52:56-- https://github-cloud.s3.amazonaws.com/releases/4519663/ 9dab10e8-7b6a-11e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz- Credential=AKIAISTNZFOVBIJMK3TQ%2F20170227%2Fus-east-1%2Fs3%2Faws4_request&X-Amz -Date=20170227T035235Z&X-Amz-Expires=300&X-Amz-Signature=e2f962e7b44817e299ff323 60aa8985978c4328c196e90ce426dd0ca78d0bc72&X-Amz-SignedHeaders=host&actor_id=0&re sponse-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response -content-type=application%2Foctet-stream Resolving github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)... 52.21 6.224.192 Connecting to github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)|52.2 16.224.192|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 40960 (40K) [application/octet-stream] Saving to: `/root/EasyRSA-3.0.1.tgz' 100%[======================================>] 40,960 --.-K/s in 0.1s 2017-02-27 03:52:57 (333 KB/s) - `/root/EasyRSA-3.0.1.tgz' saved [40960/40960] init-pki complete; you may now create a CA or requests. Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki Generating a 2048 bit RSA private key ...................+++ .............................+++ writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.tEnNCC3zek' ----- Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ................................+............................................... ........................................................++*++* DH parameters of size 2048 created at /etc/openvpn/easy-rsa/pki/dh.pem Generating a 2048 bit RSA private key ................................................................................ .................+++ writing new private key to '/etc/openvpn/easy-rsa/pki/private/server.key.oJ4NwLj U2W' ----- Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :PRINTABLE:'server' Certificate is to be certified until Feb 25 03:56:56 2027 GMT (3650 days) Write out database with 1 new entries Data Base Updated Generating a 2048 bit RSA private key .....+++ ..........................+++ writing new private key to '/etc/openvpn/easy-rsa/pki/private/client.key.poyoQwd QVx' ----- Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :PRINTABLE:'client' Certificate is to be certified until Feb 25 03:56:57 2027 GMT (3650 days) Write out database with 1 new entries Data Base Updated Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf An updated CRL has been created. CRL file: /etc/openvpn/easy-rsa/pki/crl.pem 61 Created symlink from /etc/systemd/system/multi-user.target.wants/openvpn@server. service to /usr/lib/systemd/system/openvpn@.service. Finished! Your client configuration is available at /root/client.ovpn If you want to add more clients, you simply need to run this script again!
Finish, now you retype that command to create new account, remove account, uninstall OpenVPN
Result:
Looks like OpenVPN is already installed
What do you want to do? 1) Add a new user 2) Revoke an existing user 3) Remove OpenVPN 4) Exit Select an option [1-4]:
If you get the error during the installation:
TUN is not available
You can easily fix it by using these command lines:
mkdir /dev/net mknod /dev/net/tun c 10 200 modprobe tun
