Setting Up OpenVPN & PIA as a client
 |
13 (trixie) |
|
| As always... | |
|---|---|
|
Start with: |
|
While Private Internet Access offers an "app" to manage usage, that's not a particularly useful way to do things in a whole lot of cases.
Particularly if you want to use it on a server or VM or LXC running mostly headless...
NOTE: If you are working on an LXC, see this.
install openvpn & the PIA files
sudo apt install openvpn unzip whoissudo mkdir /etc/openvpn/PIAcd /etc/openvpn/PIAsudo wget https://www.privateinternetaccess.com/openvpn/openvpn.zipsudo unzip openvpn.zip
Configure openvpn
cd /etc/openvpn- Copy the exit point you like from inside PIA here & change the extension to .conf
sudo cp PIA/ukraine.ovpn ./ukraine.conf # an example...
- Edit the .conf file and remove the <crl-verify> block. (For some reason openvpn thinks PIAs CRL blocks are ALWAYS malformed...)
- Add /etc/openvpn/auth.txt to the line: auth-user-pass
auth-user-pass /etc/openvpn/auth.txt # like this...
- Copy the exit point you like from inside PIA here & change the extension to .conf
sudo vi auth.txt- copy your PIA username & password into this file (on 2 lines...)
Bob SecretSquirrel!
sudo vi /etc/default/openvpn- uncomment the #AUTOSTART="all" line
sudo service openvpn start
From this point on, accessing the internet from this machine (or VM or LXC) will go through your chosen PIA exit point.
It may take a moment or two to initialise fully. And, startup may seem a little slower. But patience is a virtue...
Testing
wget http://ipinfo.io/ip -qO -
Should give you an IP address that does NOT match your actual external IP
whois `wget http://ipinfo.io/ip -qO -`
Will give you a wall-o-text. In that wall-o-text, you'll find the country code of where ipinfo.io thinks you are. (This, of course, should match your chosen exit point...)