LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-05-2016, 01:14 PM   #1
taea00
LQ Newbie
 
Registered: Feb 2016
Posts: 12

Rep: Reputation: Disabled
Question [SOLVED] Connect to OpenVPN on boot?


I'm on Fedora 22 and I use a VPN. Is there a way to have OpenVPN start a specified VPN connection on boot? Do I need to do a systemd startup script?

Last edited by taea00; 03-15-2016 at 06:24 PM. Reason: Solved
 
Old 03-14-2016, 06:02 PM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,750
Blog Entries: 4

Rep: Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965
See these links:

https://ask.fedoraproject.org/en/que...edora-19-boot/
https://ask.fedoraproject.org/en/que...-at-boot-time/

Gosh-darn-it ... ain't Google a wunnerful thing ...

Last edited by sundialsvcs; 03-14-2016 at 06:08 PM.
 
1 members found this post helpful.
Old 03-14-2016, 06:02 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,750
Blog Entries: 4

Rep: Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965
See these links:

https://ask.fedoraproject.org/en/que...edora-19-boot/
https://ask.fedoraproject.org/en/que...-at-boot-time/

Gosh-darn-it ... ain't Google a wunnerful thing ...

Last edited by sundialsvcs; 03-14-2016 at 06:08 PM.
 
1 members found this post helpful.
Old 03-15-2016, 06:23 PM   #4
taea00
LQ Newbie
 
Registered: Feb 2016
Posts: 12

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
See these links:

https://ask.fedoraproject.org/en/que...edora-19-boot/
https://ask.fedoraproject.org/en/que...-at-boot-time/

Gosh-darn-it ... ain't Google a wunnerful thing ...

sundialsvcs I had seen the first post before. But it didn't make sense to me. Thankfully your second post brought it all together for me! :-D Thank you so much. One of the things that confused me was everywhere I'd always see posts referencing <server>.conf files and had no clue where to find those or how to make those. Just to let any future people looking at this post the <server>.ovpn file that a lot of VPN companies are using is the exact same as the <server>.conf file. So here's what I did.

Code:
sudo vi /etc/systemd/system/<server>.service


[Unit]
Description=OpenVPN Robust And Highly Flexible Tunneling Application On <server>
After=syslog.target network.target

[Service]
Type=forking
PIDFile=/var/run/openvpn/TrustZone.pid
ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/<server>.pid --cd <directory of your ovpn or conf file> --config <ovpn or conf filename>

[Install]
WantedBy=multi-user.target
Then just run your standard systemctl start/stop/status <server>

Where is says <server> you can really put anything in to reference your service file.

One other thing I had to do was add a username and password to the ovpn file. In the ovpn files I've seen there is a line for "auth-user-pass" after that put in the path to a file that has the username on the first line and password on the second line. Such as the following:

Code:
vi VPN.ovpn

<search for auth-user-pass>
auth-user-pass /home/user/VPN/VPN_pass.txt
<save and quit>

vi /home/user/VPN/VPN_pass.txt

username
password
<save and quit>
 
Old 03-23-2016, 01:39 PM   #5
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,750
Blog Entries: 4

Rep: Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965Reputation: 3965
Also be sure to protect those files so that they cannot be easily accessed, if you use (not recommended!!) any sort of "password" (and/or "PSK") in them.

An OpenVPN connection should be protected by digital certificates, and nothing more. Those certificates, e.g. on a mobile machine, can be encrypted with a passphrase to make them harder to steal. (Note: In OpenVPN parlance, a "challenge password" is not the same thing!) But there should be no "magic words" in any configuration file, and "passwords" should not be the protecter of OpenVPN link security.)

If you intend for the link to be started at boot, don't protect it with a passphrase. There's no security value in doing that.)

If you want to break-in to one of my boxes, there are about 5,120 random bits that you're gonna need to know exactly. (You're gonna have to know quite a few of them just to be given the opportunity to try.) The boxes talk VPN to one another, and every single link is individually and uniquely secured.

Last edited by sundialsvcs; 03-23-2016 at 01:42 PM.
 
  


Reply

Tags
openvpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot connect to 2nd openvpn qwertyjjj Linux - Server 0 08-04-2010 07:18 AM
OpenVPN client has not default gateway when connect to OpenVPN server sailershen Linux - Security 3 03-04-2010 02:20 AM
[SOLVED] Can't connect to openvpn server, need some help please erv2 Linux - Networking 3 03-02-2010 12:18 PM
OpenVPN does work, but not on first connect quackyo Linux - Software 0 11-23-2007 09:17 AM
Clark Connect, OpenVPN or what? Looking_Lost Linux - Networking 0 05-17-2004 05:11 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration