#!/linuxSucks/Autoconnect To A VPN On Boot

Dec 23, 2022

In this example I used Private Internet Access and a Debian (Sid) Server, the steps described below should work with any VPN provider

Install OpenVPN and unzip if they aren’t install

sudo apt install openvpn unzip -y

Enter the OpenVPN folder

cd /etc/openvpn

Download the Private Internet Access OpenVPN configuration files (extension .ovpn)

sudo wget --no-check-certificate https://www.privateinternetaccess.com/openvpn/openvpn.zip

Unzip the openvpn configuration files

sudo unzip openvpn.zip

You can list all of the countries you can connect to with this command inside the /etc/openvpn folder

ls -lh *.ovpn

You will see a long list, you will specify the ovpn file when you connect to Private Internet Access’s VPN servers

Login Credentials

Create a login details text file so you can log on to the PIA VPN automatically

sudo vim /etc/openvpn/login.txt

Input your username and password, replace username and password with the correct information

username
password

Change the permission of the login.txt file so it is only owned by root which will solve this error WARNING: file ‘/etc/openvpn/login.txt’ is group or others accessible

sudo chmod 700 /etc/openvpn/login.txt

Test the PIA VPN is working, here I’m using Sweden but you can choose any country from the list generated before

sudo openvpn --config /etc/openvpn/Sweden.ovpn --auth-user-pass /etc/openvpn/login.txt

If you don’t see any errors, find these two lines and verify take a look at the ip addresses

UDPv4 link remote: [AF_INET]000.000.000.000:1194
[Private Internet Access] Peer Connection Initiated with [AF_INET]000.000.000.000:1194

Then run these command to check that the same ip address match (you can start a new SSH session)

wget http://ipinfo.io/ip -qO -

If the IP address matches so we’re all good, if that’s case should stop the VPN. Use Ctrl+C in the SSH session showing the Private Internet Access VPN is connected to disconnect from the VPN.

Autoconnect PIA VPN on Boot

Create the OpenVPN autoconnect init.d startup script file

sudo vim /etc/init.d/openvpnauto

Paste this OpenVPN autoconnect startup script, replace Sweden.ovpn with the location you like in the DAEMON_OPTS line

#!/bin/sh
### BEGIN INIT INFO
# Provides:          OpenVPN Autoconnect
# Required-Start:    $local_fs $remote_fs $network
# Required-Stop:     $local_fs $remote_fs $network
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: OpenVPN Autoconnect
# Description:       OpenVPN Autoconnect
### END INIT INFO

# Documentation available at
# http://refspecs.linuxfoundation.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptfunc.html
# Debian provides some extra functions though
. /lib/lsb/init-functions

DAEMON_NAME="openvpnauto"
DAEMON_USER=root
DAEMON_PATH="/usr/sbin/openvpn"
DAEMON_OPTS="--config /etc/openvpn/Sweden.ovpn --auth-user-pass /etc/openvpn/login.txt"
DAEMON_PWD="/etc/openvpn"
DAEMON_DESC=$(get_lsb_header_val $0 "Short-Description")
DAEMON_PID="/var/run/${DAEMON_NAME}.pid"
DAEMON_NICE=0
DAEMON_LOG='/var/log/openvpnauto.log'

[ -r "/etc/default/${DAEMON_NAME}" ] && . "/etc/default/${DAEMON_NAME}"

do_start() {
  local result

    pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" > /dev/null
    if [ $? -eq 0 ]; then
        log_warning_msg "${DAEMON_NAME} is already started"
        result=0
    else
        log_daemon_msg "Starting ${DAEMON_DESC}" "${DAEMON_NAME}"
        touch "${DAEMON_LOG}"
        chown $DAEMON_USER "${DAEMON_LOG}"
        chmod u+rw "${DAEMON_LOG}"
        if [ -z "${DAEMON_USER}" ]; then
            start-stop-daemon --start --quiet --oknodo --background \
                --nicelevel $DAEMON_NICE \
                --chdir "${DAEMON_PWD}" \
                --pidfile "${DAEMON_PID}" --make-pidfile \
                --exec "${DAEMON_PATH}" -- $DAEMON_OPTS
            result=$?
        else
            start-stop-daemon --start --quiet --oknodo --background \
                --nicelevel $DAEMON_NICE \
                --chdir "${DAEMON_PWD}" \
                --pidfile "${DAEMON_PID}" --make-pidfile \
                --chuid "${DAEMON_USER}" \
                --exec "${DAEMON_PATH}" -- $DAEMON_OPTS
            result=$?
        fi
        log_end_msg $result
    fi
    return $result
}

do_stop() {
    local result

    pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" > /dev/null
    if [ $? -ne 0 ]; then
        log_warning_msg "${DAEMON_NAME} is not started"
        result=0
    else
        log_daemon_msg "Stopping ${DAEMON_DESC}" "${DAEMON_NAME}"
        killproc -p "${DAEMON_PID}" "${DAEMON_PATH}"
        result=$?
        log_end_msg $result
        rm "${DAEMON_PID}"
    fi
    return $result
}

do_restart() {
    local result
    do_stop
    result=$?
    if [ $result = 0 ]; then
        do_start
        result=$?
    fi
    return $result
}

do_status() {
    local result
    status_of_proc -p "${DAEMON_PID}" "${DAEMON_PATH}" "${DAEMON_NAME}"
    result=$?
    return $result
}

do_usage() {
    echo $"Usage: $0 {start | stop | restart | status}"
    exit 1
}

case "$1" in
start)   do_start;   exit $? ;;
stop)    do_stop;    exit $? ;;
restart) do_restart; exit $? ;;
status)  do_status;  exit $? ;;
*)       do_usage;   exit  1 ;;
esac

Save and close the file then enable the OpenVPN PIA Autoconnect script

sudo chmod +x /etc/init.d/openvpnauto
sudo update-rc.d openvpnauto defaults 98

Now you can connect to PIA’s VPN automatically by running

sudo service openvpnauto start

You can retest your IP to verify it’s not your ISP’s IP address

wget http://ipinfo.io/ip -qO -

If it is not your regular IP shown on whatsmyip.org then you can reboot and test your IP address again

sudo reboot

Test your IP again and compare it to whatsmyip.org’s result

wget http://ipinfo.io/ip -qO -

Now you’ve set up installing and autoconnecting to Private Internet Access VPN on Linux on boot

Home  Linux  Notes  Blog Spot