How to setup OpenVPN on Linux

If you’re a Linux user and you want to connect to a VPN provider’s servers using the secure OpenVPN encryption protocol, it is possible that you’ll need to set up the VPN connection manually using the command-line interface (CLI).

Few VPN providers have a VPN client with a graphical user interface (GUI) for Linux distros, and even fewer provide OpenVPN in those custom clients. If you want to take the easiest possible route for setting up a VPN on Linux – picking a Linux VPN with a GUI client is your best bet.

If you already have a VPN subscription and want to set up the VPN on Linux, the good news is that many providers offer the .ovpn configuration files for their servers. As a result, you can set up an OpenVPN connection manually by installing the official third-party OpenVPN client.

Unfortunately, Linux does not come with OpenVPN pre-installed. You can easily install it yourself to begin manually connecting using .ovpn config files, however. In this guide, we will explain how to set up OpenVPN on different Linux distros (Ubuntu, Debian, and Fedora).

How to setup OpenVPN on Linux

Installing and setting up OpenVPN on Linux is fairly tricky, but it differs slightly from distro to distro. To help you out, we’ve included instructions for installing and setting up OpenVPN with a VPN provider’s config files.

Please bear in mind that you will need to have a VPN subscription to download those config files from the provider’s website; before setting up the OpenVPN connection manually on your system using this guide. 

It is also worth noting that although the guides below will explain how to install and set up OpenVPN on Linux distros using config files, it’s likely that your VPN provider has a similar guide that is specific to its service.

If you have any trouble using the general guides below, we suggest you contact your VPN so that you can see their provider-specific setup instructions. 

Setup OpenVPN on Ubuntu

1. Open up a terminal window
2. Run as superuser:sudo su
3. Download components:apt-get install openvpn
4. At this stage, you may be asked to enter your password to confirm your identity.
5. Add the .ovpn config file that you got from your VPN provider by extracting the file and placing it in the preferred location (which is /etc/openvpn/) using the command:sudo unzip~/Downloads/US-East.zip-d /etc/openvpn/(remember the file name that is in bold is the file that you downloaded from your VPN provider and may be named differently. Thus, be sure to write the name of the zip file that you downloaded from your VPN provider in place of the bolded words).
6. Now you can connect using that configuration file:sudo openvpn <config.ovpn>(where <config.ovpn> is the config file name of the server that you downloaded from your VPN provider).
7. At this stage, you’ll need to input your credentials. Enter the Auth Username and Auth Password when asked (you’ll need to have acquired these from your VPN provider).
8. The OpenVPN connection should now establish, and you will see confirmation with the words: Initialization Sequence Completed.

Setup OpenVPN on Fedora

1. Open up a terminal window
2. Download the components: $ sudo dnf install openvpn
3. At this stage, you may be asked to enter your password to confirm your identity. Enter Y and press enter to confirm.
4. To configure DNS enter the following: 

   $ sudo cp /usr/share/doc/openvpn/contrib/pull-resolv-conf/client.{up,down} /etc/openvpn/

   $ sudo chmod +x /etc/openvpn/client.{up,down}

   $ sudo sed -i.e. 's|\bresolvconf\b|ignore-&|' /etc/openvpn/client.{up,down}

5. Now launch OpenVPN: $ sudo openvpn --config /[path to file]/my_expressvpn_[server location].ovpn --script-security 2 --up /etc/openvpn/client.up --down
6. Note: The example above uses an ExpressVPN config file. However, you will need to replace [path to file] with the path to where you downloaded your VPN’s configuration file. You will also need to alter the [server location] with the location shown in the filename that you downloaded from your provider. And you will need to change the filename itself (everything that appears before .ovpn) to be that of the file that you downloaded from your VPN provider rather than the example file used above.
7. At this stage, you’ll need to input your credentials. Enter the Auth Username and Auth Password (you will need to have got these from your VPN provider when you downloaded the config file).
8. The OpenVPN connection should now establish, and you will receive confirmation with the words: Initialization Sequence Completed.

Setup OpenVPN on Debian

1. Open up a terminal window
2. Run as superuser: su
3. Download the components: apt-get update && apt-get upgrade && apt-get install curl openvpn
4. At this stage, you may be asked to enter your password to confirm your identity. Enter Y and press enter to confirm.
5. To launch OpenVPN, enter the following: $ sudo openvpn --config /[path to file]/my_expressvpn_[server location].ovpn --script-security 2 --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf

6. Note: The example above uses an ExpressVPN config file. However, you will need to replace [path to file] with the path to where you downloaded your VPN’s configuration file. You will also need to alter the [server location] with the location shown in the filename that you downloaded from your provider. And you will need to change the filename itself (everything that appears before .ovpn) to be that of the file that you downloaded from your VPN provider rather than the example file used above.
7. At this stage, you’ll need to input your credentials. Enter the Auth Username and Auth Password (you will need to have got these from your VPN provider when you downloaded the config file).
8. The OpenVPN connection should now establish, and you will receive confirmation with the words: Initialization Sequence Completed.

Why use OpenVPN for Linux? 

OpenVPN is a popular encryption protocol that is implemented by the vast majority of market-leading VPNs. These services provide OpenVPN because it’s a trusted encryption algorithm that can provide strong data privacy and security when implemented correctly.

This is largely thanks to thorough audits, and OpenVPN is also known to be secure against penetration when implemented above the minimum standards recommended by OpenVPN devs. And, even if these recommendations are exceeded, data remains protected against eavesdropping while in the VPN tunnel.

OpenVPN leverages the OpenSSL encryption library and the TLS protocol, as well as SSL/TLS for key exchange. It is an efficient algorithm capable of traversing network address translators (NATs) and firewalls.