{% extends 'pages/_install_base.html' %} {% load i18n %} {% load dltags %} {% block pagetitle %} {% trans "Install on Linux" %} {% endblock %} {% block wireguard_import %} {% blocktrans trimmed %} Place the configuration file in <code>/etc/wireguard</code>. {% endblocktrans %} <br /> {% trans "Then, start it with the following command:" %} <code class="codeblock"> sudo wg-quick ccvpn-fr up </code> {% endblock %} {% block wireguard_activate %} {% trans "You can check your IP address by refreshing this page (or opening it on the device) and looking at the bottom."%} {% endblock %} {% block openvpn_outer %} <div class="install-section content-box"> <h3>{% trans "With OpenVPN and NetworkManager" %}</h3> <p> <a href="https://www.openvpn.net/">OpenVPN<i class="fa fa-external-link external-link"></i></a> {% blocktrans trimmed %} is an older VPN protocol and software, still considered secure and one of the best VPN protocols available. {% endblocktrans %} {% blocktrans trimmed %} This guide focuses on its integration with NetworkManager. If you are not using NetworkManager, skip to the next guide. {% endblocktrans %} </p> <hr /> <div class="install-instructions"> <ol> <li> {% trans "Install the required packages:" %} <ul> <li> <em>Debian:</em> <code>sudo apt-get install openvpn resolvconf network-manager-openvpn network-manager-openvpn-gnome</code> </li> <li> <em>Fedora:</em> <code>sudo yum install openvpn networkmanager-openvpn</code> </li> <li> <em>Arch:</em> <code>sudo pacman -S openvpn networkmanager-openvpn</code> </li> </ul> </li> <li> {% trans "You will also need our CA certificate, available here:" %} <a href="https://vpn.ccrypto.org/ca.crt">https://vpn.ccrypto.org/ca.crt</a> <br /> {% blocktrans trimmed %} You can right click on that link and save the file, it will be required to connect. {% endblocktrans %} </li> <li> {% trans "Create a new connection and choose the type <em>OpenVPN</em>." %} </li> <li> {% trans "You will need to fill in the following VPN configuration:" %} <ul> <li> <strong>{% trans "Tab VPN" %}</strong> <ul> <li><strong>{% trans "Gateway" %}</strong>: {% blocktrans trimmed with url="/status" gw="gw.random.204vpn.net" %} Pick one in the <a href="{{url}}">server list</a>, or <code>{{gw}}</code> for a random server. {% endblocktrans %} </li> <li><strong>{% trans "Type" %}</strong>: <em>{% trans "Password" %}</em></li> <li><strong>{% trans "User name and Password" %}</strong>: {% trans "The same as on this site." %}</li> <li><strong>{% trans "CA certificate" %}</strong>: {% trans "The ca.crt file downloaded in the previous step." %}</li> </ul> </li> <li> <strong>{% trans "Tab VPN, click on Advanced, then the first General tab" %}</strong> <ul> <li><strong>{% trans "Use custom gateway port" %}</strong>: {% trans "It should be <em>checked</em> and set to <em>1196</em>." %}</li> <li><strong>{% trans "Use a TCP connection" %}</strong>: {% trans "It should be <em>unchecked</em> to use the fastest UDP mode." %} {% trans "If you have issues connecting, you can try setting the port to <em>443</em> and checking this option." %}</li> <li><strong>{% trans "Randomize remote hosts" %}</strong>: {% trans "It should be <em>checked</em>." %}</li> <li><strong>{% trans "IPv6 tun link" %}</strong>: {% trans "It should be checked unless you get IPv6-related issues." %}</li> </ul> </li> </ul> </li> <li> {% trans "Save the new connection and connect to it." %} </li> </ol> </div> </div> <div class="install-section content-box"> <h3>{% trans "With OpenVPN and systemd" %}</h3> <div class="install-instructions"> <ol> <li> {% trans "Install the required packages:" %} <ul> <li> <em>Debian:</em> <code>sudo apt-get install openvpn resolvconf</code> </li> <li> <em>Fedora:</em> <code>sudo yum install openvpn</code> </li> <li> <em>Arch:</em> <code>sudo pacman -S openvpn openresolv</code> </li> </ul> </li> <li> {% trans "You will also need our CA certificate, available here:" %} <a href="https://vpn.ccrypto.org/ca.crt">https://vpn.ccrypto.org/ca.crt</a> <br /> {% blocktrans trimmed %} You can right click on that link and save the file or wget it later, it will be required to connect. {% endblocktrans %} </li> <li> {% blocktrans trimmed %} In <a href="/account/config">your account</a>, download a .ovpn configuration file, and copy it into <code>/etc/openvpn</code> with a .conf extension.<br /> Keep the name simple, as it will be used in a systemd service name. {% endblocktrans %} <br /> {% blocktrans trimmed %} If you downloaded multiple config files as an archive, extract it so that the individual .ovpn files are directly in the <code>/etc/openvpn</code> folder, and rename them to .conf. {% endblocktrans %} </li> <li> {% trans "Start the OpenVPN services:" %} <code class="codeblock"> sudo systemctl start openvpn@ccrypto-fr.service </code> </li> <li> <em>{% trans "(Optional) Save your username and password:" %}</em><br /> <ul> <li> {% blocktrans trimmed %} Create a text file in <code>/etc/openvpn</code> containing your username and password on two lines as follows: {% endblocktrans %} <code class="codeblock">Alice<br />p4ssw0rd</code> </li> <li> {% blocktrans trimmed %} For additional security, only allow root to access this file: {% endblocktrans %} <code class="codeblock"> sudo chown root:root /path/to/the/file.txt sudo chmod 600 /path/to/the/file.txt </code> </li> <li> {% blocktrans trimmed %} Then, open the .conf file with a text editor (nano, vim, gedit, ...) and add this line at the end of the file: {% endblocktrans %} <code class="codeblock">auth-user-pass /path/to/the/file.txt</code> </li> <li> {% trans "Reconnect and it should not ask for your password." %} </li> <li> {% trans "To start it on boot, use this:" %} <code class="codeblock"> sudo systemctl enable openvpn@ccrypto-fr.service </code> </li> </ul> </li> </ol> </div> </div> {% endblock %}