You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
190 lines
8.5 KiB
HTML
190 lines
8.5 KiB
HTML
{% extends 'pages/_install_base.html' %}
|
|
{% load i18n %}
|
|
{% load dltags %}
|
|
|
|
{% block pagetitle %}
|
|
{% trans "Install on Linux" %}
|
|
{% endblock %}
|
|
|
|
{% block wireguard_import %}
|
|
{% blocktrans trimmed %}
|
|
Place the configuration file in <code>/etc/wireguard</code>.
|
|
{% endblocktrans %}
|
|
<br />
|
|
{% trans "Then, start it with the following command:" %}
|
|
<code class="codeblock">
|
|
sudo wg-quick ccvpn-fr up
|
|
</code>
|
|
{% endblock %}
|
|
{% block wireguard_activate %}
|
|
{% trans "You can check your IP address by refreshing this page (or opening it on the device) and looking at the bottom."%}
|
|
{% endblock %}
|
|
|
|
|
|
{% block openvpn_outer %}
|
|
<div class="install-section content-box">
|
|
<h3>{% trans "With OpenVPN and NetworkManager" %}</h3>
|
|
<p>
|
|
<a href="https://www.openvpn.net/">OpenVPN<i class="fa fa-external-link external-link"></i></a>
|
|
{% blocktrans trimmed %}
|
|
is an older VPN protocol and software, still considered secure and one of the best VPN protocols available.
|
|
{% endblocktrans %}
|
|
{% blocktrans trimmed %}
|
|
This guide focuses on its integration with NetworkManager.
|
|
If you are not using NetworkManager, skip to the next guide.
|
|
{% endblocktrans %}
|
|
</p>
|
|
<hr />
|
|
<div class="install-instructions">
|
|
<ol>
|
|
<li>
|
|
{% trans "Install the required packages:" %}
|
|
<ul>
|
|
<li>
|
|
<em>Debian:</em>
|
|
<code>sudo apt-get install openvpn resolvconf network-manager-openvpn network-manager-openvpn-gnome</code>
|
|
</li>
|
|
<li>
|
|
<em>Fedora:</em>
|
|
<code>sudo yum install openvpn networkmanager-openvpn</code>
|
|
</li>
|
|
<li>
|
|
<em>Arch:</em>
|
|
<code>sudo pacman -S openvpn networkmanager-openvpn</code>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
{% trans "You will also need our CA certificate, available here:" %} <a href="https://vpn.ccrypto.org/ca.crt">https://vpn.ccrypto.org/ca.crt</a>
|
|
<br />
|
|
{% blocktrans trimmed %}
|
|
You can right click on that link and save the file, it will be required to connect.
|
|
{% endblocktrans %}
|
|
</li>
|
|
<li>
|
|
{% trans "Create a new connection and choose the type <em>OpenVPN</em>." %}
|
|
</li>
|
|
<li>
|
|
{% trans "You will need to fill in the following VPN configuration:" %}
|
|
<ul>
|
|
<li>
|
|
<strong>{% trans "Tab VPN" %}</strong>
|
|
<ul>
|
|
<li><strong>{% trans "Gateway" %}</strong>:
|
|
{% blocktrans trimmed with url="/status" gw="gw.random.204vpn.net" %}
|
|
Pick one in the <a href="{{url}}">server list</a>,
|
|
or <code>{{gw}}</code> for a random server.
|
|
{% endblocktrans %}
|
|
</li>
|
|
<li><strong>{% trans "Type" %}</strong>: <em>{% trans "Password" %}</em></li>
|
|
<li><strong>{% trans "User name and Password" %}</strong>: {% trans "The same as on this site." %}</li>
|
|
<li><strong>{% trans "CA certificate" %}</strong>: {% trans "The ca.crt file downloaded in the previous step." %}</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
<strong>{% trans "Tab VPN, click on Advanced, then the first General tab" %}</strong>
|
|
<ul>
|
|
<li><strong>{% trans "Use custom gateway port" %}</strong>: {% trans "It should be <em>checked</em> and set to <em>1196</em>." %}</li>
|
|
<li><strong>{% trans "Use a TCP connection" %}</strong>: {% trans "It should be <em>unchecked</em> to use the fastest UDP mode." %}
|
|
{% trans "If you have issues connecting, you can try setting the port to <em>443</em> and checking this option." %}</li>
|
|
<li><strong>{% trans "Randomize remote hosts" %}</strong>: {% trans "It should be <em>checked</em>." %}</li>
|
|
<li><strong>{% trans "IPv6 tun link" %}</strong>: {% trans "It should be checked unless you get IPv6-related issues." %}</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
{% trans "Save the new connection and connect to it." %}
|
|
</li>
|
|
</ol>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="install-section content-box">
|
|
<h3>{% trans "With OpenVPN and systemd" %}</h3>
|
|
<div class="install-instructions">
|
|
<ol>
|
|
<li>
|
|
{% trans "Install the required packages:" %}
|
|
<ul>
|
|
<li>
|
|
<em>Debian:</em>
|
|
<code>sudo apt-get install openvpn resolvconf</code>
|
|
</li>
|
|
<li>
|
|
<em>Fedora:</em>
|
|
<code>sudo yum install openvpn</code>
|
|
</li>
|
|
<li>
|
|
<em>Arch:</em>
|
|
<code>sudo pacman -S openvpn openresolv</code>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
{% trans "You will also need our CA certificate, available here:" %} <a href="https://vpn.ccrypto.org/ca.crt">https://vpn.ccrypto.org/ca.crt</a>
|
|
<br />
|
|
{% blocktrans trimmed %}
|
|
You can right click on that link and save the file or wget it later, it will be required to connect.
|
|
{% endblocktrans %}
|
|
</li>
|
|
<li>
|
|
{% blocktrans trimmed %}
|
|
In <a href="/account/config">your account</a>, download a .ovpn configuration file,
|
|
and copy it into <code>/etc/openvpn</code> with a .conf extension.<br />
|
|
Keep the name simple, as it will be used in a systemd service name.
|
|
{% endblocktrans %}
|
|
<br />
|
|
{% blocktrans trimmed %}
|
|
If you downloaded multiple config files as an archive, extract it so that
|
|
the individual .ovpn files are directly in the <code>/etc/openvpn</code> folder,
|
|
and rename them to .conf.
|
|
{% endblocktrans %}
|
|
</li>
|
|
<li>
|
|
{% trans "Start the OpenVPN services:" %}
|
|
<code class="codeblock">
|
|
sudo systemctl start openvpn@ccrypto-fr.service
|
|
</code>
|
|
</li>
|
|
<li>
|
|
<em>{% trans "(Optional) Save your username and password:" %}</em><br />
|
|
<ul>
|
|
<li>
|
|
{% blocktrans trimmed %}
|
|
Create a text file in <code>/etc/openvpn</code> containing your username and password on two lines as follows:
|
|
{% endblocktrans %}
|
|
<code class="codeblock">Alice<br />p4ssw0rd</code>
|
|
</li>
|
|
<li>
|
|
{% blocktrans trimmed %}
|
|
For additional security, only allow root to access this file:
|
|
{% endblocktrans %}
|
|
<code class="codeblock">
|
|
sudo chown root:root /path/to/the/file.txt
|
|
sudo chmod 600 /path/to/the/file.txt
|
|
</code>
|
|
</li>
|
|
<li>
|
|
{% blocktrans trimmed %}
|
|
Then, open the .conf file with a text editor (nano, vim, gedit, ...)
|
|
and add this line at the end of the file:
|
|
{% endblocktrans %}
|
|
<code class="codeblock">auth-user-pass /path/to/the/file.txt</code>
|
|
</li>
|
|
<li>
|
|
{% trans "Reconnect and it should not ask for your password." %}
|
|
</li>
|
|
<li>
|
|
{% trans "To start it on boot, use this:" %}
|
|
<code class="codeblock">
|
|
sudo systemctl enable openvpn@ccrypto-fr.service
|
|
</code>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ol>
|
|
</div>
|
|
</div>
|
|
{% endblock %}
|