Easy Launch VPN script help

Forum rules
Before you post please read how to get help
Post Reply
Ghost Hacks
Level 1
Level 1
Posts: 30
Joined: Sat Jan 23, 2010 7:05 am

Easy Launch VPN script help

Post by Ghost Hacks »

Hey everyone, I need some help making my VPN a little easier to use. I have been googling this for some time now and still have not found a working solution. Currently I am using Torrshield as my VPN and the only way to use it on Linux is to install the OpenVPN Torrshield configs and using terminal, launch using this command "sudo openvpn --config ~/.openvpn/torrshield.conf". After running this command, I need to input my su password, username, then VPN password and it'll connect to the VPN service. I must leave this terminal open or else it'll terminate the service.

I would at the very least like to make a script or shortcut on my desktop to open the terminal ready at the input username for VPN service prompt at least. I have tried both creating .sh file and running it from desktop, as well as a .desktop launcher and neither have worked. The .sh worked but it auto closed the terminal after logging in, terminating the service, and the .desktop kept giving errors when launching. I'm fine just using a .sh and don't need the fancy options that come with a .desktop app.
My "secure" Linux Laptop:
Linux Mint 18 x64 Mate - Dell XPS m1530, Intel Core2Duo 1.8GHz, 4GBs DDR2, GeForce 8400GS.
Full disk encryption, Fingerprint scanner

Ghost Hacks
Level 1
Level 1
Posts: 30
Joined: Sat Jan 23, 2010 7:05 am

Re: Easy Launch VPN script help

Post by Ghost Hacks »

Here is my current .sh which works, except for auto-closing the terminal after connecting.

Code: Select all

#!/bin/bash
# Launches the TorrShield VPN Service

openvpn --config ~/.openvpn/torrshield.conf
My "secure" Linux Laptop:
Linux Mint 18 x64 Mate - Dell XPS m1530, Intel Core2Duo 1.8GHz, 4GBs DDR2, GeForce 8400GS.
Full disk encryption, Fingerprint scanner

deleted

Re: Easy Launch VPN script help

Post by deleted »

Some VPNs are completely configurable with the Network Manager plugin. I did for many years with my company's VPN using the VPNC plugin.
-H

Duveltje
Level 1
Level 1
Posts: 13
Joined: Fri May 13, 2016 8:32 pm

Re: Easy Launch VPN script help

Post by Duveltje »

I have about the same problem, but after the openvpn is running, I can close the shell and openvpn keeps running.
I use FreeVPN.me and start it by:
sudo openvpn --config FreeVPN.me-TCP443.ovpn
then I get prompted for the rootpassw, after that I get prompted for a userid, after that I get prompted for a user password and after that the openvpn is running. When I close the terminal by pressing on the cross in the upper-right corner (not by ctrl-c) openvpn is still running.
I'm look for a way to automate this too. I'm rather sure it must be possible. In android there are several apps that automatically connect to a vpn.

User avatar
phd21
Level 19
Level 19
Posts: 9635
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Easy Launch VPN script help

Post by phd21 »

Hi "Ghost Hacks",

I just read your post and the good replies to it. Here are my thoughts on this as well.

It would help to know more about your system setup. If you run "inxi -Fxzd" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

You should be able to use any VPN provider's servers with "openVPN" which is already installed with all editions of Linux Mint using the network manager icon in your system tray panel. You would setup each server location that you want to use, then you can easily connect (or disconnect) to whichever one through the Network Manager. After Importing a VPN server location's configuration file (somewhere.ovpn), you have to edit the new connection to finish setting it up. If you already have the necessary security files (certificate, crt, key) files, you select connection method of "password with certificates", just browse to those files to select them, enter in your username and password (with save). If your VPN provider uses only a certificate and ".pem" file, then select connection method of "password", browse to the common folder where the certificate file (.crt) is, enter in your login username and password (with save), click okay / apply, that's it. You need to repeat this for each server location you might want to use, but after doing one, it is pretty simple. I recommend using "openVPN" with TCP.

How to Establish An OpenVPN Connection in Ubuntu 14.04
http://ubuntuhandbook.org/index.php/201 ... untu-1404/

Hope this helps ...
Phd21: Mint 19.2 Cinnamon & xKDE (Xfce) & KDE Neon 64-bit Awesome OS's, Dell Inspiron I5 7000 2 in 1, Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram, Intel 4 Graphics. I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

User avatar
Chiefahol
Level 4
Level 4
Posts: 473
Joined: Thu Jun 11, 2015 12:32 am

Re: Easy Launch VPN script help

Post by Chiefahol »

Python scripts are even better than bash for this:

Code: Select all

import subprocess

subprocess.call('sudo','openvpn','yourconfigfile.ovpn')
Here is my full script i use now:

Code: Select all

"""
-apply vpn lock (needs to be configured and tested seperately)
-create and print list of servers, require user to choose 1
-login to that server
"""
import os
import subprocess

config_dir = '/etc/openvpn/'
os.chdir(config_dir)
cwd = os.getcwd()
files_array = os.listdir(cwd)
files_array.remove('openvpn.auth')
files_array.remove('update-resolv-conf')

#generate empty list
ip_list = []

files_array.sort()

available_dict = {}

count = 0

#for every file
for x in files_array:
	#Create a "profile"
	load_profile = open(x, "r")
	#read profile into massive string	
	read_file = load_profile.read()
	#split string into array of lines
	lines_list = read_file.splitlines()
	#take line 32 and trim it
	Temp_String = lines_list[32]
	Temp_String = Temp_String.replace('remote ', '')
	Temp_String = Temp_String.replace(' 843', '')
	Temp_String = Temp_String.replace(' 1443', '')
	#add trimmed line to list
	ip = Temp_String
	ping_status = os.system("ping -c 1 -W 1 " + ip)
	if ping_status == 0:
		available_dict[count] = x
		count = count + 1
os.system('clear')
print '\nCurrently available servers:\n'

for y in available_dict:
	print str(y) + ' - ' + str(available_dict[y])


passthrough = 0
while passthrough == 0:
	chosen_config_file = raw_input('\nPlease select one of the above .ovpn files by number:\n')
	if int(chosen_config_file) in available_dict:
		passthrough = 1
		print '\nConfiguration file found!'
	else:
		print '\nThat is not one of the available files, try again.\n'

passthrough = 0
while passthrough == 0:
	firewall_choice = raw_input("\nActivate firewall lock? Y or N? ")
	if firewall_choice == 'Y' or firewall_choice == 'y':
		print "\nApplying VPN-Firewall..."		
		subprocess.call(['sudo', 'vpnfirewall'])
		passthrough = 1
	elif firewall_choice == 'N' or firewall_choice == 'n':
		print "\nOkay, doing nothing..."
		passthrough = 1
	else:
		print "\nThat is not a y or n answer, please try again.\n"

chosen_config_file = available_dict[int(chosen_config_file)]
print '\n' + chosen_config_file + 'selected!\n'

subprocess.call(['sudo', 'openvpn', chosen_config_file])
Note that this script uses ping command to identify if a openvpn server is functioning, this is not 100% accurate, be prepared to rerun the script and the pings. (You could just omit the pinging and ask the user to choose from all of them immediately, this might be faster.)

If anyone has a neat solution to identify if a openvpn server is running with python please post it here.

Note that you can also change sudo permissions so you don't need to type a password for certain commands:

Code: Select all

1 - Configure sudo with visudo: 
(add text to /etc/sudoers)
username ALL= NOPASSWD: /etc/openvpn, /usr/sbin/openvpn, /usr/bin/pkill openvpn, /usr/bin/vpnfirewall
This script also deploys a vpn firewall, found here: https://github.com/adrelanos/vpn-firewall

You can also create an authorization file that automatically enters your openvpn login details for you:

Code: Select all

1 - Select a group of .ovpn files and seperate them

2 - move .ovpn files to /etc/openvpn

3 - as root, create /etc/openvpn/openvpn.auth

4 - Edit openvpn.auth to contain:
	USERNAME
	PASSWORD

5 - Ensure openvpn.auth has permissions:
	-r--------   1 root   root

6 - Append this line to each .ovpn file:
	auth-user-pass openvpn.auth

7 - Test it! 
I hope this helps someone a little!

Edit: Now i have played with both, the gui vpn manager is better to be honest, to install in gnome:

Code: Select all

sudo apt-get install network-manager-openvpn network-manager-openvpn-gnome
Donate to your favourite distros!

Post Reply

Return to “Scripts & Bash”