Tel.: +49 9152 408 639 4 - Mail: info (at) danielwenzlik.com

Create your own VPN with Ubuntu & Pritunl

ssh-termius

A VPN masks the location and builds a tunnel that prevents sharing surfing behavior to, among others, Internet providers. A must in this day and age.

If you are thinking about getting a VPN, you should by no means use providers that are already on the market. Too uncertain what will happen to your data. Better to rent a VPS (Virtual Private Server) and create your own VPN.

So after you have chosen a provider (in my example it is Hetzner) and installed the VPS with Ubuntu 18.04, you can log into the server via the terminal. I have already explained how to do this in the “Passwordless SSH on Mac” instructions.

However, you must NOT activate the ChallengeResponseAuthentication: no and UsePAM: no options. Otherwise the PC / smartphone will not be able to connect to the VPN server.

With the following commands we install MongoDB & the VPN Pritunl. Simply enter the commands into the terminal one after the other, confirm any queries with “y” for Yes and wait:

sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list << EOF
deb https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse
EOF
sudo tee /etc/apt/sources.list.d/pritunl.list << EOF
deb https://repo.pritunl.com/stable/apt bionic main
EOF
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv E162F504A20CDF15827F718D4B7C549A058F8B6B
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A
sudo apt-get update
sudo apt-get --assume-yes install pritunl mongodb-server
sudo systemctl start pritunl mongodb
sudo systemctl enable pritunl mongodb

Please note, however, that these installation instructions only work for Ubuntu 18.04. Problems can arise with newer Ubuntu installations.

Now we have to generate and copy the setup key with the following command line:

sudo pritunl setup-key

Next we can open the IP in the browser with https://<ip-address> and insert the setup key in the field provided. The address for MongoDB remains unchanged.

We also have to generate the password for the first login in the terminal with the following command:

sudo pritunl default-password

After logging in for the first time, a mask with standard settings such as the username, password, URL and port is displayed. The user name should be changed, if possible not to Admin or Administrator. The password should also be well chosen.

Next we create an organization, create our users and a VPN server. An organization must be assigned to the VPN server and then the VPN server must be started.

Pritunl offers clients for download on its website, but these are not really user-friendly. I prefer to use the OpenVPN clients here.

In order to set up the clients, there is also the option of downloading profiles on the user page in addition to the user names. You just have to load this into the OpenVPN clients and enter the password.

Pritunl also supports 2FA with the Google Authenticator or any other OTP application, which additionally contributes to security and should definitely be used.

Picture: © Daniel Wenzlik

Total
1
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts
wordpress
Read More

Secure WordPress in 2020

Based on the CMS WordPress, more than 30% of all websites currently run on the Internet. Therefore, increased security measures apply to WordPress websites.