Hi, I’m trying to run openvpn at boot while giving it some parameters (account name and password of my vpn).
The script has to run as root. I thought it would do so automatically if I just place it in the start-up folder, and maybe it does but I don’t see the result. Maybe that’s because I also don’t know how to give it my credentials so a secure connection can be made.
While doing it by hand it works, but I don’t want to have to type my log-in name and password at every boot.
How do I make the script run automatically and use the credentials?
Startup folder?
Do you mean from a desktop?
That is then only run when that user logs in and starts his desktop. Has nothing to do with boot.
And of course that will run as that particular user, never as root.
When you want something to start at boot, you should make systemd service. When you want help with that, you can ask here. But I assume it first should be clear if you want something to be run at boot, or at the login of a user.
Put them in a file and use “-auth-user-pass /path/to/file” option.
If you have a script that does what you want when run as root, the easiest way to run it just after boot is to create a crontab entry for root using the “@reboot” time.
Use the full path to the script and any commands used in crontab as without a login the PATH variable is not set.
See vman 5 crontab” in the Extensions section at the end.
The proper way to do it would be to create a .conf file in /etc/openvpn/ based on the ovpn you may already have, add the auth-user-pass as suggested by Arvidjaar and enable it with systemctl enable openvpn@myfile
myfile should not have the .conf ending.
That way you will have an always on VPN and if you need to disable it or temporarily stop it, you can just tell systemctl to do so.
Arvidjaar and Miuku, thank you for your help.
It did help me to get close to the solution, but unfortunately not entirely.
I did create the myfile.conf file in /etc/openvpn and wrote my login details there.
I did create along line to start the VPN and it did. The line is: sudo openvpn --config /path/to/ovpn-file --auth-nocache --auth-user-pass /etc/openvpn/myfile.conf. Be it, I did have to type my password because of sudo.
Then it became hard. How do I tell systemd to enable and start this? I tried several things, it didn’t work.
I also tried to use the crontab but since I have never ever used it I did not succeed.
Then yesterday ev
This afternoon I started a one month trial on Expressvpn knowing that their app is also not working on openSUSE. But their ovpn files do, at least for now. The laptop is up for 2 hours now and there has not been any interruption so far.
Using this VPN with Network manager it is started automatically when the wifi is up, no passwords needed, just as I like it.
So, at this moment I am using expressvpn and it works. Maybe it is too soon to say this, but I did want to answer to this thread, not giving the idea I wasn’t doing anything here. I have been busy trying to get it fixed, but it didn’t work, so I chose something else.
Again guys, thank you for your help.
If you do know a way to get the long line above to start the PIA VPN into systemd, it would be nice to know so should I ever have to use it I know how to do it.
For now, I’m signing off cause my VPN works.
This afternoon I started a one month trial on Expressvpn knowing that their app is also not working on openSUSE. But their ovpn files do, at least for now. The laptop is up for 2 hours now and there has not been any interruption so far.
Using this VPN with Network manager it is started automatically when the wifi is up, no passwords needed, just as I like it.
So, at this moment I am using expressvpn and it works. Maybe it is too soon to say this, but I did want to answer to this thread, not giving the idea I wasn’t doing anything here. I have been busy trying to get it fixed, but it didn’t work, so I chose something else.
Again guys, thank you for your help.
If you do know a way to get the long line above to start the PIA VPN into systemd, it would be nice to know so should I ever have to use it I know how to do it.
For now, I’m signing off cause my VPN works.
Apparently the ancient forum software ate my reply so here’s another try:
You’d be surprised how easy it is:
systemctl enable openvpn@myconf
And that’s it.
The systemd openvpn@.service uses any .conf file in /etc/openvpn and allows you to manipulate it. Start, Top, Enable, Disable like any other systemd file.
This is what I use as my myconf.conf file for PIA (been a member of PIA for the last 3 years and have been using this setup without fail all this time).
client
dev tun
proto udp
remote <I use IP here> 1197
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-256-cbc
auth sha256
tls-client
remote-cert-tls server
auth-user-pass /etc/openvpn/essential #I put my credentials in a separate file named essential
compress
verb 1
reneg-sec 0
<crl-verify>
-----BEGIN X509 CRL-----
copy/paste your X509 CRL in here
-----END X509 CRL-----
</crl-verify>
<ca>
-----BEGIN CERTIFICATE-----
copy/paste your ca-certificate in here
-----END CERTIFICATE-----
</ca>
disable-occ
mute-replay-warnings
Then, a simple
# systemctl enable openvpn@myconf.conf
will get it setup for the next reboot.
For now,
systemctl start openvpn@myconf.conf
will suffice it to start for the current session.
Please note, those two commands must be done by the root user.
Personally, I never ever use sudo, so I have a konsole opened and with user root logged in through “su -”.
Obviously you should mold it to what your needs are, but you now have a sort of template to work with.
Not sure how literal I should take “at boot” but another option is to switch network management from wicked but to the Network Manager and have the Network Manager open the VPN connection.
The nice things is that way you can manage everything from the GUI. ](https://developer.gnome.org/NetworkManager/stable/nmcli.html)