A pitch for Jay to do an OpenVPN tutorial

I’ve watched many, many of Jay’s tutorials, and I believe that he’s a gifted teacher. I’m new to Linux (and am more of a hobbyist than a professional). As such, I like getting into the details of many of these services, so that I understand everything from the ground up, and Jay is one of the best at doing that.

I was especially fond of Jay’s ninety minute deep dive into OpenSSH.

I noticed something when I was watching Jay’s tutorial on setting up a NextCloud server on Linode. While he could have just clicked the premade NextCloud instance in the MarketPlace, he mentioned that he likes setting something up from scratch instead of relying on a “one click” solution, because it really helps him understand what was going on. That perfectly aligns with my thinking.

With that said, the one video that I can’t seem to find out there is a tutorial on setting up an OpenVPN server “from scratch” on Linode (or on a local Linux laptop, for that matter). I’ve watched many of the YouTube OpenVPN server tutorials out there, and they seem to be in 1 of 2 categories: Ones that show setting up a one click instance in the Linode Marketplace and then customizing a bit, and ones that “install from scratch”, but simply rely on downloading and running a bunch of install scripts that someone else has created and then uploaded to GitHub. Now there’s nothing wrong with either of these approaches, but I think that if I truly started from scratch, I’d be better off when something went wrong with the installation. I’d simply know more, and that’s always better for me.

I don’t think I’ve ever seen someone set up a fresh, plain Linode instance (or install, say Ubuntu on a spare laptop), go to the command line, download and install OpenVPN server, and configure it from scratch. For example, I think that you’re supposed set up your own “certificate authority” so that you can sign your own instance of OpenVPN. It seems a little tricky, but I’d bet that Jay could easily explain that.

It’s something that Jay seems uniquely poised to do, and I wonder if he’s ever considered making that kind of tutorial. It would be an incredible learning experience, and I think it would help many of us Linux learners.

And if Jay isn’t interested in working on that kind of topic, maybe some of you guys could share links to your favorite tutorials about setting up OpenVPN server in the cloud. I just haven’t found ones that I think are good enough. Maybe I’ve missed something.

Welcome to the forum!

I’ve been spared the pain of setting up ovpn manually. Once it was already set up, another time I’ve set it up via pfSense, which was really easy (especially that pfsense has its own CA server, but self-signing via CLI is not that hard - and if you just generate the cert and use certbot from letsencrypt, it should be even easier).

I know it’s not answering the question, but are you not interested in wireguard? It’s way easier to set up and you don’t have to deal with certificates, just keys.

For ovpn, I hear most people praise pi-vpn script, which should run a normal debian install too. OpenVPN has its advantages over wireguard (speed not being one of them), like tricking monitoring software into thinking you’re running TLS (HTTPS) traffic, especially if you use the TCP OVPN, the traffic will look exactly like you’d access a website (and if you use 443 port, even better, you’ll probably be able to trick the most restricted public wifis with this, which I could’ve used a few years ago).

Not sure if I want to do a tutorial on this, as more and more, people are navigating to wireguard (and if you want a good tutorial on that, PhaseLockedLoop on the Level1Techs forum did a great job with his wiki article, although Wendell also has his own spin on it).

Probably the best resource to find how ovpn gets installed is to read the MakeOVPN.sh script on github on pi-vpn (it’s 500 lines, but you need to understand what the commands already do, otherwise, you don’t get much from it).

1 Like

Thanks for the thoughtful reply ThatGuyB!

I’m really only interested in OpenVPN and a manual install because it seems such a foundational part of servers in Linux. I’m not against Wireguard, and I’m sure I’ll turn my attention to it a little later on.

I could try to parse some of the OpenVPN installation scripts to see what they are doing, but I’ve just had better luck learning things with Jay’s tutorials. He has a knack of explaining just enough to get you going, and to cross over the notion that “it’s too hard”, and every time I’ve consumed one of his tutorials, I’ve dug deeper. But I was able to get started because he gave me the basics.

I’ll eventually figure it out, of course, but I just thought that if I was in need of an OpenVPN tutorial, chances are that there are others out there who would benefit from the same thing.

Thanks again for the reply.