Keep in mind that both the Network Manager and Terminal instructions on
https://cryptostorm.is/nix were intended for Ubuntu.
They'll work on a few other Debian based distros, but not ones that aren't up to date or have their own version/branch names (such as Linux Mint).
Here's a simple(ish) script that'll automate checking if your distro is supported:
Code: Select all
#!/bin/bash
if ! [ -f "/etc/lsb-release" ]; then
echo "Error: /etc/lsb-release does not exist"
exit
fi
codename=`grep DISTRIB_CODENAME= /etc/lsb-release|awk -F= '{print $2}'`
if [ "$codename" == "" ]; then
echo "Error: Could not find DISTRIB_CODENAME in /etc/lsb-release"
exit
fi
if [ "$(command -v wget)" == "" ]; then
echo "Error: Could not find the wget command"
exit
fi
wget -qO- https://build.openvpn.net/debian/openvpn/stable/dists/$codename > /dev/null
if [ $? == 0 ]; then
echo $codename is supported
else
echo $codename is NOT supported
fi
save that to somewhere and chmod +x it and run it. It'll grab the distro codename from /etc/lsb-release then check if it's listed on
https://build.openvpn.net/debian/openvpn/stable/dists/
They only have a few Ubuntu/Debian ones listed there though. For other distros you'll need to use whatever version your package manager installs, or if you want the latest OpenVPN/OpenSSL you'll have to install from source.
On Linux Mint and Debian and a bunch of others, installing from source would look something like:
Code: Select all
[[ $UID == 0 ]] || exec sudo -p "[?] This program requires root privileges. Please enter the password for %u to continue: " -- "$BASH" -- "$SELF" "${ARGS[@]}"
cd /usr/src/
apt install -y build-essential zlib1g-dev liblz4-dev liblzo2-dev
wget http://www.openssl.org/source/openssl-1.1.1a.tar.gz;tar zxf openssl-1.1.1a.tar.gz;rm -f openssl-1.1.1a.tar.gz;cd openssl-1.1.1a;./config --prefix=/usr -fPIC no-gost shared zlib enable-ec_nistp_64_gcc_128 -Wl,-rpath=/usr/local/ossl111a/lib --prefix=/usr/local/ossl111a;make depend;make;make install
cd /usr/src/
wget http://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.gz;tar zxf openvpn-2.4.6.tar.gz;rm -f openvpn-2.4.6.tar.gz;cd openvpn-2.4.6;CFLAGS="-I/usr/local/ossl111a/include -Wl,-rpath=/usr/local/ossl111a/lib -L/usr/local/ossl111a/lib" ./configure --disable-plugin-auth-pam --prefix=/usr;make;make install
That'll install OpenSSL 1.1.1a to /usr/local/ossl111a (so as not to cause conflicts with anything else on the system that might rely on the OpenSSL version you already have installed), then it compiles and installs OpenVPN 2.4.6 against that OpenSSL install.