All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Scrambled OpenVPN Auto Installer Script
This script is used to setup a scrambled(OpenVPN+Xor patch) VPN on any centos box with user interaction.Standard OpenVPN setup won't work in countries like China and Pakistan due to intensive censorship.
Source : http://lowendtalk.com/discussion/21539/tutorial-build-your-ultimate-scrambled-vpn
I wish to thank @halczy for posting the tutorial to setup the vpn and i used his tutorial as a source to create the bash script that i am going to share with you today.
Download link
https://drive.google.com/file/d/0B_s7n4-sdChARnpNeTJTTkVmQmM/edit?usp=sharing
Run the script on a fresh Centos 6 minimal Install
Requires root access
Setup Time : 2-5 mins
Tested with : Centos 6.x (Both 32 bit and 64 bit)
Script is fully opensource
How to install
Upload setup_vpn.sh
to root directory.
Login to your server via ssh as root and type the following command
bash setup_vpn.sh
Wait for setup to complete
Once setup has completed login to SFTP via FileZilla to /root/client-files/
Download scrambled-client.ovpn
on your computer and place the scrambled-client.ovpn
in the config folder of your OpenVPN installation
Do NOT forget to patch the OpenVPN installation on your computer to be able to connect to your VPN.
See the following post for more details:
http://scramblevpn.wordpress.com/2013/09/28/build-patched-windows-openvpn-client/
After you patch your openvpn installation you should be able to connect
Njoy your VPN
Comments
Do it for wheezy
Thanks for the script, its appreciated!
It would be a lot easier to use WGET.
cd && wget --no-check-certificate [removed] && bash setup_vpn.sh
@khav I received the following error on my DO droplet:
swapon: /dev/vda2: stat failed: No such file or directory
@PetaByet
The script is supposed to be run on a fresh install which means that wget is not yet install
For the error , i will issue a revision soon enough and i am working on it atm
The script just check if swap exist on the server before beginning installation.This is because on droplets with low ram , installation may fail
The code that i have added to activate the swap is a workaround on the ramnode box because swap don't get added to the server by default
How much ram you have?
512MB
I've successfully installed OpenVPN on a 96MB VPS before, so the memory won't be an issue (unless your script does something else).
@PetaByet
My script will create a swap space if you don't have swap on the server by default.Its just that the commands used were specific to ramnode.
I updated it now
Check it now on a fresh install and report back
Also you can view the source yourself , its heavily commented and fully opensource with zero encryption
it's easy,thanks
this is cool but can you get written for ubuntu, or debian ?
to install patched openvpn, use DEB package, already patched, or build your own
http://vpnchinaopenvz.wordpress.com/2014/03/15/8/
configure (TODO)
connected. but cant use the internet.
I've already setup the iptables.
still, cant browse the internet
I have this error message:
setup_vpn.sh: line 222: syntax error: unexpected end of file
@comeback have you edited the file ?
To fix that error open script with notepad++ --> Edit -->EOL Conversion --> Select Unix/OSX format
Then reupload
@psycholyzern
If you are using openvz then you need to enable TUN/TAP
done.. but still cant browse the internet even the vpn connected..
btw, I followed original tutorial, the manual one.. successfully connected and the internet can be used.. so, maybe there are problems that I cant see when m using the auto script..
@psycholyzern
You were right mate.....i forgot to add one command concerning the iptables rules for openvz.
I have added it to the script now...Kindly re download and test it again
Sorry for this inconvenience and thanks for taking time to use the script.I couldn't notice this mistake since i tested it only on KVM
Regards
@comeback
I fixed that error ...again {i forgot to close an if statement in one of my revisions}
Should work now
I successfully run the script on the server and everything seems to be all right with that part.
I installed OpenVPN package and I downloaded patched version of openvpn.exe (correct version).
When I click on the Connect from Window tray icon I get the following
I can also see this in the OpenVPN connection window
I enabled TUN/TAP on my server
I tried to manually start openvpn service on the server
service openvpn start
Starting openvpn: [FAILED]
I have to admit that it is beyond my knowledge to figure this out :-(
If someone could please help me to resolve this, i would be most grateful
Thank you in advance!
@mihha
when you run the script at some point it ask you to enter certificate info , you need to enter these details
for e.g
Now, that is the problem because the script didn't ask me those details
I reinstalled the server and run the script once again. It did ask me for the key details but after I filled in the last key details (client.key) I received the following error
Sign the certificate? [y/n]:y
failed to update database
TXT_DB error number 2
I think I found the solution here
https://forums.openvpn.net/topic10656.html
Need to test this
I've made some progress but now I am stuck on the following error (from openvpn log on the client)
Wed Mar 19 11:06:55 2014 UDPv4 link local: [undef]
Wed Mar 19 11:06:55 2014 UDPv4 link remote: [AF_INET]127.0.0.1:443
Wed Mar 19 11:06:55 2014 MANAGEMENT: >STATE:1395252415,WAIT,,,
Wed Mar 19 11:06:55 2014 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
What actually gave me a 'huh?' moment is this
UDPv4 link remote: [AF_INET]127.0.0.1:443
It looks like my openvpn is trying to access server on a localhost and not on my server IP address
Can someone give me an idea what could be wrong with that, please?
I searched the internet and all I am finidng is the explanation for the
read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
but how can I force this client to connect to my server IP address?
@khav
I found an error in your script (at least on my server)
This line
/sbin/ifconfig|grep inet|head -1|sed 's/\:/ /'|awk '{print $3}'
returns localhost IP address
127.0.0.1
It should return server IP address I guess?
This line returns an error too
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source YOUR $ipaddr
iptables v1.4.7: Bad IP address "YOUR"
/sbin/ifconfig|grep inet|head -1|sed 's/\:/ /'|awk '{print $3}'
was updated to
ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'
so now it should return your server ip address
The iptables error was a typo , just had to remove
YOUR
All of this has been edired in the script and a revision and be issued
Redownload it and test it again
@khav
Yes, that was the issue I had. I tested the script again with the applied changes and everything works as expected
I can confirm that VPN is working correctly because, by a chance, I am currently in one of the countries that forbid lots of websites and I can access them through the VPN without any problems :-)
Thank you for your hard and good work!
It was a pleasure mate......thanks to you as well for testing the script on openvz virtualization
it worked on my VPS 128MB ram OpenVZ. Very easy to install. Thank you for making this wonderful script. No issue what so ever.
Happy to know you loved it:)
one more thing, can i use the client config on multiple PC?
Yes, you can. Not in the same time because it is configured to get the same remote IP address. If you change remote IP address in the config for each client, you will be able to use it on multiple machines in the same time
on regular openvpn setup you just need to create different username/password. How can i achieve it on this kind of setup?