People are (rightfully) freaking out about their privacy as the Senate voted the law S.J. 34 to let internet providers share your private data with advertisers. While it’s important to protect your privacy, it doesn’t mean that you need it at all times. Also, VPN is a service that is not free, but I found you the CHEAPEST DEAL AVAILABLE TODAY: therefore, let’s create a VPN in 15mn for $1/mo!
This guide will show you step by step how to do it with Virmach but this is valid for any other brand, provided you accept the price. The whole point is to use a script that does it for you, so you don’t have to spend a whole day doing it. Yes, setting up a VPN Server by hand is very complicated.
1. Get a KVM Server for $1/mo at Virmach
This is the crapiest, cheapest KVM provider I could find as of March 2020. Unfortunately they do not offer $1/mo plans anymore, because it depends on availability. I highly doubt they ever offered these plans in large quantities but you know how business work, yeah?
Select the cheapest KVM from the Virmach plans available here.
2. Create a RedHat, Debian, Ubuntu or CentOS server
Versions required for the script to work: Supported distros are Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora
- Ubuntu 18.04 or higher
- Debian 9 or higher
- CentOS 7 or higher
- Fedora any version
The script that will create the OpenVPN server for you needs to be run on the major versions above. Among the limited options that Virmach offers you for that price, as of September 2021, choose one of these:
The versions shown above are the lowest versions compatible with the script. The rest of the setup in straightforward. Take note of the
root password they give you and that’s it.
3. Initial Setup (optional)
Virmach will provide you a
root access with a
password. All the steps below are optional, especially if you already own an IaaS Cloud server access.
A. Update the System (advised)
The commands below are for Debian/Ubuntu systems:
apt update -y apt upgrade -y apt autoremove -y apt clean -y
That’s it. Most systems are already configured for IPv4 Forwarding so you should be good to go.
B. Setup SSH (optional)
You can change the remote SSH access to RSA key access only instead of using a password, by setting up your identity and the SSHd daemon.
First you need to create your SSH identity (you could also force copy your own from another server):
ssh-keygen -f ~/.ssh/id_rsa
Next, add your public RSA key in
~/.ssh/authorized_keys (there are 3 ways to do that but this one is straightforward):
echo ssh-rsa AAAAB3Nza...IsFA0eGz name>~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys
Next, tweak the SSHd config file:
sed -i -e "s/^#PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config || sed -i -e "s/^PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config
4. Install OpenVPN
To install OpenVPN and all the dependencies including EasyRSA, simply execute this command:
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
If using Ubuntu 16.04, another script is necessary:
wget https://git.io/vpn1604 -O openvpn-install.sh && bash openvpn-install.sh
That’s it. Now, get the content of the OVPN file generated for your clients:
5. Setup the Clients
With the OVPN file you got, simply import it in OpenVPN GUI and you’re good to go!
This guide will show you how to setup this OpenVPN connection on your home Dd-wrt router so the Wi-Fi is VPN-ized!
Let me know in the comments how long it actually took you. It took me much more than 15mn because I was writing the guide at the same time, but I think that 15mn altogether is a fair guess.
As of today, March 2020, Virmach let you pay $1 for a $1.25/mo plan because they “ran out” of cheap plans, but you are limited to 1 only. Also, no other location than within the USA are available, which defeats the purpose of a VPN when you live in the USA. What you really want is an access point in Europe.