OpenVPN - newer version?

10 replies [Last post]
Abjectio

I am a member!

Offline
Joined: 08/21/2014

Hi,

My VPN provider (owncube) has upgraded their backend and ask me to use a newer OpenVPN version. (I think it is because of TLS 1.2 support etc?)
The version I've got in my trisquel installation is 2.3.2 (Trisquel 7).
I'm satisfied with the way Trisquel works and how stable it is (for my use).

What is your advice to get the openvpn to a newer version, without breaking the default Trisquel installation? (At least not destroy it totally).

Tx in help.

Chris

I am a member!

Offline
Joined: 04/23/2011

hmm,

I don't think that is going to be all that easy to do. I might switch VPN providers over it (even if that isn't a great answer). Unfortunately the other solution I'd probably go with is not ready yet (in a 100% free solution format that is, but we are working on it). What is that? OpenVPN support at the router level. You wouldn't need to run VPN software on the computer itself, just connect to it over an encrypted wifi connection (ie it tunnels all the traffic from the network over the VPN connection between the router and the VPN provider). libreCMC doesn't currently support OpenVPN, but we're trying to get the bugs worked out so users can adopt it on routers that have a sufficient amount of flash and ram. Once the next version of libreCMC is released that'll be the other option I'd recommend. It should enable more users to more easily adopt VPN for certain use cases. Hopefully we'll have server support as well, or at some point down the road. That would open up more use cases. For example secure connections between a school network connection and a home network.

There are two devices we're working on and one of them is *really really neat*.

Abjectio

I am a member!

Offline
Joined: 08/21/2014

Tx for commenting Chris. Using OpenVPN seems like a neat solution, however my vendor not might support the OpenVPN version which is provided with the router as well?
Switching vendor is not an option :) - sorry. Have a great deal (life time for a few buckets) and access to 17 countries.
I will monitor when the new libre router is available.

Chris

I am a member!

Offline
Joined: 04/23/2011

Yes- that's a possibility. I suspect though libreCMC will have a newer build of OpenVPN than Trisquel. libreCMC is a bit more bleeding edge than Trisquel.

Ultimately if you really care about your freedom this is a point where you'll probably have to make a compromise (ie not in your freedom, but choosing to pay another provider until a better solution arises, going without, breaking your system, or similar).

Abjectio

I am a member!

Offline
Joined: 08/21/2014

True - this and many other crossroads like this make you choose if you want to compromise on your freedom. For 1 year I've been able to avoid compromising on the freedom and I hope I can do that in the future as well. (It is 1 year since I've installed Trisquel on my computers).

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

I would try to install the package of the upcoming Ubuntu release: http://packages.ubuntu.com/search?keywords=openvpn&suite=wily

You may enter dependency hell...

Chris

I am a member!

Offline
Joined: 04/23/2011

That sounds like a really bad idea... for the reasons sated.

Abjectio

I am a member!

Offline
Joined: 08/21/2014

True - that is an option, but I will try to avoid it :)

One option might be compile a new version myself and not replace the openvpn installed but run it from another directory.

Abjectio

I am a member!

Offline
Joined: 08/21/2014

I solved it by compiling the openvpn source from git and run the openvpn binary from another directory, not involving it into the distribution. No it works.
Tx all for feedback.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

well, that is indeed a very good solution. I never thought about it. Nice!