I mentioned in a previous post that I had a spare Raspberry Pi. It’s taken me a while to finish but I’ve managed to turn it into a portable OpenVPN server.
A VPN, or Virtual Private Network, is a way of extending your private network into the outside world all fully encrypted. Free and in most cases unencrypted WiFi is available almost everywhere from universities to coffee shops or hotels and even your dentists waiting room, but you have to be careful what you are doing on internet access points.
Most people are unaware but free WiFi from places like your local coffee shop or hotel are ot safe. Sending confidential email or even web browsing can be subject to interception, what is commonly known as a man-in-the-middle attack. Because of the way WiFi works its relatively easy for someone with the right tools to get between you and the internet. So however tempting it may be you really do not want to be logging into your bank and even something as simple as checking your GMail could leave your Google username and password out in the open.
The idea behind a VPN is to connect to the internet from a trusted source. Once VPN connection has been established all your communications to or from the VPN are encrypted and hidden from prying eyes. No one else at the coffee shop will have any idea what your doing online. All they will see is encrypted traffic to your VPN without being able to delve into that traffic to find out what your doing.
There is a multitude of online services which offer VPN access, in many cases allowing you to pick where you’d like access the internet from there by bypassing geographic restrictions on services like Netflix and BBC iPlayer, but these as in all things have upsides and downsides depending on the service and what charges they make. Since I really resent paying for something I can do myself I going to turn a inexpensive (£35) Raspberry Pi into my VPN server.
Doing it this way not only means I will save myself the ongoing payments of 3rd party VPN service, but I’ll also be able to access my home network as if I was there and still have full access to my Synology file storage.
What you’ll need
Raspberry Pi: I’m using a model B but a B+ will work equally well.
SD Card: I would recommend an 8GB card. You shouldn’t need more if all your running on the Pi is OpenVPN.
Network cable: Cat5 or Cat6 depending on your network but you need something to connect the Pi to your router.
OpenVPN: Which we will be installing onto your Raspberry Pi.
- You already have installed Raspbian on your Raspberry Pi SD Card
- Your Raspberry Pi has a static IP address within your home network. You can ether do this from the Pi its self or like me setup your routers DHCP settings to issue the Raspberry Pi with static IP
- SSH is enabled. We need to access the Raspberry Pi to change settings and setup the OpenVPN server. Using SSH will make this simpler and means we don’t need to fuss with a keyboard or monitor attached to the Raspberry Pi
- You have forwarded both the UDP & TCP port 1194 to your Raspberry Pi’s static IP. Instructions for doing this will vary from router to router but if you search Google for your specific router you’ll find instructions
So if you’re ready I’ll get started on my how to guide.
First thing we’ll do is setup the Raspberry Pi. Assuming your using a new Raspbian installation.
- Change your password: The default username and password for a clean Raspbian installation is pi and raspberry. Leaving this unchanged is generally a really bad idea, but not changing it on a Pi your connecting to the internet is begging for trouble. To change it first login over SSH and type
sudo passwdthis will change your root password then just use
passwdto change the pi user password.
- Update: Always a good first step after a clean install. Updating the system will make sure you’re using the latest software and libraries, and any know bug or security flaws will have been patch. Raspbian OS being just a version of Debian system updates are handled by
apt-getso to update the system run
sudo apt-get update; sudo apt-get upgradefrom the SSH terminal window.
- Install OpenVPN: OpenVPN is already in the repositories so installation is as easy as running
sudo apt-get install openvpn
Now that our Raspberry Pi is ready we’ll move on to the setting up the installing and setting up OpenVPN on the Pi.