Debian 搭建 OpenVPN 服务器

Mr.Wu 199 0

步骤 1. 在我们安装任何软件之前,通过apt在终端中运行以下命令来确保您的系统是最新的很重要:

sudo apt update
sudo apt upgrade

步骤 2. Debian 安装 OpenVPN 服务器。
现在我们使用以下命令从GitHub下载脚本安装程序 OpenVPN 服务器curl:

curl -O


chmod +x
sudo ./


Welcome to the OpenVPN installer!
The git repository is available at:

I need to ask you a few questions before starting the setup.
You can leave the default options and just press enter if you are ok with them.

I need to know the IPv4 address of the network interface you want OpenVPN listening to.
Unless your server is behind NAT, it should be your public IPv4 address.
IP address:

系统会询问我们是否要启用默认禁用的 IPv6:
Checking for IPv6 connectivity...

Your host appears to have IPv6 connectivity.

Do you want to enable IPv6 support (NAT)? [y/n]: y

默认情况下,OpenVPN 使用端口 1194,如果要使用特定端口,请按 2,然后按:
What port do you want OpenVPN to listen to?
1) Default: 1194
2) Custom
3) Random [49152-65535]
Port choice [1-3]: 1

接下来,设置 OpenVPN 将使用的协议:
What protocol do you want OpenVPN to use?
UDP is faster. Unless it is not available, you shouldn't use TCP.
1) UDP
2) TCP
Protocol [1-2]: 2

现在您必须选择一个 DNS 提供商:
What DNS resolvers do you want to use with the VPN?
1) Current system resolvers (from /etc/resolv.conf)
2) Self-hosted DNS Resolver (Unbound)
3) Cloudflare (Anycast: worldwide)
4) Quad9 (Anycast: worldwide)
5) Quad9 uncensored (Anycast: worldwide)
6) FDN (France)
7) DNS.WATCH (Germany)
8) OpenDNS (Anycast: worldwide)
9) Google (Anycast: worldwide)
10) Yandex Basic (Russia)
11) AdGuard DNS (Anycast: worldwide)
12) NextDNS (Anycast: worldwide)
13) Custom
DNS [1-12]: 9

Do you want to use compression? It is not recommended since the VORACLE attack make use of it.
Enable compression? [y/n]: n

如果您真的知道如何操作 OpenVPN,您可以自定义加密选项。如果你不这样做,不要这样做:
Do you want to customize encryption settings?
Unless you know what you're doing, you should stick with the default parameters provided by the script.
Note that whatever you choose, all the choices presented in the script are safe. (Unlike OpenVPN's defaults)
See to learn more.

Customize encryption settings? [y/n]: n

Okay, that was all I needed. We are ready to setup your OpenVPN server now.
You will be able to generate a client at the end of the installation.
Press any key to continue...

Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: idroot

Do you want to protect the configuration file with a password?
(e.g. encrypt the private key with a password)
1) Add a passwordless client
2) Use a password for the client
Select an option [1-2]: 1

Client idroot added.

The configuration file has been written to /home/user/idroot.ovpn.
Download the .ovpn file and import it in your OpenVPN client.

完成设置安装后,您需要做的是下载文件并将其复制到客户端,以便它可以从连接管理器的 GUI 或通过终端使用以下命令进行连接:idroot.ovpn

发表评论 取消回复
表情 图片 链接 代码