LinuxCommandLibrary

pivpn

Setup and manage a VPN server

TLDR

Add a new client device

$ sudo pivpn add
copy

List all client devices
$ sudo pivpn list
copy

List currently connected devices and their statistics
$ sudo pivpn clients
copy

Revoke a previously authenticated device
$ sudo pivpn revoke
copy

Uninstall PiVPN
$ sudo pivpn uninstall
copy

SYNOPSIS

pivpn

PARAMETERS

add
    Adds a new client to the VPN server. Prompts for a client name.

remove
    Removes an existing client from the VPN server. Prompts for the client name to remove.

revoke
    Revokes a client certificate, preventing the client from connecting.

list
    Lists all connected clients.

uninstall
    Uninstalls PiVPN and removes all related configurations.

debug
    Runs PiVPN in debug mode to assist in diagnosing issues.

reinstall
    Reinstalls the PiVPN script with fresh configurations.

repair
    Attempts to repair a broken PiVPN installation.

status
    Displays the status of the VPN server.

updatelists
    Updates blocklists configured in PiVPN.

usage
    Shows the usage instructions for PiVPN commands

version
    Show PiVPN script version

DESCRIPTION

PiVPN is a user-friendly shell script designed to easily set up and manage an OpenVPN or WireGuard server on a Raspberry Pi or other Debian-based system.

It automates the installation and configuration process, handling complex tasks such as certificate generation, firewall rules, and server settings. The goal is to provide a straightforward way for users, regardless of their Linux expertise, to create a secure VPN server for remote access to their home network or for secure browsing on public Wi-Fi.

PiVPN supports both OpenVPN and WireGuard protocols, allowing users to choose the protocol that best suits their needs. It provides a simple command-line interface (CLI) for creating and revoking client certificates, updating the server configuration, and managing the VPN server. By simplifying the VPN server setup process, PiVPN makes it accessible to a wider audience.

CAVEATS

PiVPN relies on the security of the underlying VPN protocols (OpenVPN or WireGuard) and the configuration parameters chosen during setup. Secure passwords and strong encryption are essential for maintaining a secure VPN connection. The command requires root access to modify system configurations.

CONFIGURATION FILES

PiVPN modifies several configuration files, including OpenVPN or WireGuard configuration files (/etc/openvpn/server.conf or /etc/wireguard/wg0.conf), iptables or UFW firewall rules, and DNS settings. These changes are managed by the script and should not be manually altered unless you fully understand the implications.

SECURITY CONSIDERATIONS

Regularly update PiVPN to benefit from security patches and bug fixes. Use strong, unique passwords for all VPN clients. Consider enabling firewall rules to restrict access to the VPN server and prevent unauthorized connections. Keep your system updated to prevent security vulnerabilities.

HISTORY

PiVPN was created to simplify the process of setting up a VPN server on Raspberry Pi devices. It gained popularity as a convenient way for home users and small businesses to establish secure remote access to their networks without requiring extensive technical expertise. Its development has been driven by community contributions and a focus on ease of use.

SEE ALSO

openvpn(8), wg(8), ufw(8)

Copied to clipboard