Firewall with VPN set up?

@vasileios setting up a vpn following along with your video in LMS. (thank you for it!) One confusion for me. Do I need to set up a firewall with the new vpn server set up like I did when setting up and hardening a server on the video that Will did? in other words does a VPN server need a firewall. Sorry if I asked that twice, I wanted to be clear.

1 Like

@vasileios ok I almost got there… but ran into this as you will see on the following two screen shots. … and I tried a few things on my own but got stuck with out being able to advance so I called it a day at the moment. Question is, is there something I can do from this point to finish off the VPN or do i an uninstall everything I did? or do I need to really start from scratch and delete the server too and begin all new? Thanks ahead for your input. :slightly_smiling_face:

Hello @myundividedlife !
Your username is different than the one I placed as an example in the PDF (which is meant to change to your liking). :wink:
Instead of –

cd /home/vpnuser/

You can safely replace it with:

cd ~

And it will bring you to your home folder, regardless of your username. :slight_smile:

1 Like

Hi @vasileios . Thanks for your reply. I had closed out of terminal the other day and cleared the terminal so didnt get to use your advice to finish the project. I wanted to work on it tonight and was not able to ssh into my server. I have two servers set up one which was made during the VPN set up . Neither server would ssh in for me. I kept getting Permission denied (plublickey). I had connected to my original server with no problem many times before my VPN attempt. After that, I could not ssh in to either one. My passphrase for the key is the right one because it worked before the VPN set up . 1 Where do I start now to fix things 2 how to I get back on track to setting up the VPN? Wow. I feel like I really got off track on this one. Boo. :slightly_frowning_face:

ok, I have been looking at this and looking things up. It seems I messed up the key authentication because I made a new key for the vpn server. Probably didnt need that since I had a key already on linode with my other server. And I marked the new key as passwordless. So now the warning is this >

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0740 for ‘/home/mariangela/.ssh/id_rsa’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “/home/mariangela/.ssh/id_rsa”: bad permissions
mariangela@162.216.16.240: Permission denied (publickey).

I found some answers for this on line but havent tried them yet… will get time later. Any input you have here is much appreciated. :+1:

1 Like

Hello @myundividedlife!
Open up a terminal and type in:

chmod 600 /home/mariangela/.ssh/id_rsa

And try again. :slight_smile:

1 Like

@myundividedlife Are you only allowed to make one set of keys in your distro?
I want to make keys for different vps’s…?
So if one goes down, I can quickly hook back up.
Haven’t attempted anything yet.
Still confused.

Ok. thanks! This is getting interesting. lol

1 Like

@George Hi . yeah it can be confusing because its learning a new language and there are a variety of ways to do one thing - which is usually how it goes in the tech world IMO! but the trick is to go slow and know there is most often an answer thats not that hard and by actually doing the project you learn the ins and outs. And remember with servers, you can delete them and start over too really easy during initial set up. In my understanding at this point you can make more than one key and apply them as you want. I was thinking like you to have a separate key for my second server with the vpn but messed up my set up and now have to go back over it. I just wanted more practice doing keys and servers. What is good tho is I was able to trouble shoot a few things before I got totally stuck so I am grasping some knowledge. Keep watching the videos in LMS, after a time or two through them you get your AHA understanding moments. I usually play them, open a terminal, and work along with them when I am starting a new thing so I can keep checking back to the video to see if I am in the right place. Plus the worksheet files are easy to follow!

1 Like

One set of keys should be enough. For extra safety, you can set a passphrase, so when you login to any VPS, you will be prompted for your key’s password.

2 Likes

@vasileios Hello there! Guess what? Still working on the VPN. ugh. I started over because nothing was working. However, I am almost there but stuck again. What I did so far.

  1. deleted my servers and made two new ones because nothing was letting the ssh key work. All went great .
  2. with VPN server I am stuck at this step.

mkdir ~/Documents/OpenVPN
cd ~/Documents/OpenVPN
scp vpnuser@X.X.X.X:/home/MyHomeClient.ovpn ./
ls -l

I keep getting this:

mariangela@mariangela-Inspiron-N5110:~/Documents/OpenVPN$ vpndebian@97.107.142.178/MMInspirion.ovpn ./
bash: vpndebian@97.107.142.178/MMInspirion.ovpn: No such file or directory

Note: I did not do this following step because I wasnt sure if I needed it because when I did the install it said I had the latest version.

sudo apt install network-manager-openvpn

should I do that and then go back to "mkdir "step? Do I exit out first? not sure. I am at the no such file or directory point right now I posted above.

thanks.

1 Like

I decided to do the
sudo apt install network-manager-openvpn

then went back to mkdir steps. No luck. still no such file or directory. If I go and click on my home folder on my own there is a file named OPenVPN but it is empty.

Hey @myundividedlife!
The command you issued for the copy happens to not be there! That’s why you get the error.

The following command you issued –

–should be re-structured to look like this:

scp vpndebian@97.107.142.178:/home/your_VPS_username/MMInspirion.ovpn ./

Remember to replace the “your_VPS_username” with the name of the folder that is inside your VPS’ /home folder.
Also, make sure that your .ovpn filename is correct too. :wink:

1 Like

ok THANKS! :+1: :+1:

1 Like

haha nearly fell for that too
Good reminder

2 Likes

@vasileios I DID IT!!! I DID IT!!! I DID IT!!! This was my fourth attempt and getting stuck at the same place each time . That vpn user name and vps user name kept throwing me off… geez. The directions were easy but I just didnt catch the detail there. Anyway. I checked the IP address and all checked out as mine vs vpn verified at the web address you gave. O my goodness. I need a cinnamon roll. haha THANK YOU VASILEIOS!

2 Likes

Congratulations! Bravo! Step by step, you can climb the ladder, right?
I’m proud of you for not giving up! :smiley:
And you are most welcome!

2 Likes

@vasileios

Download zorin, full install, no windows. Pinned the terminal to the favorites, got online, got to my vps provider got as far as I could with your instructions, is there somewhere I can send the details, I dont want to post them here, I need help please.

Last login: Fri Dec 10 06:36:21 2021 from 175.701.194.40 xx@racknerd-xxxxxxxx:~$ sudo nano /etc/ssh/sshd_config
-bash: sudo: command not found
xx@racknerd-xxxxxxxx:~$

I followed your instructions poorly.
thanks

1 Like