Please recommend a VPN to install
I'd like to spin up the smallest shared Linode and install Ubuntu with a VPN on it, probably via the Marketplace.
There are six of them listed.
Which is the easiest to install and configure and which has a macOS client?
Or maybe I want to use a non-marketplace package?
(I believe my iPhone has VPS built in that can connect with any VPN server?)
Thanks.
12 Replies
no need pay for it
just spin up a 5£ node or use one you already have
and run this oneliner for wireguard
wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh
or for OpenVPN use….
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
both can be found on NYR github
Wouldn't it be easier to use one of the pre-built Marketplace apps? That is what I was planning to do. Should I not?
From my research it looks like OpenVPN is more secure than Wireguard, but much slower (by about half.)
OpenVPN is old, tried, vetted, and a bloat while Wireguard is new, fast, efficient, partly 'beta' and has a small footprint.
I'm just looking for a slam-dunk easy/fast Linux install… one that does not take me all day to figure out and then get done!
Looks like they both have macOS and iOS clients that look easy to configure.
So, if you have your own Linode VPN, what do you use? OpenVPN or Wireguard?
Thanks.
I use Wireguard. It's built into the Linux kernel and it's much easier to configure than OpenVPN, in my opinion. It's also faster than OpenVPN will be, both due to its encryption algorithms, and because it's in the Kernel and not a user space program.
Yes indeed i agree Ovpn is old and tied I run a lot of WG servers via the above script and it is as simple as bang in the one liner and go its set up and running in under 30sec and that following the prompt in terminal and adding the client LOL
this is what i normally do
sudo su
apt update -Y && apt upgrade -Y && wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh
Bang done
From there i just harden the server
it take in all 2mins max
hope this helps
12C: Thanks.
Can I ask one question? Why don't you use the one-click Wireguard Marketplace install method?
I would think that would be easier and faster than using the wget command for the install script?
I would think that would be easier and faster than using the wget command for the install script?
You would use wget to install WG on an existing Linode. The marketplace thing always spins up a new Linode. I suppose you could use apt to install WG as well but the wget method is the latest/greatest…the apt repositories are usually behind that.
-- sw
The marketplace thing always spins up a new Linode
That was my intent. Can (or should I) run a VPN on a Linode instance that has my websites and other apps (EspoCRM, Piwigo, etc.)? I thought a VPM should be on a dedicated server. I was going to get a $5 Linode and just use it for a VPN. I thought that was the "best practice."
I also thought that spinning up the Marketplace new Linode would do all or most of the configuration for me… UFW, SSH port open, etc. (I guess the only way to find out is to spin it up and try!!)
(I'm told that OpenVPN is far more secure but far slower than Wireguard. I don't see how that can be but I didn't take the time to research it further.)
That was my intent. Can (or should I) run a VPN on a Linode instance that has my websites and other apps (EspoCRM, Piwigo, etc.)? I thought a VPM should be on a dedicated server. I was going to get a $5 Linode and just use it for a VPN. I thought that was the "best practice."
I would do just as you described. I was merely pointing out that you could still install WG without spinning up a new Linode…and that would be the reason to install it using wget or apt.
-- sw
tlambert
Linode Staff
You could also spin up the Docker Application on a Nanode and run OpenVPN and Wireguard in containers. I haven't tested it myself but it should be less resource intensive this way and will give you the ability to test them both out pretty easily.
I'd disagree with Docker being less resource intensive running the VPN servers, though it would provide you with more isolation between the two VPN servers, such that one couldn't access the other if there were a vulnerability in the code on either. I would also submit that Docker would be a little more difficult to set up and run, rather than a dedicated Linode running one or two VPN servers without Docker.
Opinions on Docker will likely vary, I wouldn't recommend running a VPN server in Docker. The last time I tested Docker myself, running no containers and simply waiting for something to do, Docker used about 160MB of ram.
If you want the fastest VPN server with little overhead, running Wireguard on its own dedicated Linode with nothing else running, is going to be your best bet.
Thanks for all the help but when I look at the $60 yearly cost of the Linode vs. the $69/yr I pay to Witopia (https://www.personalvpn.com/) it does not really make a difference. I might get a bit more speed when using it at home but I travel worldwide and like to be able to choose a VPN datacenter close to where I am at the time. Like most VPN services, Witopia has a zillion locations to use.
I've been with them for ten years and never had a problem. So, again thanks for all the help but I'm going to keep what I have.