I'm running a headless Ubuntu 14.04.1 server. I'd like to use a commercial VPN service to secure the server's internet connection, and my VPN provider uses passphrases for authentication. I've installed openvpn
on the server, and it has the necessary .ca
, .conf
files to initiate a connection to my VPN.
However, to initiate said connection, I need to ssh
in and issue the commands (sudo openvpn --config <conf-file>
followed by my VPN credentials), then keep my terminal open for as long as I want the server to remain connected to the VPN.
This is impractical on a headless setting. I've been trying to issue the command remotely in such a way that it can run in the background while I disconnect from the server, but I'm facing the following issues:
- I could set the server to connect automatically on startup, but that would require storing my VPN credentials in plain-text, which I'm averse to.
- I can't run a single
ssh
command asroot
(without connecting to the server asroot
, but then I'm not sure setting a password forroot
is a good idea. Opinions?). That is, if I sendssh <user>@<server> "sudo <command>"
I get
sudo: no tty present and no askpass program specified
- Any combination of the
fN
flags I try to pass tossh
results in the command going to the background before I'm asked for my VPN credentials.
Please don't hesitate to offer a different avenue of initiating the connection even if you think these ideas are unfeasible. However, please note that the server doesn't have a GUI installed, so any idea relying on that is unsuitable (for example, I'd love to use
nmcli
to initiate my VPN, but I can't create a network-manager
connection without GUI, or at least I don't know how to).(PS I tried finding a solution online, but there are too many results dealing with setting an OpenVPN connection to one's server, and if anything relevant is hiding among them I wasn't able to find it.)