Requirements and preparation
Make sure you have the following components installed:
- sudo with root access (or direct root access)
- any text editor like vi, nano, etc.
First change into the /etc/openvpn/ directory
and get the Perfect Privacy TCP configuration with the following line. You will need to change USERNAME and PASSWORD to your Perfect Privacy login credentials.
sudo wget -v --post-data "username=USERNAME&password=PASSWORD&uri=/member/download/?file=linux_tcp.zip" -O linux_tcp.zip "https://www.perfect-privacy.com/member/"
Unpack the file with the following command:
sudo unzip -j linux_tcp.zip
To create a configuration file for the obfsproxy connection, copy any server configuration. In this howto we are using the file Basel.ovpn. We are using vim to edit the file, but any text editor like nano works as well.
sudo cp Basel.ovpn Basel-obfs.ovpn sudo vim Basel-obfs.ovpn
Remove all lines starting with remote. You will then need to add four lines:
socks-proxy-retry socks-proxy 127.0.0.1 LOCAL_PORT remote 4TH_SERVER_IP TUNNEL_PORT route 4TH_SERVER_IP 255.255.255.255 net_gateway
LOCAL_PORT can be any port that is not in use on your system. For this howto we are using port 990.
You can choose between obfsproxy2 and obfsproxy3. We recommend the latter, obfsproxy2 is provided for legacy support. When using obfsproxy3 you will need to connect to the 4th IP address of the VPN server (for obfsproxy2 use the 5th IP instead). You can find the server IP addresses on the server page in the member area. In this howto we are using obfsproxy3, so we use the 4th IP of the Basel server which is is 18.104.22.168.
For TUNNEL_PORT you can choose between the following ports: 22, 53, 443, 8085, 9009 and 36315. Generally, 443 (SSL) should work fine for all purposes but port 53 may help to get internet access from hotspots where you normally need to register on a public website first.
Once you added these lines you can save the file and exit the editor.
Now you can start obfsproxy with the following command:
sudo obfsproxy obfs3 socks 127.0.0.1:LOCAL_PORT
The LOCAL_PORT must be the same that you used in the OpenVPN configuration file, in our case this was 990.
When obfsproxy is running you can establish the OpenVPN connection in a new terminal window (or send the obfsproxy task in the background by pressing CTRL-Z):
sudo openvpn --config /etc/openvpn/Basel-obfs.ovpn
After you entered your Perfect Privacy user name and password, the connection should be established successfully. The last line should read “Initialization Sequence Completed”.
You can also save your user name and password in a text file so that you don’t have to type it in each time to connect. You can find instructions for this in our OpenVPN howto.
You can verify whether everything is working correctly by calling our Check-IP page with either of the following commands:
curl https://checkip.perfect-privacy.com/csv wget -q -O - https://checkip.perfect-privacy.com/csv