this post was submitted on 24 Mar 2024
50 points (96.3% liked)

Linux

48090 readers
723 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hey! Ive just got Fedora 39 on my PC. I'm new into Linux, but I liked the way Fedora looks and so on. But as a former windows user, I was glad to use Proton VPN. On windows it just worked well, and my local Broadcaster homepage didn't notice that I was using, Secure Core, via example Switzerland though a server in my country. But now, when I use Proton VPN in fedora, the broadcaster notice that my internet goes via another country, and dosnt let me whatch. I juse the App I found on Flatpak. Is there something I should investigate more , of some easy tweaks to make it work well again?

all 26 comments
sorted by: hot top controversial new old
[–] [email protected] 38 points 7 months ago (2 children)

Don't use Flatpak etc for VPNs, it's limited, insecure and pointless.

It's highly likely that the Flatpak version is not routing your DNS queries, thus leaking your location. I wouldn't be surprised if other traffic is being leaked as well.

Since you're on normal Fedora, just use the normal app (.rpm): https://protonvpn.com/support/official-linux-vpn-fedora/. Don't use the CLI version though, as it's still on the old version (v3).

[–] [email protected] 7 points 7 months ago

Man i wish I knew about this earlier... Thanks for the tip 🙌

[–] [email protected] 1 points 7 months ago (2 children)

Oh. So what wikk be OK to use the flatpack store for?

Thank you for help.

[–] [email protected] 3 points 7 months ago

You can use it for normal applications that aren't sort of "system components" like a VPN. So if you want to install some office/productivity software, or a web browser, or a music/video player, then a Flatpak would be a reasonable choice. For most of those cases you would probably still choose the RPM if it is available, but Flatpak is also fine if not.

[–] [email protected] 12 points 7 months ago* (last edited 7 months ago) (2 children)

I've always preferred to use OpenVPN configuration files for setting up VPNs on Linux, rather than using the VPN providers app.

Basically, you need to install a few packages: openvpn and networkmanager-openvpn. This second one is optional, but it allows you to simply pick a VPN connection from the same drop-down applet you connect to WiFi from.

Then, all you do is head to https://account.protonvpn.com/downloads, download the OpenVPN configuration files, extract them somewhere, then use the network manager menu to pick one of the servers. When you're adding the connection, it'll require your VPN login info. This isn't the same as your regular login though, to find that, head to https://account.protonvpn.com/account, and the credentials are listed under "OpenVPN/IKEv2 Username".

Once this is setup, connecting to a VPN is as simple as opening your network applet, then clicking on your VPN of choice. You can add as many VPN connections as you want to switch between servers easily. Really handy to not need a VPN providers' specific app just to connect to a server.

[–] [email protected] 2 points 7 months ago (1 children)

Yeah but vpn servers get blacklisted way too often. You're going to need to download a new config everytime

[–] [email protected] 3 points 7 months ago (1 children)

Personally never ran into this. And if I did, downloading an archive full of configuration files takes 10 seconds and adding a new connection takes no longer. Not a big deal imo.

[–] [email protected] 2 points 7 months ago (2 children)

Yeah but connecting to a new connection in command line is even faster protonvpn-cli c -f

[–] [email protected] 2 points 7 months ago

True. I made a bash script for that, and it runs on boot. Super easy and seamless.

[–] [email protected] 1 points 7 months ago (1 children)

I like having a visual method, and having it in my connections menu makes the most sense to me. But fair point, the CLI route is quickest.

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (1 children)

Protonvpn also has a gui though. I mean I think having the openvpn setup has some advantages since some systems might not be natively supported or don't have the need for changing servers, however, I've tried using that on my personal devices and it just wasn't for me.

[–] [email protected] 2 points 7 months ago

Hey fair enough, to each their own. I like my method because it feels 'native' to the given DE, like it was included by default. I've used multiple gui apps from different providers, don't really miss any features they had that my method doesn't.

[–] [email protected] 1 points 7 months ago

Thank you for the great answer, and help. But I think its for now ( I'm a newbe) to much ways , I'm just learning 😀

[–] [email protected] 8 points 7 months ago

This is the proper native way to get protonvpn on fedora

https://protonvpn.com/support/official-linux-vpn-fedora/

[–] [email protected] 7 points 7 months ago (1 children)

I haven't had luck with proton VPN on my LMDE machines, so I just used the wire guard configs instead.

[–] [email protected] 3 points 7 months ago (1 children)

That's interesting, I use protonvpn's official deb on ubuntu and it works just fine

[–] [email protected] 2 points 7 months ago

Glad it works for you! I contacted their support team and they basically told me to kick rocks since they don't officially support LMDE. Maybe I'll give a try again later, but wire guards been working well enough for me

[–] [email protected] 5 points 7 months ago

I've got ProtonVPN set up through wireguard on my system and it works great. Only caveat is that you have to set up multiple profiles if you want different locations, secure core, etc. Not a big deal in my use case, but something to consider.

https://protonvpn.com/support/wireguard-manual-linux/

[–] [email protected] 4 points 7 months ago

Not 100% sure about the flatpak, but if you have access to the terminal interface, the command line app is really well done and you can turn of "secure core"

[–] [email protected] 2 points 7 months ago (2 children)

Hey! Thank you all for the support. Well im trying to learn all the wonders of Linux. Ive now installed the app with the terminal, it didnt help with my problem, maybe my browser sends some location?, but now ive got the official app, and that feels more secure. thank you.

[–] [email protected] 3 points 7 months ago* (last edited 7 months ago)

Considering you are not using the Flatpak anymore it is, indeed, strange. The only reasons I can think of are: your network manager is using the wrong network interface to route your traffic ( if you go on an ip checking site like for example ipinfo do you see yours or the VPN's IP?) or that you have WebRTC enabled and the broadcaster is getting your real ip through that.

For the first case it can get pretty complicated, but it is probably an error during the installation of the VPN app or you set up multiple network managers and it gets confused on which one to configure. You should also enable the Advanced Kill Switch in the configuration.

For the second case you could try adding something like the Disable WebRTC add-on for firefox and check if it works. Remember to enable it for Private Windows too.

The last thing I can think of is that you allowed the broadcaster to get your real geolocation (in firefox it should be a small icon on the left of the address bar), or you are leaking some kind of information somewhere: there are a bunch of site that check for ip leak, but I don't know if that goes too deep for you.
If you want to check anyway the first two results from DDG are browserleaks and ipleak. Mullvad offered one too but it is currently down.

EDIT: If you enable the Advanced Kill Switch, and the app is working correctly, internet will not work while you are not connected to a VPN server or until you disable the switch again, so pay attention to that.

[–] [email protected] 3 points 7 months ago* (last edited 7 months ago)

Try to completely delete your browser data, cookies, cache, etc.

The website might've set a cookie or something in your browser that marks your location when the VPN wasn't working properly and is using this now to identify you despite the fixed VPN.

[–] [email protected] 2 points 7 months ago

Seconding to use the protonvpn CLI program, it always worked well for me. These days I just use wireguard config files though, they're much easier as you can just add them to networkmanager and you'll auto connect on boot. IME the official VPN programs are often buggy. I also added a module to my waybar to show if I'm connected or not for peace of mind that the vpn started up correctly without any other indicator (if you use a DE you might already have an indicator for vpn connections)