© 2023 CoolTechZone - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

VPN FOR LINUX: 5 Paid & 5 Free services + custom VPN setup

Allow Linux traffic through a VPN channel?” Nothing is easier! I will tell about my experience using VPN services on CentOS, Debian and Ubuntu.

Table of contents:

The five best VPNs for Linux
  1. ExpressVPN: The most powerful VPN service for today. Console application. Easy installation.
  2. NordVPN: Multifunctional big service. Advanced functionality including Double VPN and Obfuscation.
  3. PIA: A full-fledged graphical app for  different systems.
  4. Surfshark: Large selection of locations, MultiHop, low price.
  5. HMA: The biggest country selection. Console pseudographic script.
The five free VPNs for Linux
  1. ProtonVPN: Command-line tool. Forbidden P2P, does not support streaming.
  2. Windscribe: The traffic limit is 10GB per month. Integrated firewall.
  3. TunnelBear: Provides configuration for setting the OpenVPN client. 1500 MB limit.
  4. hide.me: 10GB per month. 4 countries. Manual settings.
  5. VPNBook: Configuration for OpenVPN. Very low speed.

Linux VPN: My setup experience

I have been creating and using virtual networks for a wide variety of OSs for more than 15 years. Until recently, on Linux, I have repeatedly managed to install and configure only the server-side of such networks.

Once I needed to install a VPN client. The reason is quite simple - it’s needed to hide the server IP address without using a proxy.

Despite all the experience of using VPN clients on other platforms, it was not possible to install the Linux client for the first time.

My mistake was that I did not look towards general VPNs but towards the open-source OpenVPN client for its subsequent configuration. This approach was more familiar, and it seemed to be more reasonable.

I lost a lot of time trying to configure the client itself and network settings. At first, the library versions did not match, and then there were difficulties with routing.

Finally, having configured it, I decided to go the same way, but already using ready-made clients from VPN services. And ... regretted that I did not do so right away.

Feeling how much easier it is to install software, I conducted my testing of the capabilities and security settings of more than 20 VPN services.

Read on and you will find out which VPN clients for Linux are the most convenient to install and at the same time functional and safe (in my experience).

By tradition, I made two lists - 5 paid and 5 free providers.

  • Recommendation. On Linux, as on other OSs, the same rules apply for free VPNs. They have several disadvantages, which I will talk about. Now I want to advise you from personal experience - it is more efficient to use a paid VPN with the possibility of a refund. This will allow you to use a server or computer with Linux at a good speed, and in case of failure, you can easily get your money back.

Top 5 VPNs for Linux

So, I liked ExpressVPN the most. It is one of the fastest VPNs and yet supports Ubuntu, CentOS, Debian, Fedora, Raspbian, and Arch. In conjunction with all parameters, this is the best VPN for Linux.

I liked the functionality of ExpressVPN. You can run double VPN directly from the console, manage protocol obfuscation, choose a protocol, and much more.

Read more about all five VPNs below.

  • Also read my review of 5 paid and 5 free VPNs for routers.

Comparison of the main characteristics of VPN apps of the top five services

Service Ranking (out of 10) Speed, Mbps Country selection Type of software Price (monthly)
ExpressVPN 10 >100 94 console $6.67-12.95
NordVPN 10 >80 59 console $4.13-11.95
PIA 9 >70 44 app $2.69-9.95
Surfshark 9 50-80 61 console $2.49-12.95
HMA 9 60-80 38 sh script $0-4.99

ExpressVPN1. ExpressVPN

Main advantages

  • Very high speed
  • Locations in 94 countries
  • Easy installation
  • Compatible with all Linux distributions


ExpressVPN is primarily valued for its high speed and stability. It’s installed from the console on any Linux distribution. The service website has detailed instructions for each distribution.

6 reasons why ExpressVPN is the best:

  1. Speed ​​measurements showed the result of >150 Mbps.
  2. Over 3,000 servers in 94 countries.
  3. Ability to configure auto connect.
  4. Netflix Support (Ubuntu).
  5. Total anonymity. The provider uses diskless servers.
  6. Safe jurisdiction (offshore on BVI).

ExpressVPN is the first VPN client that I installed on Debian other than OpenVPN. Following the instructions on the provider's website, I installed and launched the daemon in a few minutes, which has been stably protecting my server so far.

On Ubuntu, ExpressVPN is additionally interesting because of the ability to unlock the geo-limited content of popular video services.


 The service has 3 plans, differing in price and duration of the subscription.

  1 month 6 months 1 year
Price (monthly) $12.95 $9.99 $6.67+ 3 months for free
Money-back guarantee 30 30 30

 * Prices include the discount that is provided when clicking on links from CoolTechZone.com

Different payment methods are supported, including cryptocurrencies.

ExpressVPN Preview
Proven Reliability, 100% Privacy, streaming support


ExpressVPN full review

NordVPN2. NordVPN

Main advantages

  • Over 5700 servers
  • Advanced functionality
  • IKEv2 Support
  • Compatibility with all distributions


I really like NordVPN due to its functionality and technical characteristics. The provider allows you to access any of its 5700+ servers, and not just the country or city. Also, it provides dedicated IP addresses, which may be indispensable for server solutions.

I also note the possibility of running double VPN from the console, as well as using obfuscated servers to bypass the blocking of standard VPN protocols.

Installing a console app will not be difficult even for beginners, as there is a detailed instruction on the service’s website.


The service has 3 plans, differing in price and duration of the subscription.

  1 month 1 year 2 years
Price (monthly) $11.95 $4.92 $4.13
Money-back guarantee 30 30 30

Different payment methods are supported, including Amazon Pay.

NordVPN Preview
Powerful universal VPN service with secure jurisdiction


Screenshot of the Linux app of NordVPN

Private Internet Access3. Private Internet Access

Main advantages

  • WireGuard support
  • Graphical application
  • Shadowsocks
  • Advanced connection settings


Private Internet Access (PIA) is the first VPN service on our list that has a graphical shell on Linux. However, that’s the case only on Ubuntu and other distributions with systemd.

The provider does not offer a console app for classic servers.

The app supports the progressive WireGuard protocol, allows you to change the biggest number of connection parameters, however, PIA does not support Netflix and has 44 countries in its arsenal.


The service has 3 plans, differing in price and duration of the subscription.

  1 month 1 year 2 years
Price (monthly) $9.95 $3.33 $2.69 +2 months for free
Money-back guarantee 30 30 30

Different payment methods are supported, including anonymous cryptocurrencies.

Screenshot of the app of Private Internet Access

surfshark4. Surfshark

Main advantages

  • Low price (from $ 2.49)
  • MultiHop (double VPN)
  • Easy setup
  • Streaming support


Surfshark on Linux has several advantages and only one drawback.

The provider’s software is easy to install and configure using detailed instructions. As for functionality, all standard features are available plus MultiHop technology. It is used as an analog of double VPN.

There is a disadvantage: testing revealed poor protection of the names of visited sites (DNS leak). A host or ISP will be able to see the domain names to which the user/system is connecting.


The service has 3 plans, differing in price and duration of the subscription.

  1 month 6 months 2 years
Price (monthly) $12.95 $6.49 $2.49
Money-back guarantee 30 30 30

Different payment methods are supported, including Google Pay.

Surfshark Preview
Big choice of locations, good speed, growing popularity


Screenshot of the console app of Surfshark


Main advantages

  • Over 170 countries
  • Pseudographic script
  • High speed


HMA (formerly called “HideMyAss!”) allows you to combine the efficiency and versatility of a console application with convenient visualization. The application is installed in almost one operation - launching the script downloaded from the .sh service website.

Software has a classic functionality and a large selection of countries (over 170) and high speed.

Has a 7-day trial period. Does not have a 1-month subscription.


The service has 3 plans, differing in price and duration of the subscription.

  7 days 1 year 3 years
Price (monthly) $0.00 $4.99 $2.99
Money-back guarantee - 30 30

Only standard payment methods are supported - by card or PayPal.

Screenshot of the app of HMA

Best Free VPN for Linux

According to the results of testing on Linux, ProtonVPN became one of the best free VPN services. Slightly inferior to it is Windscribe.

Then there are TunnelBear, hide.me and VPNBook, with a more noticeable lag.

Because the services differ significantly not only technically, but also on the principle of providing free access, I advise you to make the final choice after reading all 5 short descriptions.

Warning: All free VPNs have significant drawbacks. For Linux, this is primarily a significantly limited speed and/or volume of included traffic. The low stability of the connection can also be a big minus.

I should note that the first 3 services have successfully passed the test of not only free but also the paid version.

ProtonVPN1. ProtonVPN

Main advantages:

  • Best free plan
  • The service is in the top 10 VPN leaders


ProtonVPN offers a console app for any Linux distribution. It has good functionality, but I want to dwell on three other advantages of the service:

  1. Unlimited traffic
  2. 7-day trial of the full-featured version without the need to switch to a paid subscription
  3. Good speed as for free VPN.

Software installation requires only two commands. The provider's website has detailed instructions for setting up different distributions.

Free ProtonVPN: Pros and Cons


  • Acceptable speed
  • Unlimited traffic
  • No credit card required
  • Does not keep logs


  • No Netflix support
  • No torrenting support
  • 3 countries

Screenshot of the command-line tool ProtonVPN

Windscribe2. Free Windscribe

Main advantages:

  • Powerful functionality
  • 10-Gb monthly limit


Windscribe also has a command-line tool for Linux, but its free version is significantly different from ProtonVPN’s both technically and in the way of providing free access.

  • Free traffic limit - 10 GB monthly
  • Access to locations in 11 countries
  • Firewall available (Kill Switch)

Windscribe software can be installed on all major Linux distributions; the service website has detailed instructions not only for each distribution, but also for each version.

Free Windscribe: Pros and Cons


  • 10GB per month (limit over 10GB not found)
  • Advanced features
  • Whitelist
  • No credit card required
  • Does not keep logs


  • No Netflix support
  • 11 available countries
  • Only the OpenVPN protocol works acceptably for free

The access speed is average and depends on the location.

For more information about the paid and free versions, see the Windscribe full review.

Screenshot of the app of Windscribe VPN

TunnelBear3. Free TunnelBear

Main advantages:

  • Only configuration for setting the OpenVPN client up is available High speed
  • 1500MB Limit


Free TunnelBear is the fastest free VPN presented, but it has two significant disadvantages:

  1. The service does not provide its own software for Linux
  2. 1500 MB Monthly limit

I should also note that TunnelBear has free locations in 23 countries, which is a kind of record.

Free TunnelBear: Pros and Cons


  • High speed
  • Streaming support
  • Good paid version
  • Does not keep logs
  • No credit card required
  • 23 countries


  • Limit of 1500 Mb per month
  • No native Linux app

Whether you should use TunnelBear for free or not depends heavily on how much-estimated VPN traffic will be used. Besides, you will need additional qualifications for installing and configuring the OpenVPN client.

Screenshot of  the TunnelBear setup instructions

hide.me4. Free hide.me

Main advantages:

  • Only manual configuration available
  • 10GB per month
  • 4 countries


Hide.me as well as TunnelBear does not have its software for Linux, but differs in more traffic included, lower speed, and a small selection of countries.

The provider is seriously behind all the previous VPNs from this Top 5 but can be interesting as an additional solution if you use 2 or more VPN services on the same computer/server.

Free hide.me: Pros and cons


  • 10GB per month


  • 4 countries
  • Manual settings only
  • Average speed

Screenshot of the configuration of hide.me

VPNBook5. VPNBook

VPNBook is the slowest VPN for Linux on this list. It also does not have its own software.

Its only plus is the lack of a limit. But testing showed that at a speed of 0.1-1 Mbps this is unlikely to compensate for the shortcomings.

Installing OpenVPN and configuring VPNBook is quite simple to do with the step-by-step instructions on the service’s website.

Free VPNBook: Pros and cons


  • Totally free
  • Unlimited traffic


  • Low speed
  • Poor connection stability
  • Lack of a native Linux application
  • Keeps logs

Screenshot of the website of VPNBook

Other Good VPN Services for Linux

If for some reason the services discussed above did not suit you, pay attention to other VPNs that have been tested, but differ in general characteristics or are less universal.

How to set up your VPN server?

To configure Virtual Private Network on a server (own VPN), I recommend using an OpenVPN server. This is the easiest and most common version of your own VPN.

Step-by-step guide for setting up the VPN server part based on OpenVPN (Debian 10):

1. Update index:

$ sudo apt update

2. Install OpenVPN:

$ sudo apt install openvpn

3. Download and unzip EasyRSA (relevant for 2022):

$ wget -P ~/ https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.7/EasyRSA-unix-v3.0.7.tgz

$ cd ~

$ tar xvf EasyRSA-unix-v3.0.7.tgz

4. Create a CA using EasyRSA:

$ cd ~/EasyRSA-v3.0.7/

$ cp vars.example vars

$ nano vars

Locate and modify the following lines:

#set_var EASYRSA_REQ_COUNTRY            "US"

#set_var EASYRSA_REQ_PROVINCE   "California"

#set_var EASYRSA_REQ_CITY         "San Francisco"

#set_var EASYRSA_REQ_ORG         "Copyleft Certificate Co"

#set_var EASYRSA_REQ_EMAIL      "[email protected]"

#set_var EASYRSA_REQ_OU            "My Organizational Unit"

Run init-pki and create a CA:

$ ./easyrsa init-pki                

$ ./easyrsa build-ca nopass


5. Create Server Certificate, Key, and Encryption Files:

$ cd EasyRSA-v3.0.7

$ ./easyrsa init-pki

$ ./easyrsa gen-req server nopass

$ sudo cp ~/EasyRSA-v3.0.7/pki/private/server.key /etc/openvpn/

$ scp ~/EasyRSA-v3.0.7/pki/reqs/server.req [email protected]_CA_ip:/tmp

$ cd EasyRSA-v3.0.6/

$ ./easyrsa import-req /tmp/server.req server

$ ./easyrsa sign-req server server

$ scp pki/issued/server.crt [email protected]_server_ip:/tmp

$ scp pki/ca.crt [email protected]_server_ip:/tmp

$ sudo cp /tmp/{server.crt,ca.crt} /etc/openvpn/

$ cd EasyRSA-v3.0.7

$ ./easyrsa gen-dh

$ sudo openvpn --genkey --secret ta.key

$ sudo cp ~/EasyRSA-v3.0.6/ta.key /etc/openvpn/

$ sudo cp ~/EasyRSA-v3.0.6/pki/dh.pem /etc/openvpn/

6. Create the Client Certificate and Key Pair

$ mkdir -p ~/client-configs/keys

$ chmod -R 700 ~/client-configs

$ cd ~/EasyRSA-v3.0.7

$ ./easyrsa gen-req client1 nopass

$ cp pki/private/client1.key ~/client-configs/keys/

$ scp pki/reqs/client1.req [email protected]_CA_ip:/tmp

$ ssh [email protected]_CA_ip

$ cd EasyRSA-v3.0.7

$ ./easyrsa import-req /tmp/client1.req client1

$ ./easyrsa sign-req client client1

$ scp pki/issued/client1.crt [email protected]_server_ip:/tmp

$ cp /tmp/client1.crt ~/client-configs/keys/

$ sudo cp ~/EasyRSA-v3.0.7/ta.key ~/client-configs/keys/

$ sudo cp /etc/openvpn/ca.crt ~/client-configs/keys/

7.Configuring a Ready VPN Server

$ sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/

$ sudo gzip -d /etc/openvpn/server.conf.gz

$ sudo nano /etc/openvpn/server.conf

In server.conf install next configurations: 

         tls-auth ta.key 0 # This file is secret

         cipher AES-256-CBC (possible AES-128-CBC for bigger capacity if a large load is replicated)

auth SHA256

dh dh.pem

user nobody

group nogroup

8. Configure server network settings:

$ sudo nano /etc/sysctl.conf

in sysctl.conf configurate:



$ sudo sysctl –p

$ ip route | grep default

$ sudo nano /etc/ufw/before.rules

Configure before.rules:







$ sudo nano /etc/default/ufw

Configurate ufw:


Use ufw:Use ufw:

$ sudo ufw allow 1194/udp

 $ sudo ufw allow OpenSSH

 $ sudo ufw disable

 $ sudo ufw enable

9. Starting the VPN server:

$ sudo systemctl start [email protected]


$ sudo systemctl status [email protected]

$ ip addr show tun0


How to setup VPN on Linux?

To install a VPN on a computer or server with Linux (we are talking about a VPN client that allows you to hide the IP address and encrypt traffic), you need to do the following steps:

  1. Choose a VPN service that provides software, manuals and / or configuration for quick VPN setup on your distribution.
  2. Register by selecting the appropriate subscription. There are services with a trial period or with a limited free plan.
  3. Download and install the proposed software or configure the standard OpenVPN client.
  4. Launch the VPN.

VPN technology protects all device traffic, but you can configure traffic protection for only certain system processes if desired.

How to install VPN on Kali Linux?

Use the VPN services that support Debian (e.g. ExpressVPN).

If for some reason the software for Debian did not install on Kali, use the classic OpenVPN client configured with the parameters provided by your service.

To do this, you must first install OpenVPN software, then download and unzip it into configuration files, thereby setting up the client. Reboot the device and connect to the selected location using the OpenVPN menu.

What problems can occur with using a VPN?

  • VPN cannot be configured on a standard VPS server. Recently, virtual servers have been gaining popularity. They are much cheaper than dedicated servers. But on them in the standard assembly, the necessary network options are prohibited.
  • Slowed down traffic. It doesn’t matter if you use client or server software, the maximum speed will decrease by at least 10%. On weak devices and under heavy load, it can fall dozens of times.
  • When you are using console apps, it’s difficult to track connection status. Nothing indicates whether the VPN is currently active or not.

Which Linux distributions are best suited for VPNs?

All Linux distributions are equally suitable for use with a VPN. However, if you use software from VPN services, then it’s the easiest to find apps for Ubuntu, Debian and Fedora.

Ubuntu has full graphics applications.

Read also:

Leave a Reply

Your email address will not be published. Required fields are marked

Cool Tech ZoneCyber Security Labs & News