Friday, December 9, 2011

Openvpn With Hide My Ass

A VPN encrypts your internet traffic and lets you establish a secure connection over the non-secure Internet. This is especially useful when connected to insecure networks such as public WiFi hotspots. Once connected to a VPN server your online identity will be masked behind one of the anonymous IP addresses provided by the VPN service provider, which is a handy tool to virtually reside in another country . Also censorship and internet restrictions imposed by your internet service provider or government are bypassed. After examining some VPN providers, I went with Hide My Ass . HMA provides multiple protocols to use including OpenVPN ,PPTP and L2TP .
See this list of protocols : .

Choose openvpn rather than pptp. Openvpn with TCP connects over port 443 and traffic is indistinguishable from normal HTTPS traffic, making it very difficult to block.

In order to get your connection working do the following : ( as root ) :

apt-get install openvpn curl

After going to I choose an one month subscription, created an account and paid.
All VPN plans include a 30 day money back guarantee making your purchase risk free.
After login on their website, you can download their software : .

Move into a folder HMA inside your home directory :
mkdir ~/HMA
mv ~/HMA
cd ~/HMA
  inflating: keys/ca.crt            
  inflating: keys/hmauser.crt       
  inflating: keys/hmauser.key       
  inflating: client.cfg             
  inflating: hma-start              
  inflating: README.txt

Make hma-start executable :
chmod +x hma-start
If you don't use sudo change line 10 in hma-start which reads sudo openvpn client.cfg into su -c "openvpn client.cfg" .
Inside the folder HMA :
./hma-start -l   will give you a list of the available servers.
./hma-start "Country, Name" This command will connect you to the selected server.
e.g. UK, London (LOC1 S1) :
 ./hma-start "UK, London (LOC1 S1)" :
Password : ( enter root's password. )
Thu Dec  8 22:57:22 2011 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 22 2010
Enter Auth Username:
  ( enter HMA username )
Enter Auth Password:   ( enter HMA password )
Thu Dec  8 23:00:51 2011 Initialization Sequence Completed

Now you're connected ! Check your ip before and after connecting by just entering the searchterm ip in .
Stop the connection not by closing the terminal, but with Ctrl+C.
More options see : .

If you like to use a GUI :
apt-get install network-manager-gnome network-manager-openvpn-gnome network-manager-pptp-gnome
Setting up network-manager (0.8.1-6+squeeze1) ...
Reloading system message bus config...done.
Disabling interfaces configured with plain DHCP in /etc/network/interfaces so that NetworkManager can take them over
Auto interfaces found: lo eth0
iface to disable = eth0
Disabling interface: eth0 ... done.
Starting network connection manager: NetworkManager.
Setting up network-manager-gnome (0.8.1-2) ...
Reloading system message bus config...done.
Setting up network-manager-openvpn (0.8.1-1) ...
Reloading system message bus config...done.
Setting up network-manager-openvpn-gnome (0.8.1-1) ...
Setting up network-manager-pptp (0.8.1-1) ...
Reloading system message bus config...done.
Setting up network-manager-pptp-gnome (0.8.1-1) ...

Now reboot !
After login you will have the network-manager applet in your gnome-panel .
We will need the HMA server's .ovpn files :
Go to : and download ( at the bottom ) .
Move to your folder HMA inside your home directory and unzip it.
Now click the applet and choose VPN Connections > Configure VPN...
Choose the VPN tab and then Import. Navigate to the HMA folder and choose one of the .ovpn files. ( e.g. Germany.Dusseldorf.ovpn )

Enter your User name and Password and click Apply.
Click the network-manager applet and choose VPN Connections > Germany. Dusseldorf.
A window will pop up :

Enter your HMA password and choose Save password in keyring....
Now you're connected !
Switching servers is very easy and fast and the connection is very stable. Speed was a bit slower than with my own ISP ( UPC, Amsterdam ), depending on the distance of the server.

My own ISP :


Netherlands. Rotterdam