This website uses cookies for basic analytics using Matomo, hosted within this same server, and not shared nor sold to any third parties.
Accept Cookies
Opt-out of Basic Analytics Tracking

This website uses cookies for usage analytics by Matomo, anonymized without storing IP addresses. This open source software is installed within this same server as this website to limit access to it. Analytics data is used internally to track software performance and quality. None of it will be shared nor sold to any third parties.

Some content on this website may include features embedded from other websites, like popular video platforms. Those embedded features may use the type of cookies and visitor tracking which might warrant concern.

Adding A Server Chastidy


  1. Run the basic initial setup for two new servers: one for OpenVPN; and one as a certificate authority (CA).
    https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-18-04
  2. Then follow the rest of the instructions to setup an OpenVPN Server.
    https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-18-04
    During step 5, you'll want to follow the optional instructions to "Push DNS Changes to Redirect All Traffic Through the VPN".

    At the end of this, you should be able to successfully connect to your own OpenVPN install. When checking your IP address using some online service, it should appear as your OpenVPN server's IP address.
  3. On the server you want to protect, restrict ssh to your OpenVPN server's IP address: 

    $ sudo nano /etc/hosts.allow

    Add these lines (with your OpenVPN server's IP address swapped in)...

    sshd : localhost : allow
    sshd : 000.000.000.000 : allow
    sshd : ALL : deny