Private Internet Access VPN

PIA is a subscription based service provided from the PIA. From the PIA's How It Works page:

PRIVATE INTERNET ACCESS provides state of the art, multi-layered security with advanced privacy protection using VPN tunneling.

Requirements

PIA supports nearly any operating system and solution any user would need. This guide automatically sets up the configurations for PIA which works for most Arch Linux users.

Note: Arch Linux users may setup PIA manually by reading information on PIA Client Support page.

Installation

Install the private-internet-access-vpnAUR package.

The package downloads the OPENVPN CONFIGURATION FILES (DEFAULT) and stores them in /etc/openvpn. However, it updates the file names to better support using them on the command line.

Configuration for the package is stored in /etc/private-internet-access

Usage

Note: As of version 2.0, the command pia is provided by python-pia.
Note: As of version 1.5, the command as changed from pia-auto-login.py to pia. Also, command line options have changed.

Enabling auto-login

Enabling auto-login allows a user to connect to the VPN service without having type any passwords on the command line (needed when using networkmanager). To set this up, you must do the following:

  • Create /etc/private-internet-access/login.conf
  • Add your username and password in the file. Make sure LINE 1 is your username and LINE 2 is your password. Do not add any other text to the file or it will not work (this is a limitation of OpenVPN):
/etc/private-internet-access/login.conf
USERNAME
PASSWORD
  • Change permissions of the file to 0600 and owner to root:root:
# chmod 0600 /etc/private-internet-access/login.conf
# chown root:root /etc/private-internet-access/login.conf
This secures the access to the file from non-root users. Read more on File permissions and attributes. It is required when activating auto-login.

Manually Connecting to VPN

Run openvpn --config /etc/openvpn/{config_file_name} as root. {config_file_name} will be listed in the /etc/openvpn directory.

Automatically connect to VPN

  1. enable the connman-vpn.service.
  2. Run pia -a as root.
Note: These are unsupported configurations.

See also