Leaderboard

@88incher Hello and thank you! Yes, we recommend a prompt update of OpenSSH, of course. If you need OpenVPN over SSH to our servers, we assure you that updates are performed frequently so the update will be applied soon, when it is available in the official repository. Remember that the update must be applied even client side. Anyway, remember that the OpenVPN client, at a first analysis, can't be fooled by this method: if you have connected via SSH, by running a vulnerable SSH client and library, to some entity in the middle which pretends to be us by exploiting the vulnerability, that entity will fail to mimic an OpenVPN connection to one of our servers, because it lacks the proper certificates and keys. On the client side you will be able to establish an SSH connection to the attacker machine (provided that you run a vulnerable ssh), but then OpenVPN will fail to connect. Kind regards

For anybody wanting to utilize AirVPN via a Docker VPN client container, Gluetun has now added AirVPN support for both OpenVPN and WireGuard connections. The container itself is very lightweight and fast. https://github.com/qdm12/gluetun Here's an example of a Portainer Stack using Gluetun as the path to the Internet for a Firefox container: version: '3.7' services: gluetun: image: qmcgaw/gluetun:latest container_name: gluetun cap_add: - NET_ADMIN ports: - 8100:8000 # Remote Control VPN - 3000:3000 # Firefox environment: - VPN_SERVICE_PROVIDER=airvpn - VPN_TYPE=openvpn - SERVER_COUNTRIES=Canada - OPENVPN_CIPHERS=AES-256-GCM - PUID=1000 - PGID=1000 - TZ=America/Denver volumes: - /data/openvpn:/gluetun # /data/openvpn contains client.crt and client.key firefox: image: lscr.io/linuxserver/firefox:latest container_name: firefox environment: - PUID=1000 - PGID=1000 - TZ=America/Denver volumes: - /data/firefox:/config shm_size: '1gb' network_mode: 'service:gluetun' depends_on: - gluetun You'll need to add client.crt and client.key files to the directory you have mapped to /config for OpenVPN. For WireGuard, change the VPN_TYPE= to wireguard, and add WIREGUARD_PRIVATE_KEY=, WIREGUARD_PRESHARED_KEY=, and WIREGUARD_ADDRESSES= environment variables to your stack. In both cases, you can get the data you need from the Config Generator in the AirVPN Client Area. The Gluetun container can also be configured to provide an HTTP or Shadowsocks proxy to your entire network. AirVPN rocks, and the ability to connect to it through a Docker VPN Client container makes it that much better!