How To Set Up and Use Surfshark on Raspberry Pi (Updated 2021)

The Raspberry Pi Foundation is in charge of making the Raspberry Pi. It is a series of single-board computers that you can use for all sorts of projects. It has all its components on a single circuit board, including the CPU, GPU, USB ports, RAM, and other necessary components. Using a VPN on the Raspberry Pi protects you from bad actors whenever you connect to the internet. This article dwells on how you can set up and use Surfshark, a premium VPN service, on Raspberry Pi. 

Setting Up Surfshark on Raspberry Pi

There is no simple method to set up and use Surfshark on Rasberry Pi. Surfshark does not have a native application for the Raspberry Pi OS. However, you can use Surfshark’s application if you install an operating system it supports. Below, we look at two ways you can set up and use Surfshark on Raspberry Pi OS. 

1. Setting it up manually with OpenVPN.

2. Setting it up through a router. 

Get 81% off now

Setting Up a Connection Manually With OpenVPN

To set up a connection manually, you need to be familiar with the Linux CLI. Let’s look at the configuration process below. 

1. First, you need a Surfshark subscription plan if you don’t have one. Go to Surfshark’s website and buy a subscription plan. 

2. You also need to get your service credentials to log in to Surfshark from your Raspberry Pi. These credentials are different from your account credentials. Login to your Surfshark account, go to the setup section, find your service credentials under the “Credentials” tab, and note them. 

3. Next, open a Terminal window and enter the commands below to ensure everything is up to date. Note that you need admin privileges to enter these commands.

sudo apt-get update

sudo apt-get upgrade

3. Now, you need to install the necessary packages needed to use OpenVPN to connect to a Surfshark server. Enter the command below to install OpenVPN and unzip. 

sudo apt-get install openvpn unzip

4. Then, you need to go to the OpenVPN directory on the Terminal window. Enter the command below to change to the directory.

cd /etc/openvpn

5. You can now download Surfshark’s OpenVPN configuration files into that directory. Enter the command below to download it. 

sudo wget https://my.surfshark.com/vpn/api/v1/server/configurations

6. The next thing you need to do is to unzip the OpenVPN configuration files you just downloaded on your Raspberry Pi. Enter the command below to extract the files. 

sudo unzip configurations

7. Since you don’t need the zip file again, you can remove it. Enter the command below to do that. 

sudo rm configurations

8. Next, enter the command below to see all the files you just extracted. These files are OpenVPN configuration files of the servers you can use. So you need to identify the server you want to use and note the name of the file. 

For example, the file name will look like the one below. Note that you can use either UDP or TCP, so look out for that in the name of the files. 

us-dal.prod.surfshark.com_udp.ovpn

9. To connect to a server you intend to use, enter the command below (replace [Filename] with the name of the file)

sudo openvpn [Filename]

For example, sudo openvpn us-dal.prod.surfshark.com_udp.ovpn will open a connection to a Surfshark server in Dallas, US using UDP. 

10. You will need to enter your Surfshark service credentials (check step 2 above) for the connection to be successful. 

11. You should see an “Initialization Sequence Completed” message once the connection to the server is successful. Note that once you close the terminal window, your connection closes too. 

Setting Up Surfshark to Start at Boot on Raspberry Pi

Configuring your Raspberry Pi to connect to Surfshark as soon as it boots up saves you the stress of having to open a terminal window each time you want to connect to a server. Let’s look at the configuration process below. 

1. First, you need to create a file to store your Surfshark service credentials. Enter the command below to use nano (a text editor) to create and edit the file.

sudo nano /etc/openvpn/auth.txt

2. Enter your Surfshark service password on the first line and the username on the second line. Use CTRL + X, then Y, and Enter to save the file. 

3. Next, you need to copy the contents of the OpenVPN configuration file of the server you intend to use and name the copy with a different extension. For example, we will use Surfshark’s Dallas server below. 

sudo cp /etc/openvpn/us-dal.prod.surfshark.com_udp.ovpn /etc/openvpn/us-dal.conf

4. Then, you need to modify the contents of the .conf file to use the authentication file you created in step 1 above. Enter the command below to change it, look for the “auth-user-pass” line, and replace it with the auth file (auth.txt) in step 1 above. Then, use CTRL + X, then Y, and Enter to save the file.

sudo nano /etc/openvpn/us-dal.conf

5. Next, you need to change the OpenVPN default to connect to Surfshark. Enter the command below to edit the file. 

sudo nano /etc/default/openvpn 

6. Look for the line below.

#AUTOSTART=”all”

7. Replace it with the line below and save the file using CTRL + X, then Y and Enter. Note that if your file name is different, it will end with a different parameter.

AUTOSTART=”us-dal”

8. Next, you need to enable the OpenVPN service so that the system will start OpenVPN at boot. Enter the command below.

sudo systemctl enable openvpn

9. Finally, reboot your Raspberry Pi using the command below. 

sudo reboot 

Note that we used Surfshark’s Dallas server in the configuration above. If you use a different server, the parameters will change. 

Setting Up a Connection Through a Router

Another alternative to set up and use Surfshark on Raspberry Pi would be to connect to a VPN router. Surfshark has made provision for a pre-configured router that comes with Surfshark installed on it. You can purchase one here.  However, if you cannot afford a pre-configured router, you can use an existing VPN-compatible router or buy a cheaper one and configure it. Let’s look at the steps below to configure a DD-WRT router. 

1. You need to get your service credentials to log in to Surfshark from your router. Login to your Surfshark account, go to the setup section, find your service credentials under the “Credentials” tab, and note them.

2. Next, switch to the “Locations” tab beside the “Credentials” tab to copy the hostname of the server you intend to use.

3. Next, you need access to the configuration panel of your router. You can do this by inputting the IP address of the router on a web browser. If you don’t know the IP address, you can check your router’s user manual. The default for most routers is usually 192.168.1.1 or 192.168.0.1.

4. Then, you need to log in to the configuration panel using your administrative credentials. Normally, the default for most routers is “admin” as username and password. 

5. Next, you need to use Surfshark’s DNS servers to avoid DNS leaks. Go to your configuration panel, and click on the “Setup” tab. Then move down to the “Network Address Server Settings (DHCP)” section and enter the information below in their respective fields. 

Static DNS 1 = 162.252.172.57

Static DNS 2 = 149.254.259.92

Static DNS 3 = 0.0.0.0 (leave as it is)

Use DNSMasq for DHCP = Check this box

Use DNSMasq for DNS =  Check this box

DHCP-Authoritative = Check this box

Then, click the “Save” and “Apply Settings” tabs.

6. Next, select the “Services” tab at the top. Below it, select the “VPN” tab. Under the “OpenVPN Client” section, select “Enable.”

7. Below the expanded “OpenVPN Client” section, enter the information below. 

Server IP/Name: Input the server hostname you selected in step 3 above;

Port: 1194;

Tunnel Device: TUN;

Tunnel Protocol: UDP (or TCP);

Encryption Cipher: None;

Hash Algorithm: SHA-512;

User Pass Authentication: Enable;

Username: Input your Surfshark service username (check step 1 above);

Password: Input your Surfshark service password (check step 1 above);

Advanced Options: Enable;

TLS Cipher: None;

LZO Compression: Disabled;

NAT: Enable

Don’t change any other fields. In addition, if the Username and Password field is missing from the above settings, move on to the next step. Otherwise, jump to step 9. 

8. Navigate to the “Administration” tab and input the commands below in the “Commands” section. 

echo “USERNAME PASSWORD” > /tmp/openvpncl/user.conf/usr/bin/killall openvpn/usr/sbin/openvpn –config /tmp/openvpncl/openvpn.conf –route-up /tmp/openvpncl/route-up.sh –down-pre /tmp/openvpncl/route-down.sh –daemon

Note that you have to replace USERNAME and PASSWORD above with your Surfshark service username and password, respectively. Then, click “Save Startup” and go back to the VPN tab. Add the line below to the “Additional Config” field.

auth-user-pass /tmp/openvpncl/user.conf

9. Enter the commands below in the “Additional Config” field. 

remote-cert-tls server

remote-random

nobind

tun-mtu 1500

tun-mtu-extra 32

mssfix 1450

persist-key

persist-tun

ping-timer-rem

reneg-sec 0

cipher AES-256-GCM

auth SHA512

log /tmp/vpn.log

10. Next, copy and paste the certificate below in the “CA Cert” field. 

—–BEGIN CERTIFICATE—–

MIIFTTCCAzWgAwIBAgIJAMs9S3fqwv+mMA0GCSqGSIb3DQEBCwUAMD0xCzAJBgNV

BAYTAlZHMRIwEAYDVQQKDAlTdXJmc2hhcmsxGjAYBgNVBAMMEVN1cmZzaGFyayBS

b290IENBMB4XDTE4MDMxNDA4NTkyM1oXDTI4MDMxMTA4NTkyM1owPTELMAkGA1UE

BhMCVkcxEjAQBgNVBAoMCVN1cmZzaGFyazEaMBgGA1UEAwwRU3VyZnNoYXJrIFJv

b3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDEGMNj0aisM63o

SkmVJyZPaYX7aPsZtzsxo6m6p5Wta3MGASoryRsBuRaH6VVa0fwbI1nw5ubyxkua

Na4v3zHVwuSq6F1p8S811+1YP1av+jqDcMyojH0ujZSHIcb/i5LtaHNXBQ3qN48C

c7sqBnTIIFpmb5HthQ/4pW+a82b1guM5dZHsh7q+LKQDIGmvtMtO1+NEnmj81BAp

FayiaD1ggvwDI4x7o/Y3ksfWSCHnqXGyqzSFLh8QuQrTmWUm84YHGFxoI1/8AKdI

yVoB6BjcaMKtKs/pbctk6vkzmYf0XmGovDKPQF6MwUekchLjB5gSBNnptSQ9kNgn

TLqi0OpSwI6ixX52Ksva6UM8P01ZIhWZ6ua/T/tArgODy5JZMW+pQ1A6L0b7egIe

ghpwKnPRG+5CzgO0J5UE6gv000mqbmC3CbiS8xi2xuNgruAyY2hUOoV9/BuBev8t

tE5ZCsJH3YlG6NtbZ9hPc61GiBSx8NJnX5QHyCnfic/X87eST/amZsZCAOJ5v4EP

SaKrItt+HrEFWZQIq4fJmHJNNbYvWzCE08AL+5/6Z+lxb/Bm3dapx2zdit3x2e+m

iGHekuiE8lQWD0rXD4+T+nDRi3X+kyt8Ex/8qRiUfrisrSHFzVMRungIMGdO9O/z

CINFrb7wahm4PqU2f12Z9TRCOTXciQIDAQABo1AwTjAdBgNVHQ4EFgQUYRpbQwyD

ahLMN3F2ony3+UqOYOgwHwYDVR0jBBgwFoAUYRpbQwyDahLMN3F2ony3+UqOYOgw

DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAn9zV7F/XVnFNZhHFrt0Z

S1Yqz+qM9CojLmiyblMFh0p7t+Hh+VKVgMwrz0LwDH4UsOosXA28eJPmech6/bjf

ymkoXISy/NUSTFpUChGO9RabGGxJsT4dugOw9MPaIVZffny4qYOc/rXDXDSfF2b+

303lLPI43y9qoe0oyZ1vtk/UKG75FkWfFUogGNbpOkuz+et5Y0aIEiyg0yh6/l5Q

5h8+yom0HZnREHhqieGbkaGKLkyu7zQ4D4tRK/mBhd8nv+09GtPEG+D5LPbabFVx

KjBMP4Vp24WuSUOqcGSsURHevawPVBfgmsxf1UCjelaIwngdh6WfNCRXa5QQPQTK

ubQvkvXONCDdhmdXQccnRX1nJWhPYi0onffvjsWUfztRypsKzX4dvM9k7xnIcGSG

EnCC4RCgt1UiZIj7frcCMssbA6vJ9naM0s7JF7N3VKeHJtqe1OCRHMYnWUZt9vrq

X6IoIHlZCoLlv39wFW9QNxelcAOCVbD+19MZ0ZXt7LitjIqe7yF5WxDQN4xru087

FzQ4Hfj7eH1SNLLyKZkA1eecjmRoi/OoqAt7afSnwtQLtMUc2bQDg6rHt5C0e4dC

LqP/9PGZTSJiwmtRHJ/N5qYWIh9ju83APvLm/AGBTR2pXmj9G3KdVOkpIC7L35dI

623cSEC3Q3UZutsEm/UplsM=

—–END CERTIFICATE—–

11. Next, copy and paste the Static key below to the “TLS Auth Key” field. 

—–BEGIN OpenVPN Static key V1—–

b02cb1d7c6fee5d4f89b8de72b51a8d0

c7b282631d6fc19be1df6ebae9e2779e

6d9f097058a31c97f57f0c35526a44ae

09a01d1284b50b954d9246725a1ead1f

f224a102ed9ab3da0152a15525643b2e

ee226c37041dc55539d475183b889a10

e18bb94f079a4a49888da566b9978346

0ece01daaf93548beea6c827d9674897

e7279ff1a19cb092659e8c1860fbad0d

b4ad0ad5732f1af4655dbd66214e552f

04ed8fd0104e1d4bf99c249ac229ce16

9d9ba22068c6c0ab742424760911d463

6aafb4b85f0c952a9ce4275bc821391a

a65fcd0d2394f006e3fba0fd34c4bc4a

b260f4b45dec3285875589c97d3087c9

134d3a3aa2f904512e85aa2dc2202498

—–END OpenVPN Static key V1—–

12. Now, click the “Save” button, then the “Apply Settings” button.

13. To verify the router is connected to a Surshark server, head over to the “Status” section and click on the “OpenVPN” tab. Under the “State” section, you should see a “CONNECTED SUCCESS” message. 

14. Now, all you need to do on your Raspberry Pi is to connect to the router’s network and Surfshark protects you online. 

Get 81% off now

Advantages of Using Surfshark on Raspberry Pi

Below, we look at the advantages of using Surfshark on Raspberry Pi.

1. Online Protection

Surfshark protects you online from all sorts of spying entities. It is essential you use this VPN to protect yourself, except you don’t intend to use your Raspberry Pi to access the internet. Its military-grade encryption, together with other security features, ensure a tight security perimeter. 

2. Bypass Censorship and Geo-Restriction

With all sorts of restrictions on the internet, especially in areas of ongoing internet censorship, you need Surfshark to give you unregulated access. In addition, Surfshark does an excellent job of unblocking websites that use geo-restriction technology to keep you away. 

Conclusion

As long as you connect the Raspberry Pi to the internet, you are at risk of being a target to malicious entities. While Surfshark does not have a custom application for the Raspberry Pi, its support for the OpenVPN protocol allows for manual configurations. We hope this article helps you set up Surfshark on your Raspberry Pi.