Install PIA VPN app in Debian 9,10,11 plus Kali Linux and get one step closer to actual online privacy.
Private Internet Access (PIA) is a personal virtual private network (VPN) service. It supports multiple VPN technologies such as PPTP, L2TP/IPsec, SOCKS5, OpenVPN and WireGuard.
Private Internet Access Desktop client was built from scratch using C++ and Qt. It's based on a typical split architecture with an unprivileged GUI and a privileged service/daemon component, with the user interface implemented using Qt Quick.
Its source code is freely available here, released under MIT license.
Images above shows you the installation process from: 1 - Operating system: Debian 9.xx Old-Stable, but it is the same in the new Stable Debian 10 "Buster" release.
Software: PIA's APP for Linux V1.0.2-02363, released February 16,2019.
Changes: The installer is no longer a shell-script, but instead a .run-file, which also means you need to be more vigilante, because they are equal to an .exe file for Windows. However, this particular software you can install without worrying.
A .run file is an executable file typically used for Linux program installers, that contains program data and instructions for making the installation.
First download the latest stable app here.
Latest version: V3.3.1 build 06924 is the latest version.
Since this is a .run-file, there is no need to unpack the file.
Install PIA VPN app in Debian 9,10,11 plus Kali Linux.
Terminal window:
cd downloads
Press Enter,
chmod +x pia-linux-3.3.1-06924-run
Press Enter,
./pia-linux-3.3.1-06924-run
Press Enter and enter your password ( required )
Wait for the installation to complete, then look for the Private Internet Access logo and click it to run the app. You will be met by a popup screen, showing the changelog.

An extra layer of protection:
PIA's app provides Shadowsocks and SOCKS5 as a multi-hop VPN connection.
Changes made to the Linux app:
NOTE: Regarding issues with earlier versions, first problem was the constant disconnections of the VPN, no matter what encryption, UDP/TCP or port, so like many others I removed the app and setup OpenVPN manually with PIA's VPN, downloading their .ovpn files etc: and it worked. Now with this latest version, it just works as it should.
Something that might occur sometimes, no matter which Linux distro you are using is that the "systray icon disappears", to remedy this:
./pia-linux-3.3.1-06924-run
Press Enter, done. It is back again !

If the icon is gone ! Do it all over again !
You can try re-setting the desktop, using the CRTL+ALT+ESC.
Assuming you are using Firefox ESR or Quantum, in the addres field type:
about:config
Press Enter and this message will show up, click I accept the risk !
IMPORTANT SETTINGS FOR FIREFOX:
See here under Tutorials "Install Firefox Quantum".
There are is many settings you need to change, besides these below mentioned to stay anonymous.
Search for: media.peerconnection.enabled and doubleclick on it so it changes from True to False. Then search for network.proxy.socks_remote_dns and set it to True. Close the Tab, Then geo.enabled, set it to false, done !
If your DNS is leaking, when running the online tests from listed sites, have a look at our FAQ.
Next step is to test for DNS Leaks:
If you are using P2P - torrents:
Here are some valuable tips and tools.
One thing you can't hide from is device fingerprinting:
The fingerprinting includes:
-
Browser version ( Yes this you can hide from using a plugin like "User-Agent Switcher" )
-
Fonts installed
-
Operating System ( Yes this you can hide from using a plugin like "User-Agent Switcher" )
-
Plug-ins installed ( Like SDK-addons which may register resource: or about: ) which are detectable by web content.
-
Screen resolution
-
Timezone ( unless your change your OS timezone or install a plugin )
-
Open Ports ( To find out, the server sends requests to standard ports of VPN connections ( like OpenVPN that uses port 1194 ) and proxys like Socks that uses 1080).
-
VPN Fingerprint ( The server sends a request to the client and learns the MTU value. The MTU parameter has standard values when using a proxy, cable Internet connection or VPN. ) You are still anonymous, but now they know if you are using OpenVPN or WireGuard, which protocol TCP/UDP, encryption protocol and SHA1 or SHA-256, referring to the cryptographic hash function.