NordVPN Review - A CLI VPN for Debian 11 or LMDE5

A review and how to Install NordVPN CLI for Linux

Language English

NordVPN Review - A CLI VPN for Debian 11 or LMDE5 2022.

NordVPN is developed by Nord Security, a company that creates cybersecurity software and was initially supported by the Lithuanian startup accelerator and business incubator Tesonet.

NordVPN operates under the jurisdiction of Panama, as the country has no mandatory data retention laws and does not participate in the Five Eyes or Fourteen Eyes intelligence sharing alliances, it is an excellent choice.

NordVPN has offices located in 19 different countries and has a strong user base of 14 million.

So it it is a good choice for both privacy and speed.

This page contains affiliate links to products we recommend.
We may receive a commission for purchases made through these links!

NordVPN stands out from the rest:

NordVPN stands out from the other VPN providers, because they offer the most advanced features and for Linux users, there is no GUI - graphical user interface available.

It is a g33ky as it gets....

Now you might think that you don't need these advanced features, but you really do. In countries where content from other countries is often blocked, users can hugely benefit from using NordVPN.

By far their most attractive VPN feature besides their strong encryption protocols are the "obfuscated servers", that bypass firewalls by re-routing your VPN traffic, making it look as you are not using a VPN.

Its a well known fact that your ISP can see that you are connecting to a VPN service and what encryption you use.

People are seen as products or people of interest online:

You as a citizen are either considered a product for sale by ( BIG TECH ) or a person of interest for government federal agencys all over the world. Learn to protect yourself and how to become anonymous online.

Interesting facts about NordVPN:

NordVPN was the first VPN provider to launch a public bug bounty program on HackerOne.

In 2019, NordVPN became one of the founding members of the VPN Trust Initiative (VTI). VTI aims to establish an industry-wide quality standard for all VPN services and educate the public about VPNs' security benefits.

In 2020, Troy Hunt, a web security legend and the creator of haveibeenpwned.com joined the Nord Security advisory board of independent experts.

In 2021, on the International VPN day (August 19th), NordVPN has launched the National Privacy Test which is meant to educate internet users on possible online threats and raise cybersecurity awareness.

NordVPN features:

NordVPN gives safe access to streams like Netflix and other content providers from around the world.
One NordVPN account can secure up to 6 devices.
By shielding the IP addresses, NordVPN protects users’ privacy and virtual location.
No logs.
No IPv6 leaks.
They secure online traffic through encryption, making it hard to spy on or hijack data.
Available on all major operating systems, including smart TVs and routers.
Dark Web monitor scans the dark web for credentials associated with the user’s email address.
NordVPN offers MFA for account protection, it’s also possible to access NordAccount with Google credentials.
24/7 customer support.
It is the fastest VPN available according to: AV-TEST 2020

NordVPN servers:

NordVPN offers 6000+ servers in 59 countries.
Servers in RAM. As of September 2020 the entire NordVPN server structure is running on diskless RAM servers which means that no data is stored locally.
Server locations include. The United States, Germany, Japan, The United Kingdom and others. The user is able to select a server from a number of specific cities in the US, France, Germany, India, France and Canada.
Colocated servers. Regarding server infrastructure, NordVPN has also started to build a network of colocated servers owned exclusively by NordVPN where only NordVPN staff can access them.

NordVPN also offers a number of specialty servers:

Double VPN servers encrypt and send user traffic through two servers, adding an extra layer of security. This is recommended for political activists, and journalists working in hot spots.
Onion Over VPN works as a standard server, however, traffic is also then routed through the Onion network as well, again, adding an extra
layer of security.
Obfuscated servers “hide” the fact that a person is using a VPN, which can otherwise be identified. These servers work even in countries where VPNs are heavily restricted and allow to bypass such restrictions as firewalls.
P2P (Peer-to-Peer) servers are optimized for fast and secure file sharing.

Dedicated IPs:

Dedicated IPs are not servers per se, but rather individual IPs that do what regular servers do:

Encrypt traffic and hide user’s real identity.

Dedicated IPs are usually not available to all clients of a VPN provider, but rather one person or a small group of people that buy them.

Fastest VPN on the market:

Now besides being the fastest VPN on the market "2020", they also offer the "NordLynx Protocol" to protect your ass, directly in their VPN apps using a Double NAT system. This ensures no identifiable user data (IP addresses) are ever stored on a VPN server.

You probably didn't know this, since it is rarely spoken off, but WireGuard has some inherent problems, that can undermine a users privacy if not adequately addressed.

Before using the WireGuard VPN protocol, be sure to examine exactly "how" your VPN provider ensures user privacy with their WireGuard implementation.

If you can't get a straight answer switch to the OpenVPN protocol.

WireGuard is about 58% faster than OpenVPN on average, but "security and anonymity comes first if you are smart".

WireGuard is faster than OpenVPN:

While WireGuard is faster than OpenVPN, it stores the users IP address on the VPN server indefinitely. WireGuard was not built for anonymity and privacy, but rather for security and speed.

By default, WireGuard saves connected IP addresses on the server. These user IP addresses are saved indefinitely on the server, or until the server is rebooted. This makes the out-of-the-box version of WireGuard incompatible with no-logs VPN services.

The NordLynx protocol is an encryption system that "can" protect your privacy while you're using a VPN. It's a process that encrypts your user data while it's traveling to and from the VPN server, so no one can intercept and view it while it's in transit.

Features of the NordLynx protocol:

This VPN protocol is great for gaming online, because you don't have to worry about buffering and lag.
NordLynx is supported on multiple operating systems, including Windows, macOS, Android, iOS, and Linux.
One NordVPN account, covers up to six devices.
Its encryption is extremely strong, thanks to WireGuard’s security.

Other supported protocols:

OpenVPN "Secure, not the fastest, but it has its perks. "Open source, versatility, security and bypasses most firewalls."
IPSec/IKEv2 "Developed by Microsoft and Cisco to be fast, stable, and secure."
SSTP - Secure Socket Tunneling Protocol (SSTP) is a fairly secure and capable VPN protocol created by Microsoft.

Where is NordVPN located?

NordVPN is headquartered in the Republic of Panama, which is a country with no data retention laws, and far away from the prying eyes of the Fourteen eyes surveillance surveillance member countries.

That means, no government or third-party agency has the authority to knock on NordVPN’s office and request users’ logs.

The 14 eyes alliance includes: Australia, Canada, New Zealand, United Kingdom, United States, Denmark, Netherlands, France, Norway, Germany, Belgium, Spain, Sweden and Italy. But let us not forget their mistressess: Israel, Japan, South Korea, Singapore and British Overseas territories (e.g. British virgin islands).

NordVPN No Logs:

“We do not store connection time stamps, used bandwidth, traffic logs, IP addresses, or browsing data.”

NordVPN needs to keep track of certain parameters of the VPN server, including CPU, RAM and network usage. The username and timestamp (the time you connect to the server) are also collected to limit the total amount of concurrent users. NordVPN deletes this information 15 minutes after the session is over.

No-Logs Policy Audit:

NordVPN is one of few VPN providers to have performed an independent audit on their no-logs policy for two consecutive years.

Nord VPN's report here for 2020.

Get your NordVPN subscription today !

This page contains affiliate links to products we recommend.
We may receive a commission for purchases made through these links!

How to install NordVPN in Debian 11 or LMDE5:

First download the .deb-file here.

Open a terminal window:

cd Downloads

Press Enter,

sudo dpkg -i nordvpn-release_1.0.0_all.deb

Press Enter, this will not install the software itself, only add its repository to your sources.list.d/*.

Now update your system:

sudo apt-get update

Press Enter,

Now it's time to install the CLI-based software:

sudo apt-get install nordvpn

Press Enter. Done.

You will use a terminal window to change your setup, which country to connect to and more.

How to use NordVPN CLI ( user commands ):

Note: In case of "Permission denied" accessing /run/nordvpn/nordvpnd.sock, all you need to do is write the following command:

In a terminal window, type the following:

sudo usermod -aG nordvpn $USER

Press Enter,

Then reboot your device.

How to login to NordVPN:

nordvpn login

Press Enter.

A link will appear in your terminal window.( Continue in the browser: https:// etc.etc ) Copy this link and paste it into your web browser of choice. You will login via a web interface.

An email for verification will be sent to the email you enter, check your mail and verify, once it is done, you will see this message.

Now lets check your account:

nordvpn account

Press Enter.

Activate threatprotectionlite:

nordvpn set threatprotectionlite on

Press Enter.

Enable notifications:

nordvpn set notify on

Press Enter.

Now lets check the default settings:

nordvpn settings

Press Enter.

Technology: NORDLYNX
Firewall: enabled
Kill Switch: disabled
Threat Protection Lite: enabled
Notify: disabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled

Note: NordLynx uses WireGuard and you should activate the Kill Switch.

How to check which countries are available:

nordvpn countries

Press Enter.

How to check available groups:

nordvpn groups

Press Enter.

Now lets find a server to connect to:

Yes, you need to visit their website: Server recommended by NordVPN

After you select a server that fits your needs, type for example Albania:

nordvpn connect al23

Press Enter. Done you are connected.

To disconnect the VPN:

nordvpn disconnect

Press Enter. Done.

Here is the list of available commands:

nordvpn login - Log in.
nordvpn connect or nordvpn c - Connect to VPN. To connect to specific servers, use nordvpn connect <country_code server_number> (eg. nordvpn connect uk715)
nordvpn disconnect or nordvpn d - Disconnect from VPN.
nordvpn c double_vpn - Connect to the closest Double VPN server.
nordvpn connect --group double_vpn <country_code> - Connect to a specific country using DoubleVPN servers.

nordvpn connect P2P - connect to a P2P server.
nordvpn connect The_Americas - connect to servers located in the Americas.
nordvpn connect Dedicated_IP - connect to a Dedicated IP server.

nordvpn set or nordvpn s - Set a configuration option.

Possible options:
nordvpn set threatprotectionlite on or off - Enable or disable Threat Protection Lite
nordvpn set killswitch on or off - Enable or disable Kill Switch
nordvpn set autoconnect on or off - Enable or disable auto-connect. You can set a specific server for automatic connection using nordvpn set autoconnect on country_code+server_number. Example: nordvpn set autoconnect on us2435.

nordvpn set notify on or off - Enable or disable notifications
nordvpn set dns 1.1.1.1 1.0.0.1 - Set custom DNS (you can set up a single DNS or two like shown in this command).

Want to change from default NordLynx / WireGuard to OpenVPN:

nordvpn set technology OpenVPN
nordvpn set protocol udp or tcp - Switch between UDP and TCP protocols

Want to change back to NordLynx / WireGuard:

nordvpn set technology NordLynx

nordvpn set obfuscate on or off - Enable or disable Obfuscated Servers.
nordvpn set technology - Set connection technology (OpenVPN or NordLynx)

nordvpn whitelist add port 22 - Add a rule to whitelist a specified incoming port. You can also whitelist multiple ports — just separate their numbers with a space.
nordvpn whitelist remove port 22 - Remove the rule to whitelist a specified port.
nordvpn whitelist add subnet 192.168.0.0/16 - Add a rule to whitelist a specified subnet.
nordvpn whitelist remove subnet 192.168.0.0/16 - Remove the rule to whitelist a specified subnet.

nordvpn account - See account information
nordvpn register - Register a new user account
nordvpn rate - Rate your last connection quality (1-5)
nordvpn settings - See the current settings.
nordvpn status - See the connection status.
nordvpn countries - See the country list.
nordvpn cities- See the city list. E.g.: nordvpn cities united_states
nordvpn groups - See a list of available server groups.
nordvpn logout - Log out.
nordvpn help or nordvpn h - See the list of available commands or help for a specific command.

Hope this helps.

"Warrant Canary".

Basically it says:

NordVPN is based in Panama, "where data retention is not required and gag orders are not legally possible", but that it “will only comply with requests from foreign governments and law enforcement agencies if these requests are delivered according to laws and regulations.” It adds that it will “never log their activity unless ordered by a court in an appropriate, legal way.”

How to uninstall NordVPN ( If needed ):

sudo apt-get remove nordvpn

Press Enter, done.

To see a list of all repositories as "root":

To view all lists in a terminal window:

cd /etc/apt/sources.list.d/

Press Enter.

You will see ( nordvpn.list )

To open all lists in xed window tabs:

xed /etc/apt/sources.list.d/*.list

Press Enter.

To make sure your system is clean after an uninstall, I recommend that you use Synaptic and search for NordVPN, then mark all remaining files you find for removal and apply the action.

Tags:

NordVPN Review 2022