We are happy to announce the new eduVPN Linux client. A major change, from a coding perspective, is that the Linux client now primarily based on the eduvpn-common Go library [https://github.com/eduvpn/eduvpn-common]. This library was written from scratch to include all functionalities the eduVPN client should have and is in respect to the previous Python based Linux client much more mature. Known issues in the previous client have been fixed in this library. Are you interested in knowing more? Below we have written in more detail the improvements.
Probably not many users know the Linux client always had a Command Line Interface (CLI) available. This CLI has been improved and has been rewritten to achieve feature parity with the GUI. The CLI also has an interactive mode that should be more user friendly.
For GUI changes, the renewed session button has been added according to the eduVPN specification and the client now ensures proper handling of session expiry. The change location and profile expander buttons are also now visible in the GUI as in the other eduVPN clients. Additionally, the settings page has been redesigned and should provide the user with the necessary details to report issues upstream. Servers can also now be removed by right-clicking on a server entry on the main screen of the app.
To improve the stability of the client, proper timeouts are now used, giving better feedback when the user has a troublesome internet connection. An important security feature is the support for prehashed signatures thanks to the official minisign Go library used in the eduvpn-common codebase. The eduvpn-common codebase also ensures that servers do not send unnecessary amounts of data back to the client by limiting the amount of data that is read.
An important aspect that eduvpn-common implements is OAuth. This OAuth implementation is built in-house and includes improvements for new OAuth standards such as the ISS parameter. Additionally, this fixes an issue where the old OAuth dependency was causing issues on older Linux distributions (which provide an older version of this dependency).
Other new features and improvements include the implementation of the WireGuard to OpenVPN failover and a keyring implementation using Dbus (org.freedesktop.secrets) to securely store OAuth tokens from the servers. The client now also supports dark theme, which can be set using the GTK_THEME environment variable.
The WireGuard to OpenVPN failover is useful so that servers can move to WireGuard without worrying about UDP being blocked on the user’s network. The client now checks whether the VPN can reach the internet, if it can’t after a certain time period it will automatically fallback to OpenVPN if the server supports it. This improvement will also follow with other clients that implement eduvpn-common in the future. This feature will also follow for OpenVPN which cannot currently detect MTU issues when using UDP.
In summary, the Linux version of the eduVPN client has undergone several significant updates and improvements, most notable the use of eduvpn-common. Instructions on how to install the Linux client can be found here: https://python-eduvpn-client.readthedocs.io/en/latest/installation.html
Add Comment