Fed up using a public VPN and thinking of setting up your VPN server or even service? This guide will tell you how to prevent connection logs that come with time stamps from logging to the system through modern VPN protocols.
OpenVPN:
To prevent OpenVPN from logging onto the system, you must add these three lines of text to your server conf file.
verb 0
log /dev/null
status /dev/null
This will prevent OpenVPN from posting logs to the system log daemon. You will have to restart your OpenVPN service for this to take effect.
strongSwan:
strongSwan is an open source IPsec-based VPN solution for setting up a fast and secure IKEv2 (Internet Key Exchange v2) IPsec tunnel. To prevent strongSwan from posting logs to the system log daemon, simply edit the config file strongswan.conf usually located under /etc/strongswan/ and add the following lines to the bottom of this file.
charon {
syslog {
daemon {
default = -1
}
}
}
We also recommend adding the below block if using systemd to prevent logging to the journal:
charon-systemd : charon {
journal {
default = -1
}
}
Then simply restart strongswan for these changes to take effect.
Wireguard
By default, wireguard does not normally log any sensitive connection information to the system log daemon or the journal.