1. Why do you need Webmin?

Here are some of the main features and capabilities of Webmin:

• User and group management: create, delete and edit users and groups, and manage user rights.

• Managing services and demons: start, stop, reboot, and automatically start services at system startup.

• Package Management: installing, upgrading and uninstalling packages using various package managers.

• Network Management: configuration of network interfaces, DNS, DHCP, etc.

• System Management: managing cron jobs, creating configuration backups, viewing system logs, etc.

• Safety Management: Firewall configuration, SSL certificate management, Webmin access management, etc.

• Server Management: support for many popular servers such as Apache, Nginx, MySQL, PostgreSQL, BIND and others.

• Modularity: Webmin consists of modules that can be installed and uninstalled as needed.

• IPv6 support: Webmin supports IPv6, but this feature may not work correctly in some environments.

• Cloud Services Support: Some Webmin modules support cloud services such as Amazon S3, but this feature may be limited or unavailable in some versions of Webmin.

2. Server preparation

To do this, we will need to buy the necessary server in the desired location.

In our case, this will be the SWEs-1 base tariff in Sweden:

We select the latest version of Ubuntu operating system - 22.04.

Set the desired rental period by hour or month and click the pay button:

Great. Now your server is ready to install Webmin.

3. Webmin installation

Log in to our server and start typing commands.

1. Update the system.

Open a terminal and enter the following command to update the package list:

sudo apt-get update

2. Establish dependencies.

Webmin requires the Perl package, which can be installed with the following command:

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python3 apt-transport-https

3. Download the latest version of Webmin.

Visit the official Webmin website and find a link to the latest .deb file. Then use the wget command to download the file.

For example, if the latest version is 1.973:

wget http://prdownloads.sourceforge.net/webadmin/webmin_1.973_all.deb

4. Install Webmin.

Use the following command to install the .deb file:

sudo dpkg -i webmin_1.973_all.deb

5. If installation errors occurred due to unsatisfied dependencies, you can fix them by running this:

sudo apt-get install -f

6. Next, you should see this message on the command line:

Webmin install complete. You can now login to https://nameserver:10000/ as root with your root password, or as any user who can use sudo to run commands as root.

After this message, you must go to your browser and enter this line:

Your server IP:10000

7. After you have entered the site using the link in the 6th paragraph, you will be prompted to enter username and password:

After entering the data, you are taken to the Webmin main menu:

Congratulations to you! 🎉

4. Webmin SSL certificate

To configure Webmin to work with an SSL certificate, you will first need to obtain an SSL certificate. You can generate a self-signed certificate or obtain one from a certificate authority (CA) such as Let's Encrypt.

Here are the general steps to configure SSL on Webmin:

1. Obtaining an SSL certificate:

First you will need to obtain an SSL certificate. If you want to use Let's Encrypt, you can use a tool such as Certbot or acme.sh to automatically obtain and renew certificates.

Here is an example of how you can use acme.sh to obtain a certificate for your domain:

acme.sh --issue --standalone -d example.com --httpport 80

2. Configure Webmin to use an SSL certificate:

Once you have an SSL certificate, you can configure Webmin to use it. Here are the general steps:

1. Log in to your Webmin interface.

2. Go to the Webmin Configuration section.

3. Select "SSL Encryption".

4. Click on the "SSL Settings" button.

5. Select "SSL Encryption".

6. Click on the "SSL Settings" button.

Fill in the "Private key file" and "Certificate file" fields with the appropriate paths to your certificate and private key files. If you used acme.sh, they will be in the ~/.acme.sh/example.com/ folder.

Click "Save" to save the changes.

Finally, restart Webmin to apply the new settings:

/etc/init.d/webmin restart

5. Creating a virtual private network

Installing OpenVPN server on Ubuntu 22.04

First, let's install the necessary OpenVPN server packages.

To do this, run the command in the terminal.

sudo apt install openvpn easy-rsa

Both packages are needed on both the server and the client if you will be connecting Ubuntu to an OpenVPN server.

That's it, you don't have to do anything else.

Everything else will be done for us in the web interface.

6. Installing the OpenVPN management pack on Ubuntu 22.04

Now we have the most interesting thing to do. The website of this module has long been unavailable and the developer has posted the latest version on GitHub. In all articles and on file-sharing sites there is an old version of "OpenVPN + CA", which does not work with Ubuntu 22.04, but we found a working module. Install Webmin OpenVPN + CA module.

To do this, log in to WebMin via the web interface and go to WebMin Settings, select "WebMin Modules":

Download the module from this link:

Install the downloaded module by selecting it on your computer:

Next we need to configure the certificate authority, but before that we will fix the main problem of this installation. If you leave everything as it is and go straight to configuration, the standard OpenVPN client downloaded from the official website will notify you that the hash algorithm is too weak ("You are using insecure hash algorithm in CA signature. Please regenerate CA with other hash algorithm.") and you will not be able to connect.

The standard hash algorithm of WebMin module is md5, and it should be changed to sha256. To do this, go to the ssl config file.

sudo nano /etc/openvpn/openvpn-ssl.cnf

Find the line default_md = md5 and change md5 to sha256

default_md = sha256

The official OpenVPN client is now not reporting a weak hash algorithm vulnerability.

6.1 Configuring the OpenVPN certificate authority

Go to "Services", select "OpenVPN + CA" and click on "Certification Authority List":

You don't need to enter anything complicated, you can enter the data of the organization or leave it as it is. The main thing is to enter the name of the certification authority by changing the text "changeme".

Save and proceed to add the server key and client keys for the OpenVPN server.

7. Adding server key and client key to Webmine

Go to the "Key List" of our new certificate authority as shown in the screenshot:

One key is enough for the server, but it must be created. Call it whatever you want, for convenience it is better to call it "Server", do not create any passwords for it. The main thing is to select "Server" in "Key Server":

Now we move on to creating a key for the client. To do this, go to "Key List" as above, but now in "Key Server" select "Client" and set the password for the client. Name the certificate as you like, you will need to select it later.

9. Configuring OpenVPN Server in WebMin on Ubuntu 22.04

Now we need to create the OpenVPN server itself, or rather its configuration. Go to "VPN List" to add the OpenVPN server configuration:

Select our certificate authority and click "New VPN Server":

There are a lot of settings here and if you have had experience with OpenVPN, you already know what and where to enter, so I will only show you the basic settings.

We need to name our server, choose a port, which is 1194 by default, choose our server certificate, set the pool of IP addresses that will be given to the server clients and choose encryption. I also recommend to enable management to see connected clients. You can enter any port, for example, 7505.

Save and proceed to the step of adding clients.

Go back to the VPN List, and we can see our OpenVPN Server. Click on Client List.

Click on the "New VPN Client" button and add a client. Here it is necessary to select the client certificate and enter the external IP address of the server for connection.

The server is ready to start. Now just go to the VPN List and select Start on the right in the Action column of our OpenVPN Server.

8. Download the ready-made config in WebMin OpenVPN Server

Now go back to Client List and download the full .ovpn file of our server for your client.

You can simply import this file into the official OpenVPN client and connect, enter the client password that we set when creating the certificate.