Comment on page
Webmin - the best server panel
Webmin is a web interface for administering Unix systems. It makes system management easier, especially for peoples who are not familiar with the command line.
Here are some of the main features and capabilities of Webmin:
- User and group management: create, delete and edit users and groups, and manage user rights.
- Managing services and demons: start, stop, reboot, and automatically start services at system startup.
- Package Management: installing, upgrading and uninstalling packages using various package managers.
- Network Management: configuration of network interfaces, DNS, DHCP, etc.
- System Management: managing cron jobs, creating configuration backups, viewing system logs, etc.
- Safety Management: Firewall configuration, SSL certificate management, Webmin access management, etc.
- Server Management: support for many popular servers such as Apache, Nginx, MySQL, PostgreSQL, BIND and others.
- Modularity: Webmin consists of modules that can be installed and uninstalled as needed.
- IPv6 support: Webmin supports IPv6, but this feature may not work correctly in some environments.
- Cloud Services Support: Some Webmin modules support cloud services such as Amazon S3, but this feature may be limited or unavailable in some versions of Webmin.
Please note that some of these features may require additional modules or customizations and may not be available in a basic Webmin installation.
To do this, we will need to buy the necessary server in the desired location.
In our case, this will be the SWEs-1 base tariff in Sweden:
We select the latest version of Ubuntu operating system - 22.04.
Set the desired rental period by hour or month and click the pay button:
Great. Now your server is ready to install Webmin.
Log in to our server and start typing commands.
1. Update the system.
Open a terminal and enter the following command to update the package list:
sudo apt-get update
2. Establish dependencies.
Webmin requires the Perl package, which can be installed with the following command:
sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python3 apt-transport-https
3. Download the latest version of Webmin.
For example, if the latest version is 1.973:
4. Install Webmin.
Use the following command to install the .deb file:
sudo dpkg -i webmin_1.973_all.deb
5. If installation errors occurred due to unsatisfied dependencies, you can fix them by running this:
sudo apt-get install -f
6. Next, you should see this message on the command line:
Webmin install complete. You can now login to https://nameserver:10000/ as root with your root password, or as any user who can use sudo to run commands as root.
After this message, you must go to your browser and enter this line:
Your server IP:10000
7. After you have entered the site using the link in the 6th paragraph, you will be prompted to enter username and password:
In case you can't get to the site using the IP:10000 link, then enter the command:
sudo /etc/init.d/webmin start
After that try to enter the link again!
After entering the data, you are taken to the Webmin main menu:
Congratulations to you! 🎉
To configure Webmin to work with an SSL certificate, you will first need to obtain an SSL certificate. You can generate a self-signed certificate or obtain one from a certificate authority (CA) such as Let's Encrypt.
Here are the general steps to configure SSL on Webmin:
1. Obtaining an SSL certificate:
First you will need to obtain an SSL certificate. If you want to use Let's Encrypt, you can use a tool such as Certbot or acme.sh to automatically obtain and renew certificates.
Here is an example of how you can use acme.sh to obtain a certificate for your domain:
acme.sh --issue --standalone -d example.com --httpport 80
2. Configure Webmin to use an SSL certificate:
Once you have an SSL certificate, you can configure Webmin to use it. Here are the general steps:
1. Log in to your Webmin interface.
2. Go to the Webmin Configuration section.
3. Select "SSL Encryption".
4. Click on the "SSL Settings" button.
5. Select "SSL Encryption".
6. Click on the "SSL Settings" button.
Fill in the "Private key file" and "Certificate file" fields with the appropriate paths to your certificate and private key files. If you used acme.sh, they will be in the ~/.acme.sh/example.com/ folder.
Click "Save" to save the changes.
Finally, restart Webmin to apply the new settings:
Installing OpenVPN server on Ubuntu 22.04
First, let's install the necessary OpenVPN server packages.
To do this, run the command in the terminal.
sudo apt install openvpn easy-rsa
Both packages are needed on both the server and the client if you will be connecting Ubuntu to an OpenVPN server.
That's it, you don't have to do anything else.
Everything else will be done for us in the web interface.
Now we have the most interesting thing to do. The website of this module has long been unavailable and the developer has posted the latest version on GitHub. In all articles and on file-sharing sites there is an old version of "OpenVPN + CA", which does not work with Ubuntu 22.04, but we found a working module. Install Webmin OpenVPN + CA module.
To do this, log in to WebMin via the web interface and go to WebMin Settings, select "WebMin Modules":
Download the module from this link:
Install the downloaded module by selecting it on your computer:
Next we need to configure the certificate authority, but before that we will fix the main problem of this installation. If we leave everything as it is and go straight to the configuration, the standard OpenVPN client downloaded from the official site will complain that the hash algorithm is too weak ("You are using insecure hash algorithm in CA signature. Please regenerate CA with other hash algorithm.") and you will not be able to connect.
The standard hash algorithm of WebMin module is md5, and it should be changed to sha256. To do this, go to the ssl config file.
sudo nano /etc/openvpn/openvpn-ssl.cnf
Find the line default_md = md5 and change md5 to sha256
default_md = sha256
Now the official OpenVPN client will not swear at the weak hash algorith.
Go to "Services", select "OpenVPN + CA" and click on "Certification Authority List":
You don't need to enter anything complicated, you can enter the data of the organization or leave it as it is. The main thing is to enter the name of the certification authority by changing the text "changeme".
Save and proceed to add the server key and client keys for the OpenVPN server.
Go to the "Key List" of our new certificate authority as shown in the screenshot:
One key is enough for the server, but it must be created. Call it whatever you want, for convenience it is better to call it "Server", do not create any passwords for it. The main thing is to select "Server" in "Key Server":
Now we move on to creating a key for the client. To do this, go to "Key List" as above, but now in "Key Server" select "Client" and set the password for the client. Name the certificate as you like, you will need to select it later.
Now we need to create the OpenVPN server itself, or rather its configuration. Go to "VPN List" to add the OpenVPN server configuration:
Select our certificate authority and click "New VPN Server":
There are a lot of settings here and if you have had experience with OpenVPN, you already know what and where to enter, so I will only show you the basic settings.
We need to name our server, choose a port, which is 1194 by default, choose our server certificate, set the pool of IP addresses that will be given to the server clients and choose encryption. I also recommend to enable management to see connected clients. You can enter any port, for example, 7505.
Save and proceed to the step of adding clients.
Clients can only be added after adding client certificates!
Go back to the VPN List, and we can see our OpenVPN Server. Click on Client List.
Click on the "New VPN Client" button and add a client. Here it is necessary to select the client certificate and enter the external IP address of the server for connection.
The server is ready to start. Now just go to the VPN List and select Start on the right in the Action column of our OpenVPN Server.
Now go back to Client List and download the full .ovpn file of our server for your client.
You can simply import this file into the official OpenVPN client and connect, enter the client password that we set when creating the certificate.