Package Details: surfshark-vpn 1.1.0-1

Git Clone URL: https://aur.archlinux.org/surfshark-vpn.git (read-only, click to copy)
Package Base: surfshark-vpn
Description: Surfshark VPN client
Upstream URL: https://surfshark.com/download/linux
Keywords: surfshark vpn
Licenses: custom:surfshark
Submitter: SharkyRawr
Maintainer: SharkyRawr
Last Packager: SharkyRawr
Votes: 10
Popularity: 2.05
First Submitted: 2019-04-25 10:57
Last Updated: 2020-01-05 21:36

Latest Comments

1 2 3 Next › Last »

archnoon commented on 2020-05-11 10:15

@emorice You are clearly more knowledgeable in achieving this than I am. Could you please point me to a step-by-step guide on how to fix this problem?

emorice commented on 2020-05-06 10:57

@archnoon no, what you're referring to is a configuration step for using systemd-resolved that is not specific to surfshark.

What I mean is that it is necessary to have a script at /etc/openvpn/update-resolv-conf: this script will be called during surfshark startup (edit: more precisely, this path will be given to openvpn through the up and down options of the openvpn configuration file that the surfshark binary generates on the fly and then called by the openvpn client), and the ips of the surfshark dns servers will be given to this script which is then responsible for forwarding this information to your dns configuration.

Two examples of such scripts are given in the wiki:

The point of symlinking is that the path /etc/openvpn/update-resolv-conf is, I think, hardcoded in surfshark, meaning that if the script is installed somewhere else (which was my case since I used the AUR package for the the systemd script), you need to symlink it under this path to have it called.

Finally, this only does half of the work: ensuring your dns config knows about the surfshark dns servers. You may also want to remove or block somehow your default dns servers to make sure they are not called as backups, which would also cause a leak.

archnoon commented on 2020-05-06 07:41

@emorice Do you mean by symlinking the following command? ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf If yes, do I understsand you correctly that installing and enabling systemd-resolved and this linking solves the entire issue?

emorice commented on 2020-05-01 23:41

I had and solved some dns leaks issues too. Inspecting and tracing the surfshark-vpn binary shows that it calls a script whose path is hardcoded as /etc/openvpn/update-resolv-conf. In debian*, which is the target system for this binary, it is always included as part of the openvpn package However on arch, it is a custom script that users chose to install or not, and wherever they want, or to use an alternative: https://wiki.archlinux.org/index.php/OpenVPN#DNS and is not included by default. Surfshark expects to find such a script and calls it with the dns servers to be set up in environment variables, so some handler must be installed and set up under this path. In my case, I use systemd-resolved, installing and symlinking update-systemd-resolved did the trick.

albeanze commented on 2020-04-03 17:38

i'm getting the same leaks!! :( as you @ohobbs72

ohobbs72 commented on 2020-04-01 23:17

@corban Thanks, I disabled IPv6 but it didn't seem to resolve the issue. When I enable the VPN using the command-line tool, it doesn't even add the VPN DNS servers. It is just my ISP DNS servers. When I import an OpenVPN configuration into the "Connections" setting in KDE, it uses the VPN DNS. I feel like I'm the only person who gets a DNS leak from the Surfshark command-line tool. Do you have any other possible reason why this could be?

corban commented on 2020-03-30 21:46

@ohobbs72 You can disable IPv6. There is a workaround at: https://support.surfshark.com/hc/en-us/articles/360024470413-How-to-disable-IPv6-on-a-Linux-device-

ohobbs72 commented on 2020-03-23 21:21

Is anyone else having a DNS leak? How do you fix it?

corban commented on 2020-01-08 11:44

Fixed it for me too. Thank you. A note about surfshark-vpn for linux in general: it only supports protection over ipv4, but not over ipv6 (typical DNS Leak)!

Bearbonez commented on 2020-01-06 10:32

Latest update fixed it for me, many thanks