Should you use a VPN with Tails?
Yes – If you pick a privacy-focused VPN and exclusively use that VPN with Tails only and never for any other purpose whatsoever.
No – If you use your Tails VPN on other occasions, such as unblocking streaming sites on your regular OS.
In other words, you need a dedicated VPN that you use for Tails exclusively.
If you use a VPN with Tails but then also use that VPN for your regular internet activity on your regular OS (where you are logged into Gmail, etc.), then you can potentially negate the privacy enhancements Tails offers to you.
I personally recommend getting a fresh ExpressVPN account registered with a disposable email address you haven’t used elsewhere.
You should preferably register this account from a clean device or OS install, or if you want to go even further, while being behind to another VPN connection. You can also pay with cryptocurrencies bought either from a local seller or a local cash-only ATM.
And finally, you should get a special VPN router on which you can install your VPN and then exclusively use that router when you use Tails. This is because most VPNs do not natively run on Tails OS directly.
In this article you will learn about:
- How Tails operates and what it’s used for
- How a VPN operates and what it’s used for
- Why sometimes it’s not recommended to use a VPN with tails
- How to safely use a VPN with Tails (important section!)
You can jump quickly to the relevans sections by using the menu on the right (desktop) or the one a bit further down (mobile).
Introduction to Tails and Tor
The Amnesic Incognito Live System, or simply known as Tails, is a Debian-based Linux operating system whose ultimate goal is to preserve your privacy and anonymity. To achieve this, Tails forces all your internet traffic to route through Tor — software that lets you browse the internet anonymously. Tails is also equipped with an instant messaging client, an email client, and an office suite all pre-configured with security in place.
Tails is simple and easy to use, even if you’re a novice user. With Tails OS, you can prevent third-party applications from tracking your online activities.
To learn more about Tails or Tor, follow either of these links:
We assume you have some working knowledge about VPNs. So in this guide, we’ll focus on how to use VPN with Tails to keep you secure.
Pros and Cons of Using VPNs with Tails
The Tails organization doesn’t recommend using VPNs as a replacement for Tor, as their goals are incompatible. However, certain use cases might warrant that you use a VPN with Tails for even greater benefits.
Note that to experience the best of both technologies, significant modifications would have to be made to get VPN to work with Tails.
There are two primary ways to use a VPN with the Tails operating system.
1. Tails → Tor → VPN (VPN over Tor)
This method adds a VPN hop after the Tor network’s end.
- It enables access to services and features you could otherwise get only through a VPN.
- You can access services and websites that Tor would otherwise block.
There are a considerable number of disadvantages, too, when using a VPN connection after Tor.
- You have access to no Tor-hidden services.
- If the Tor network gets compromised, your real IP address will be leaked.
- If there are third parties or other providers that want to flush you out, they’ll only have to focus on breaking the VPN, not the whole Tor network.
2. Tails → VPN → Tor (Tor over VPN)
Here, the VPN connection is established before connecting to Tor. This method offers many benefits.
- You can use Tails at airports.
- VPNs can help access Tor on censored networks.
- This enables customers to connect when Tails is unusable to their internet service providers (ISPs), or when ISPs have blocked use of the Tor Browser.
- The Tor network treats your traffic as originating from an anonymous VPN server.
- If Tor gets compromised, you’ll still have a staunch defender in the form of the VPN server protecting you.
Despite the benefits of using a VPN connection before the Tor network, there are still some reasons why using a VPN isn’t recommended.
- If the VPN network is compromised, your data could potentially be exposed to third parties.
- The best VPNs are services you have to subscribe to and pay for.
- VPNs may introduce a permanent entry guard if they’re set up before the Tor network.
We recommend ExpressVPN if you want to use a Tails VPN. But keep in mind to get a new clean account and never use it for anything else other than your Tails activity.
Using Anonymous OpenVPN with Tails
Anonymous VPN offers security services for many platforms, including Windows, Linux, and macOS.
You can download anonymous OpenVPN through https://anonymous-vpn.biz/buy-vpn/
Unlock and configure Persistent Storage.
- Unlock persistent storage at the Welcome page by adding a passphrase.
- Add the VPN application you’ll download later to the persistent storage.
Set an administrator password.
- Find the administration password option under “Additional Settings” by clicking the “+” button.
- Set and confirm the password; you’ll be prompted to enter this in the terminal for many operations.
Configure your internet connection.
- Purchase a VPN.
- Download and install a Dedicated VPN.
- After installation is complete, download the Dedicated VPN keys.
- Rename DeicatedVPN**.ovpn as tov.ovpn and copy them to the persistent storage.
- Download a script to connect OpenVPN in Tails and copy it to your persistent storage as tails.sh.
- Open a terminal where these files are located (Persistent Storage), or navigate to the folder where these files will be located after opening the terminal.
- Switch to root.
- Enter the command chmod +x tails.sh to set the execution rights.
- Run the tails.sh script file with ./tails.sh
- Enter your username and password to authorize the VPN connection.
- Upon successful completion, restart Tor and make sure it works by entering the relevant commands.
- Open the Synaptic Package Manager.
- Search for OpenVPN under the “Not Installed” tab.
- Check all the packages and mark them to be installed.
- Apply the changes.
- Configure your VPN.
- Add the configured ovpn file to VPN in the network settings.