It’s less complicated than it looks like. The text is just a poorly written mess, full of options (Fedora vs. Ubuntu, repo vs. no repo, stable vs. beta), and they’re explaining how to do this through the terminal alone because the interface that you have might be different from what they expect. And because copy-pasting commands is faster.

Can’t I just download a file and install it? I’m on Ubuntu.

Yes, you can! In fact, the instructions include this option; it’s under “Installing the app without the Mullvad repository”. It’s a bad idea though; then you don’t get automatic updates.

A better way to do this is to tell your system “I want software from this repository”, so each time that they make a new version of the program, yours get updated.

but I have no idea what I’m doing here.

I’ll copy-paste their commands to do so, and explain what each does.

sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc
echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
sudo apt update
sudo apt install mullvad-vpn

The first command boils down to “download this keyring from the internet”. The keyring is a necessary file to know if you’re actually getting your software from Mullvad instead of PoopySoxHaxxor69. If you wanted, you could do it manually, and then move to the /usr/share/keyrings directory, but… it’s more work, come on.

The second command tells your system that you want software from repository.mullvad.net. I don’t use Ubuntu but there’s probably some GUI to do it for you.

The third command boils down to “hey, Ubuntu, update the list of packages for me”.

The fourth one installs the software.

So usually people do install Linux software from trusted software repositories. Linux practically invented the idea of the app store a full ten years before the first iPhone came out and popularized the term “app.”

The problem with the Mullvad VPN is that their app is not in the trusted software repositories of most Linux distributions. So you are required to go through a few extra steps to first trust the Mullvad software repositories, and then install their VPN app the usual way using apt install or from the software center.

You could just download the “.deb” file and double click on it, but you will have to download and install all software security updates by hand. By going through the extra steps to add Mullvad to your trusted software repository list, you will get software security updates automatically whenever you install all other software updates on your computer.

Most Linux distros don’t bother to make it easy for you to add other trusted software repositories because it can be a major security risk if you trust the wrong people. So I suppose it is for the best that the easiest way to install third-party software is to follow the steps you saw on the website.

Download the .deb and double click it. https://mullvad.net/en/download/app/deb/latest

People seem to be making this a more difficult job than it needs to be. Yeah I get we’re powerusers but can’t we drop that for 2 minutes while giving advice so a new user can actually get a job done quickly? Windows EXEs don’t automatically update either. Sure it might not be the best way to do it but it’s fast and not confusing. (EDIT: Apparently this specific program actually has it’s own auto updater)

Things take time to learn. Throwing all of the existing knowledge of repo management at a new user at once does not work.

As others have mentionned downloading the .deb and running it will also work, but I feel nobody gave your a tldr of why you may want to follow those instructions instead, so here it is:

Those instructions configure your package manager (apt) with a new repository for this application.

The upside to that is that anytime you will look for updates, this app will also get updated.

---

It’s a bit more work up front, but it can pay off when you have dozens of app updating as part of normal system operations.

Imagine a world where windows updates would also update all your software, that’s what this is.

That’s not how you do it.

Click ‘Downloads’ on the Mullvad website.

Scroll to the bottom section ‘Unable to use the app’

Click ‘OpenVPN’.

Download OpenVPN config.

You already have OpenVPN installed, skip all fancy installation steps.

Click network settings in the taskbar, ‘New connection’, ‘OpenVPN’, ‘Import configuration’.

Turn on your new VPN connection. Done.

This is one of the hardest walls for people to jump over mentally, from scavenging the internet for binaries to using a package manager.

I think ideally one should understand what they’re doing, I think that if you did you would realise it’s not hard, just different from what you’re used to. Usually you install things using the graphical package manager, of which there are a lot, since I don’t know which one you are using nor have I used any of them in a long while, I’ll use the terminal as an example (same reason the site uses terminal commands), but all of this is almost assuredly possible via GUI.

To install things you usually do sudo apt install , this is a huge advantage on Linux, it works similar to your phone in that everything gets updated together but also it installs dependencies separately, which means that instead of having 10 copies of the same library for 10 programs that use it (like on Windows) you get a single one, which is part of the reason binaries are smaller on Linux.

The problem with this approach is that some programs are NOT listed there, the only programs there are the ones the maintainers of your distro (Ubuntu in this case) can review and approve. So you can have a lot of different solutions for this:

The first and most obvious for Windows users is to download the .deb from the website and just run that like you would a binary on windows, i.e. double-clicking it, or from the terminal you can run sudo dpkg -i . This works, but you lose the advantages of a package installed via your package manager, i.e. you would get the same experience as on windows, so it’s not ideal.

The second way is the one they’re describing, essentially you’re adding a new repository to the package manager, that the people who wrote the program are maintaining (instead of Ubuntu guys), this is a two step process, sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc that command is downloading the file https://repository.mullvad.net/deb/mullvad-keyring.asc and putting it in /usr/share/keyrings/mullvad-keyring.asc, this is needed because repositories are not trusted by default, that would be a security nightmare, you can do this via GUI if your problem is with the terminal , just download the file and copy it to that location, it’s just harder to explain than giving you a command. Then it’s adding the repository to the repository list, the command is echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list that command has a lot to unwrap, in essence it’s editing the file /etc/apt/sources.list.d/mullvad.list and writing a line like deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=amd64] https://repository.mullvad.net/deb/stable focal main" there, but because the guy who wrote this doesn’t know your architecture (e.g. amd64) nor your version (e.g. focal) he wrote a command that gets that information from your system, you can instead write the file yourself if you know those. Then install via package manager as normal.

There’s a third way which is more recent which is install via snap/flatpak which is similar to install via package manager, except you don’t add new repos.

There’s a fourth way which is manually, usually when you compile stuff you install them manually.

I know it’s a lot to take in, but I’m of the opinion that if you understand what’s happening it makes things easier.

The comment section here is a perfect example of why people don’t use Linux

That page lists multiple installation methods, for multiple distros. There simplest one for you is just two steps.

1. Download .deb installer

2. Run apt install ~/Downloads/MullvadVPN-*_amd64.deb

It’s not that complicated. That’s just confusingly written. And caters to a wide range of users.

My favorite part of this thread is everyone just saying copy and paste the commands so it will work. Like we should totally get users into the habit of running random commands off the net as root.

“I have no idea what I’m doing here” <- Happens in the beginning. How about you start by trying to know what exactly you are doing? Let me give you a fasttrack…

1. The first command you get in the instructions is curl. It is generally used to download stuff from a networked server.

   1.1. To understand the -fsSLo in the command, I strongly advise you to check out the manual of curl using man curl in a terminal.

2. The second command in the instructions is echo "something" | sudo tee some/file

   2.1 Here you see 3 commands echo , sudo and tee. 2.1.1 Again, you can use man command-name to check the manual pages for these commands 2.2 There is a | symbol over here. It is called the “pipe symbol”, which is what you can use to search for it. It is usually difficult to search for the symbol itself and I haven’t found a man page for it, but open man bash and look for “Pipelines” and you’ll know what it is about. Use Link, Link and Link to help yourself understand this.

3. The commands in “Install the package” use the apt program. This is a Package Manager. Its job is to read package information that package developers have made and try to not let the system become unusable.

   • e.g. If you have a program called Xorg from 5 years ago, and a program called mesa from 5 years ago and Xorg depends upon mesa to work. Here, if you replace your mesa with a new, recent mesa yourself, there is a good chance Xorg will not work. The Package Manager prevents that from happening.

4. The gist of what the instructions are making you do is, telling the Package Manager that there is another place from where you want it to look for packages.

To understand man pages better, check out this link.

Don’t think too badly of people dissing you in the comments. They are tired and fed up of help vampires. Hopefully, you can try not to become one.

• Try and build your own process of understanding the commands you see on the internet before entering them into the terminal.
• The comments telling you to just follow the instructions, are coming from the perspective that you don’t have the patience and determination to understand them yourself, which, a lot of people don’t. I will leave it upto you to determine which one you decide to be. It is, however, a bad idea to follow instructions on any website, just because it “seems legit”. You can’t really say you “trust” the site until you have the ability to find out for yourself whether you want to trust it.

Check this out

I don’t want to sound arrogant but is reading a few paragraphs then copying and pasting 3 different commands into a terminal really that difficult?

It will make life easier in the long run as having a repo added will update the software with sudo apt upgrade in the future.

Yes. I’m genuinely unsure how it could be any easier. It’s just add the repo and install.

But I suppose it’s a lot if you don’t know what anything means, so I’ll try to explain it at a super basic level. Sorry if this is patronising, I can’t ascertain your experience level so I have to make an assumption.

The first thing it asks you to do is:

sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc

Hm. Okay so I guess before even deciphering the command, you have to know how Linux works. So on Linux, the first word is the name of the application you want to use, and everything afterwards is stuff that you pass along to the application. It’s up to the application to program in the behaviour for interpreting the words that come after the first word. So “sudo” is the name of the application you’re using, and all that other stuff is stuff you’re telling Linux to tell that other application.

Okay, so what is sudo? sudo is short for Super User Do. It’s an application that does something (sudo) as the super user (sudo). Super User is like admin on Windows. So it’s for when you want to make system level changes or want to override permission limitations. In the past, or at a basic level, you would switch user, make the change, then switch back to your personal user. But with sudo you can borrow the permissions of the super user for the purposes of that one command and everything works smoother that way.

The way you use sudo is you run the application by typing sudo, then you type in a second application and what you want that application to do, then sudo starts that other application and gives it the instructions you asked to be passed on. The second application in this case is curl.

For example, on Windows you might do sudo photoshop open C:\users\winuser\documents\restrictedfile.psd to open a file in Photoshop that the Windows admin decided you aren’t allowed to open.

Let’s look at the command again.

sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc

Sudo is to get super permissions and doesn’t actually tell you what the command does. The application that is actually being run in this command is curl. curl goes to a url and sees it. So it basically just means download whatever is at this URL. Here the URL is https://repository.mullvad.net/deb/mullvad-keyring.asc All that other stuff in this command is technically curl specific, so you have to check how curl works to know what it does. But it does follow Linux conventions very closely, therefore a normal Linux user who has never used curl could still guess what it does with 100% accuracy and would probably use it correctly for the first time without checking how to use it. If you want to learn how to use it, you can use the included manual program man, by typing man curl, and as a convention, almost every Linux application will tell you how to use it if you use the -h or --help flags by typing curl -h or curl --help.

In this case, curl takes flags, these are -fsSLo, that’s 5 different flags. A flag is like a mode switch for an application, it’s specified with adding a hyphen and the trigger word. The hyphen is useful because an application like curl might want a file path /usr/share/keyrings/mullvad-keyring.asc and a URL https://repository.mullvad.net/deb/mullvad-keyring.asc, so by adding the hyphen, the application knows that fsSLO is not part of the file path, but is instead specific instructions you’re giving the application. This is a normal convention on Linux, similar to how Windows applications normally program the X button in the corner to close the window.

For curl specifically, by default curl doesn’t save the file, it just displays it in the terminal. So the most basic version of the command would be curl https://repository.mullvad.net/deb/mullvad-keyring.asc and nothing else. Let’s look at what the flags do.
-f is for fail.
-s is for silent. Both of these just change the behaviour of curl to give you less feedback and information. Mullvad probably chose to do this to make it more beginner friendly, ironically.
-S is for show error. There’s a difference between lower and upper case. Show error means that even though curl was asked to be quiet and not show what it’s doing, it should still let you know if there’s an error.
-L is for location, it’s to allow redirects. Mullvad chose to include this option so that the old instructions still work if the URL changes in the future or perhaps if you have a common typo in your command.
-o (output) writes the downloaded file to disk at the specific location. /usr/share/keyrings/mullvad-keyring.asc. The -o flag is the only one in this list that actually matters and changes what the application does. The rest is just there to be beginner friendly, but I think Mullvad made a mistake in including them personally, as I think they add to the confusion instead.

As a standard Linux convention, flags can either be a single hyphen and a letter or two hyphens and a word or a hyphenated sentence. These are conventions and up to the application, but for curl and most applications you’ll use, both work. Similarly, curl and most applications let you use a single hyphen and then all your flags in a row, or separate them with spaces and new starting-hyphens. curl -f --silent -S -L --output file.txt https://lemmy.ml for example.

Okay, so hopefully now you can read it a bit better. Let’s look at it again.

sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc

Wtf is that file and why do you need it in that folder? It’s downloading their encryption key to the folder where apt (a different application we haven’t encountered yet) looks for encryption keys. You need this for cryptographic verification. It’s a safety measure, and more important for security software like Mullvad. It’s not mandatory for adding repositories.

So with this command, you borrow the super user’s permissions and you download a file and put it in a folder.

Okay, next part.

echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list

Okay, this one is actually pretty complicated! Similar to above, how they added all those superfluous flags that make curl quieter, this is another case of the mullvad help-article-writers choosing to make the experience of copy/pasting the commands more seamless by sacrificing legibility.

But let’s go through it anyway. It’ll be a super quick crash course in how to use Linux.

echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list

Echo is an application that repeats whatever you type at it. If you run echo hi it’ll output hi into the terminal. Deb is an application that installs .deb packages. These are like .msi files on Windows. It’s specific to Ubuntu and certain other Linux distros. The stuff that follows echo is a command. deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main, if you run it on its own, it does something. But because you wrote echo first, it’s only words that are being printed in the terminal. We’ll look at what it’s supposed to do in a minute. After that part, comes a pipe |, this is very important, then a second command. sudo tee /etc/apt/sources.list.d/mullvad.list.

Okay, we’ll break this down backwards. sudo you already know. It’s just an application that starts another application. In this case tee. tee is an application that takes whatever you give it and writes it to a file. It’s called tee because it’s like a t-split, it both writes to a file and to the terminal at the same time, so you can monitor what’s being written. It’s specifically designed to be used with a pipe.

Wtf is a pipe? A pipe | is a built in Linux function that let’s you take the output from one application and feed it to another. In this case, the stuff you had before the pipe was a echo command. So the output is what you asked echo to echo back to you. deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main". That means that tee is writing this command (without the echo part in front of it, because that’s your command, not the output from an application) into the file located at /etc/apt/sources.list.d/mullvad.list. Tee by default overwrites whatever was already in the file, and in this case, a mode-switch flag wasn’t used to ask it to not do that. So if that file already existed (which it doesn’t), it would now be deleted and replaced with what you echo’d into it. deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main".

What is /etc/apt/sources.list.d/mullvad.list? That’s a file that belongs to apt. apt is your package manager, we’ll loop back to that. The /etc folder is somewhere applications put their files, rather than where the user is supposed to put their files. Having the user’s files separately like that helps with knowing which files you care about when it comes to backups and system migrations and things like that. So inside /etc, apt gets it’s own folder, and inside that folder it created sources.list.d, and inside that folder, you’re now creating a file for mullvad. In this file is the definition of the new repository you’re adding.

[Cutting this up to two parts because API limit]

The instructions on that page make it so that every time you run a system update, mullvad automatically updates as well. If you’re happy doing the updating yourself, you can download the deb file from here: https://github.com/mullvad/mullvadvpn-app/releases

This is not the only way to install apps but as a Linux user there will be times when you will need to use the terminal. Might as well know that from now.

The instructions they gave are really simple and straightforward. If you struggle with that, you may want to learn a bit about the terminal.

But since you’re on Ubuntu there is a much easier way: go to Mullvad downloads page and download the deb file. Double click it and the Ubuntu App Store should open and install it. If not, open the App Store and search for gdebi and install it. Now right click the deb you downloaded, and click “open with…” and choose gdebi from the list.

It should check dependencies and give you an “install” button. Click that and wait for it to finish. Then simply launch Mullvad as normal.

In general on Linux you install apps by looking in the distro repo: either by searching the App Store or by using the terminal.

To do it from the terminal type:

1. ‘sudo apt update’. Enter your password.

2. After it’s updated type 'apt search [name of app] and press enter. It will give you a list of apps with that name. Eg apt search lollypop (a music player). Then if you see it listed, you know it’s in the repo.

3. To install it type ‘sudo apt install lollypop’ and press enter. It will tell you how large it is and if you want to install it. Type “y” and press enter. It will finish it in a few seconds.

Done. Launch the app as normal.

There is also something called Flatpak’s which you can get from flathub.com You will also find instructions there on how to install flatpak on your system but typing a few commands.

Welcome to Linux. You’ll either embrace and love it or abandon it.

The same MFs on here that rush to tell someone that Linux is easy and intuitive are the same ones that can’t keep a small talk conversation for more than 5 mins, a social activity that humans have been doing for thousands of years.

My words might be a little broad, harsh, and even hurtful, but just a reminder that not all of us are good at learning the same things.

We didn’t all come out of the womb knowing how to socialize or use Linux, but if we look back far enough, we can all relate to the struggles it takes to learn something new, and how much it sucks when someone treats you like you’re stupid just because things sometimes don’t click