I frequently switch between different VPN configurations on Linux:
WireGuard (wg-quick up/down)
A corporate OpenVPN profile (sudo openvpn corp.ovpn, which prompts for a private key password)
Right now I manually run all commands in the terminal: bringing interfaces up/down, entering passwords, setting DNS routes with resolvectl, etc. It works, but it's slow and clunky for daily workflow.
I'm looking to:
- Handle OpenVPN passwords securely (without storing them in plaintext on disk).
- Quickly see VPN connection status (e.g., connected/disconnected) and minimize manual steps.
Question:
What are good practices or tools for this kind of VPN management on Linux?Would you recommend using systemd units, wrapper scripts, secret-tool (libsecret), or something else to make password input safer?
I'd appreciate any examples, references, or your personal setups if you built something similar.
Thanks!