diff --git a/extras/ikev2setup.sh b/extras/ikev2setup.sh
index 6fbdb3d..ce2278f 100644
--- a/extras/ikev2setup.sh
+++ b/extras/ikev2setup.sh
@@ -263,17 +263,14 @@ EOF
 
 show_start_message() {
   bigecho "Starting IKEv2 setup in auto mode, using default options."
-  echo
 }
 
 show_add_client_message() {
   bigecho "Adding a new IKEv2 client '$client_name', using default options."
-  echo
 }
 
 show_export_client_message() {
   bigecho "Exporting existing IKEv2 client '$client_name', using default options."
-  echo
 }
 
 get_export_dir() {
@@ -293,7 +290,7 @@ get_export_dir() {
 }
 
 get_server_ip() {
-  echo "Trying to auto discover IP of this server..."
+  bigecho "Trying to auto discover IP of this server..."
   public_ip=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
   check_ip "$public_ip" || public_ip=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 }
@@ -453,6 +450,7 @@ enter_custom_dns() {
   else
     echo "Using Google Public DNS (8.8.8.8, 8.8.4.4)."
   fi
+  echo
 }
 
 check_mobike_support() {
@@ -492,8 +490,7 @@ check_mobike_support() {
     fi
   fi
 
-  echo
-  echo -n "Checking for MOBIKE support... "
+  echo -n "## Checking for MOBIKE support... "
   if [ "$mobike_support" = "1" ]; then
     echo "available"
   else
@@ -652,13 +649,38 @@ EOF
 install_base64_uuidgen() {
   if ! command -v base64 >/dev/null 2>&1 || ! command -v uuidgen >/dev/null 2>&1; then
     bigecho "Installing required packages..."
-
     if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
       export DEBIAN_FRONTEND=noninteractive
-      apt-get -yqq update || exiterr "'apt-get update' failed."
-      apt-get -yqq install coreutils uuid-runtime >/dev/null || exiterr "'apt-get install' failed."
+      (
+        set -x
+        apt-get -yqq update
+      ) || exiterr "'apt-get update' failed."
+    fi
+  fi
+  if ! command -v base64 >/dev/null 2>&1; then
+    if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
+      (
+        set -x
+        apt-get -yqq install coreutils >/dev/null
+      ) || exiterr "'apt-get install' failed."
     else
-      yum -yq install coreutils util-linux || exiterr "'yum install' failed."
+      (
+        set -x
+        yum -y -q install coreutils >/dev/null
+      ) || exiterr "'yum install' failed."
+    fi
+  fi
+  if ! command -v uuidgen >/dev/null 2>&1; then
+    if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
+      (
+        set -x
+        apt-get -yqq install uuid-runtime >/dev/null
+      ) || exiterr "'apt-get install' failed."
+    else
+      (
+        set -x
+        yum -y -q install util-linux >/dev/null
+      ) || exiterr "'yum install' failed."
     fi
   fi
 }
@@ -989,20 +1011,21 @@ EOF
 apply_ubuntu1804_nss_fix() {
   if [ "$os_type" = "ubuntu" ] && [ "$os_ver" = "bustersid" ] && [ "$os_arch" = "x86_64" ]; then
     bigecho "Applying fix for NSS bug on Ubuntu 18.04..."
-
     nss_url1="https://mirrors.kernel.org/ubuntu/pool/main/n/nss"
     nss_url2="https://mirrors.kernel.org/ubuntu/pool/universe/n/nss"
     nss_deb1="libnss3_3.49.1-1ubuntu1.5_amd64.deb"
     nss_deb2="libnss3-dev_3.49.1-1ubuntu1.5_amd64.deb"
     nss_deb3="libnss3-tools_3.49.1-1ubuntu1.5_amd64.deb"
-    if wget -t 3 -T 30 -nv -O "/tmp/$nss_deb1" "$nss_url1/$nss_deb1" \
-      && wget -t 3 -T 30 -nv -O "/tmp/$nss_deb2" "$nss_url1/$nss_deb2" \
-      && wget -t 3 -T 30 -nv -O "/tmp/$nss_deb3" "$nss_url2/$nss_deb3"; then
-      export DEBIAN_FRONTEND=noninteractive
+    export DEBIAN_FRONTEND=noninteractive
+    set -x
+    if wget -t 3 -T 30 -q -O "/tmp/libnss3.deb" "$nss_url1/$nss_deb1" \
+      && wget -t 3 -T 30 -q -O "/tmp/libnss3-dev.deb" "$nss_url1/$nss_deb2" \
+      && wget -t 3 -T 30 -q -O "/tmp/libnss3-tools.deb" "$nss_url2/$nss_deb3"; then
       apt-get -yqq update
-      apt-get -yqq install "/tmp/$nss_deb1" "/tmp/$nss_deb2" "/tmp/$nss_deb3"
+      apt-get -yqq install "/tmp/libnss3.deb" "/tmp/libnss3-dev.deb" "/tmp/libnss3-tools.deb" >/dev/null
+      /bin/rm -f "/tmp/libnss3.deb" "/tmp/libnss3-dev.deb" "/tmp/libnss3-tools.deb"
     fi
-    /bin/rm -f "/tmp/$nss_deb1" "/tmp/$nss_deb2" "/tmp/$nss_deb3"
+    { set +x; } 2>&-
   fi
 }
 
@@ -1010,7 +1033,7 @@ restart_ipsec_service() {
   bigecho "Restarting IPsec service..."
 
   mkdir -p /run/pluto
-  service ipsec restart
+  service ipsec restart 2>/dev/null
 }
 
 print_client_added_message() {
diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index 72e93c4..eb71d26 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -22,6 +22,7 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'apt-get install' failed."; }
+bigecho() { echo "## $1"; }
 
 vpnupgrade() {
 
@@ -129,7 +130,6 @@ clear
 cat <<EOF
 Welcome! This script will build and install Libreswan on your server.
 Additional packages required for compilation will also be installed.
-
 It is intended for upgrading servers to a newer Libreswan version.
 
 Current version:    $ipsec_ver_short
@@ -141,7 +141,6 @@ cat <<'EOF'
 Note: This script will make the following changes to your VPN configuration:
       - Fix obsolete ipsec.conf and/or ikev2.conf options
       - Optimize VPN ciphers
-
       Your other VPN config files will not be modified.
 
 EOF
@@ -160,8 +159,7 @@ read -r response
 case $response in
   [yY][eE][sS]|[yY])
     echo
-    echo "Please be patient. Setup is continuing..."
-    echo
+    bigecho "Please be patient. Setup is continuing..."
     ;;
   *)
     echo "Abort. No changes were made."
@@ -173,25 +171,35 @@ esac
 mkdir -p /opt/src
 cd /opt/src || exit 1
 
-# Update package index
+bigecho "Installing required packages..."
+
 export DEBIAN_FRONTEND=noninteractive
-apt-get -yq update || exiterr "'apt-get update' failed."
+(
+  set -x
+  apt-get -yqq update
+) || exiterr "'apt-get update' failed."
+(
+  set -x
+  apt-get -yqq install libnss3-dev libnspr4-dev pkg-config \
+    libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev \
+    libcurl4-nss-dev libnss3-tools libevent-dev libsystemd-dev \
+    flex bison gcc make wget sed >/dev/null
+) || exiterr2
 
-# Install necessary packages
-apt-get -yq install libnss3-dev libnspr4-dev pkg-config \
-  libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev \
-  libcurl4-nss-dev libnss3-tools libevent-dev libsystemd-dev \
-  flex bison gcc make wget sed || exiterr2
+bigecho "Downloading Libreswan..."
 
-# Compile and install Libreswan
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 [ "$SWAN_VER" = "4.1" ] && sed -i 's/ sysv )/ sysvinit )/' programs/setup/setup.in
 cat > Makefile.inc.local <<'EOF'
@@ -216,16 +224,19 @@ if [ "$SWAN_VER" != "3.32" ]; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
-# Verify the install and clean up
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
   exiterr "Libreswan $SWAN_VER failed to build."
 fi
 
-# Update IPsec config
+bigecho "Updating VPN configuration..."
+
 IKE_NEW="  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024"
 PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2"
 
@@ -265,13 +276,13 @@ if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then
   sed -i 's/^[[:space:]]\+ike-frag=/  fragmentation=/' /etc/ipsec.d/ikev2.conf
 fi
 
-# Restart IPsec service
+bigecho "Restarting IPsec service..."
+
 mkdir -p /run/pluto
-service ipsec restart
+service ipsec restart 2>/dev/null
 
 cat <<EOF
 
-
 ================================================
 
 Libreswan $SWAN_VER has been successfully installed!
diff --git a/extras/vpnupgrade_amzn.sh b/extras/vpnupgrade_amzn.sh
index ffe448c..6c1a8ff 100644
--- a/extras/vpnupgrade_amzn.sh
+++ b/extras/vpnupgrade_amzn.sh
@@ -22,6 +22,7 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'yum install' failed."; }
+bigecho() { echo "## $1"; }
 
 vpnupgrade() {
 
@@ -108,7 +109,6 @@ clear
 cat <<EOF
 Welcome! This script will build and install Libreswan on your server.
 Additional packages required for compilation will also be installed.
-
 It is intended for upgrading servers to a newer Libreswan version.
 
 Current version:    $ipsec_ver_short
@@ -120,7 +120,6 @@ cat <<'EOF'
 Note: This script will make the following changes to your VPN configuration:
       - Fix obsolete ipsec.conf and/or ikev2.conf options
       - Optimize VPN ciphers
-
       Your other VPN config files will not be modified.
 
 EOF
@@ -139,8 +138,7 @@ read -r response
 case $response in
   [yY][eE][sS]|[yY])
     echo
-    echo "Please be patient. Setup is continuing..."
-    echo
+    bigecho "Please be patient. Setup is continuing..."
     ;;
   *)
     echo "Abort. No changes were made."
@@ -152,24 +150,37 @@ esac
 mkdir -p /opt/src
 cd /opt/src || exit 1
 
-# Add the EPEL repository
-amazon-linux-extras install epel -y || exiterr2
+bigecho "Adding the EPEL repository..."
 
-# Install necessary packages
-yum -y install nss-devel nspr-devel pkgconfig pam-devel \
-  libcap-ng-devel libselinux-devel curl-devel nss-tools \
-  flex bison gcc make wget sed tar \
-  systemd-devel libevent-devel fipscheck-devel || exiterr2
+(
+  set -x
+  amazon-linux-extras install epel -y >/dev/null
+) || exiterr2
+
+bigecho "Installing required packages..."
+
+(
+  set -x
+  yum -y -q install nss-devel nspr-devel pkgconfig pam-devel \
+    libcap-ng-devel libselinux-devel curl-devel nss-tools \
+    flex bison gcc make wget sed tar \
+    systemd-devel libevent-devel fipscheck-devel >/dev/null
+) || exiterr2
+
+bigecho "Downloading Libreswan..."
 
-# Compile and install Libreswan
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 [ "$SWAN_VER" = "4.1" ] && sed -i 's/ sysv )/ sysvinit )/' programs/setup/setup.in
 cat > Makefile.inc.local <<'EOF'
@@ -186,9 +197,11 @@ if [ "$SWAN_VER" != "3.32" ]; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
-# Verify the install and clean up
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
@@ -200,7 +213,8 @@ restorecon /etc/ipsec.d/*db 2>/dev/null
 restorecon /usr/local/sbin -Rv 2>/dev/null
 restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
 
-# Update IPsec config
+bigecho "Updating VPN configuration..."
+
 IKE_NEW="  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024"
 PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2"
 
@@ -234,13 +248,13 @@ if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then
   sed -i 's/^[[:space:]]\+ike-frag=/  fragmentation=/' /etc/ipsec.d/ikev2.conf
 fi
 
-# Restart IPsec service
+bigecho "Restarting IPsec service..."
+
 mkdir -p /run/pluto
-service ipsec restart
+service ipsec restart 2>/dev/null
 
 cat <<EOF
 
-
 ================================================
 
 Libreswan $SWAN_VER has been successfully installed!
diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh
index 7d791f6..9bfd26c 100644
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@@ -22,6 +22,7 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'yum install' failed."; }
+bigecho() { echo "## $1"; }
 
 vpnupgrade() {
 
@@ -120,7 +121,6 @@ clear
 cat <<EOF
 Welcome! This script will build and install Libreswan on your server.
 Additional packages required for compilation will also be installed.
-
 It is intended for upgrading servers to a newer Libreswan version.
 
 Current version:    $ipsec_ver_short
@@ -132,7 +132,6 @@ cat <<'EOF'
 Note: This script will make the following changes to your VPN configuration:
       - Fix obsolete ipsec.conf and/or ikev2.conf options
       - Optimize VPN ciphers
-
       Your other VPN config files will not be modified.
 
 EOF
@@ -151,8 +150,7 @@ read -r response
 case $response in
   [yY][eE][sS]|[yY])
     echo
-    echo "Please be patient. Setup is continuing..."
-    echo
+    bigecho "Please be patient. Setup is continuing..."
     ;;
   *)
     echo "Abort. No changes were made."
@@ -164,14 +162,22 @@ esac
 mkdir -p /opt/src
 cd /opt/src || exit 1
 
-# Add the EPEL repository
-epel_url="https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E '%{rhel}').noarch.rpm"
-yum -y install epel-release || yum -y install "$epel_url" || exiterr2
+bigecho "Adding the EPEL repository..."
 
-# Install necessary packages
-yum -y install nss-devel nspr-devel pkgconfig pam-devel \
-  libcap-ng-devel libselinux-devel curl-devel nss-tools \
-  flex bison gcc make wget sed tar || exiterr2
+epel_url="https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E '%{rhel}').noarch.rpm"
+(
+  set -x
+  yum -y -q install epel-release >/dev/null || yum -y -q install "$epel_url" >/dev/null
+) || exiterr2
+
+bigecho "Installing required packages..."
+
+(
+  set -x
+  yum -y -q install nss-devel nspr-devel pkgconfig pam-devel \
+    libcap-ng-devel libselinux-devel curl-devel nss-tools \
+    flex bison gcc make wget sed tar >/dev/null
+) || exiterr2
 
 REPO1='--enablerepo=*server-*optional*'
 REPO2='--enablerepo=*releases-optional*'
@@ -179,21 +185,35 @@ REPO3='--enablerepo=[Pp]ower[Tt]ools'
 [ "$os_type" = "rhel" ] && REPO3='--enablerepo=codeready-builder-for-rhel-8-*'
 
 if [ "$os_ver" = "7" ]; then
-  yum -y install systemd-devel || exiterr2
-  yum "$REPO1" "$REPO2" -y install libevent-devel fipscheck-devel || exiterr2
+  (
+    set -x
+    yum -y -q install systemd-devel >/dev/null
+  ) || exiterr2
+  (
+    set -x
+    yum "$REPO1" "$REPO2" -y -q install libevent-devel fipscheck-devel >/dev/null
+  ) || exiterr2
 else
-  yum "$REPO3" -y install systemd-devel libevent-devel fipscheck-devel || exiterr2
+  (
+    set -x
+    yum "$REPO3" -y -q install systemd-devel libevent-devel fipscheck-devel >/dev/null
+  ) || exiterr2
 fi
 
-# Compile and install Libreswan
+bigecho "Downloading Libreswan..."
+
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 [ "$SWAN_VER" = "4.1" ] && sed -i 's/ sysv )/ sysvinit )/' programs/setup/setup.in
 cat > Makefile.inc.local <<'EOF'
@@ -210,9 +230,11 @@ if [ "$SWAN_VER" != "3.32" ]; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
-# Verify the install and clean up
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
@@ -224,7 +246,8 @@ restorecon /etc/ipsec.d/*db 2>/dev/null
 restorecon /usr/local/sbin -Rv 2>/dev/null
 restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
 
-# Update IPsec config
+bigecho "Updating VPN configuration..."
+
 IKE_NEW="  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024"
 PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2"
 
@@ -258,13 +281,13 @@ if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then
   sed -i 's/^[[:space:]]\+ike-frag=/  fragmentation=/' /etc/ipsec.d/ikev2.conf
 fi
 
-# Restart IPsec service
+bigecho "Restarting IPsec service..."
+
 mkdir -p /run/pluto
-service ipsec restart
+service ipsec restart 2>/dev/null
 
 cat <<EOF
 
-
 ================================================
 
 Libreswan $SWAN_VER has been successfully installed!
diff --git a/vpnsetup.sh b/vpnsetup.sh
index 66ad956..885e5bf 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -40,7 +40,7 @@ SYS_DT=$(date +%F-%T | tr ':' '_')
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'apt-get install' failed."; }
 conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
-bigecho() { echo; echo "## $1"; echo; }
+bigecho() { echo "## $1"; }
 
 check_ip() {
   IP_REGEX='^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
@@ -157,53 +157,59 @@ while fuser "$APT_LK" "$PKG_LK" >/dev/null 2>&1 \
   sleep 3
 done
 
-bigecho "Populating apt-get cache..."
-
-export DEBIAN_FRONTEND=noninteractive
-apt-get -yq update || exiterr "'apt-get update' failed."
-
 bigecho "Installing packages required for setup..."
 
-apt-get -yq install wget dnsutils openssl \
-  iptables iproute2 gawk grep sed net-tools || exiterr2
+export DEBIAN_FRONTEND=noninteractive
+(
+  set -x
+  apt-get -yqq update
+) || exiterr "'apt-get update' failed."
+(
+  set -x
+  apt-get -yqq install wget dnsutils openssl \
+    iptables iproute2 gawk grep sed net-tools >/dev/null
+) || exiterr2
 
 bigecho "Trying to auto discover IP of this server..."
 
-cat <<'EOF'
-In case the script hangs here for more than a few minutes,
-press Ctrl-C to abort. Then edit it and manually enter IP.
-EOF
-
 # In case auto IP discovery fails, enter server's public IP here.
 PUBLIC_IP=${VPN_PUBLIC_IP:-''}
-
 [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
-
 check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
 
 bigecho "Installing packages required for the VPN..."
 
-apt-get -yq install libnss3-dev libnspr4-dev pkg-config \
-  libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev \
-  libcurl4-nss-dev flex bison gcc make libnss3-tools \
-  libevent-dev libsystemd-dev ppp xl2tpd || exiterr2
+(
+  set -x
+  apt-get -yqq install libnss3-dev libnspr4-dev pkg-config \
+    libpam0g-dev libcap-ng-dev libcap-ng-utils libselinux1-dev \
+    libcurl4-nss-dev flex bison gcc make libnss3-tools \
+    libevent-dev libsystemd-dev ppp xl2tpd >/dev/null
+) || exiterr2
 
 bigecho "Installing Fail2Ban to protect SSH..."
 
-apt-get -yq install fail2ban || exiterr2
+(
+  set -x
+  apt-get -yqq install fail2ban >/dev/null
+) || exiterr2
 
-bigecho "Compiling and installing Libreswan..."
+bigecho "Downloading Libreswan..."
 
 SWAN_VER=4.2
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS=-w
@@ -225,7 +231,10 @@ if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh
index 1bbac8a..9b58503 100644
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@@ -39,7 +39,7 @@ SYS_DT=$(date +%F-%T | tr ':' '_')
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'yum install' failed."; }
 conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
-bigecho() { echo; echo "## $1"; echo; }
+bigecho() { echo "## $1"; }
 
 check_ip() {
   IP_REGEX='^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
@@ -116,55 +116,64 @@ cd /opt/src || exit 1
 
 bigecho "Installing packages required for setup..."
 
-yum -y install wget bind-utils openssl tar \
-  iptables iproute gawk grep sed net-tools || exiterr2
+(
+  set -x
+  yum -y -q install wget bind-utils openssl tar \
+    iptables iproute gawk grep sed net-tools >/dev/null
+) || exiterr2
 
 bigecho "Trying to auto discover IP of this server..."
 
-cat <<'EOF'
-In case the script hangs here for more than a few minutes,
-press Ctrl-C to abort. Then edit it and manually enter IP.
-EOF
-
 # In case auto IP discovery fails, enter server's public IP here.
 PUBLIC_IP=${VPN_PUBLIC_IP:-''}
-
 [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
-
 check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
 
 bigecho "Adding the EPEL repository..."
 
-amazon-linux-extras install epel -y || exiterr2
+(
+  set -x
+  amazon-linux-extras install epel -y >/dev/null
+) || exiterr2
 
 bigecho "Installing packages required for the VPN..."
 
-REPO1='--enablerepo=epel'
-
-yum -y install nss-devel nspr-devel pkgconfig pam-devel \
-  libcap-ng-devel libselinux-devel curl-devel nss-tools \
-  flex bison gcc make ppp \
-  systemd-devel iptables-services \
-  libevent-devel fipscheck-devel || exiterr2
-
-yum "$REPO1" -y install xl2tpd || exiterr2
+(
+  set -x
+  yum -y -q install nss-devel nspr-devel pkgconfig pam-devel \
+    libcap-ng-devel libselinux-devel curl-devel nss-tools \
+    flex bison gcc make ppp \
+    systemd-devel iptables-services \
+    libevent-devel fipscheck-devel >/dev/null
+) || exiterr2
+(
+  set -x
+  yum --enablerepo=epel -y -q install xl2tpd >/dev/null 2>&1
+) || exiterr2
 
 bigecho "Installing Fail2Ban to protect SSH..."
 
-yum "$REPO1" -y install fail2ban || exiterr2
+(
+  set -x
+  yum --enablerepo=epel -y -q install fail2ban >/dev/null
+) || exiterr2
 
-bigecho "Compiling and installing Libreswan..."
+bigecho "Downloading Libreswan..."
 
 SWAN_VER=4.2
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS=-w
@@ -178,7 +187,10 @@ if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index cd2045f..d73215b 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -40,7 +40,7 @@ SYS_DT=$(date +%F-%T | tr ':' '_')
 exiterr()  { echo "Error: $1" >&2; exit 1; }
 exiterr2() { exiterr "'yum install' failed."; }
 conf_bk() { /bin/cp -f "$1" "$1.old-$SYS_DT" 2>/dev/null; }
-bigecho() { echo; echo "## $1"; echo; }
+bigecho() { echo "## $1"; }
 
 check_ip() {
   IP_REGEX='^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
@@ -129,28 +129,27 @@ cd /opt/src || exit 1
 
 bigecho "Installing packages required for setup..."
 
-yum -y install wget bind-utils openssl tar \
-  iptables iproute gawk grep sed net-tools || exiterr2
+(
+  set -x
+  yum -y -q install wget bind-utils openssl tar \
+    iptables iproute gawk grep sed net-tools >/dev/null
+) || exiterr2
 
 bigecho "Trying to auto discover IP of this server..."
 
-cat <<'EOF'
-In case the script hangs here for more than a few minutes,
-press Ctrl-C to abort. Then edit it and manually enter IP.
-EOF
-
 # In case auto IP discovery fails, enter server's public IP here.
 PUBLIC_IP=${VPN_PUBLIC_IP:-''}
-
 [ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(dig @resolver1.opendns.com -t A -4 myip.opendns.com +short)
-
 check_ip "$PUBLIC_IP" || PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
 check_ip "$PUBLIC_IP" || exiterr "Cannot detect this server's public IP. Edit the script and manually enter it."
 
 bigecho "Adding the EPEL repository..."
 
 epel_url="https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm -E '%{rhel}').noarch.rpm"
-yum -y install epel-release || yum -y install "$epel_url" || exiterr2
+(
+  set -x
+  yum -y -q install epel-release >/dev/null || yum -y -q install "$epel_url" >/dev/null
+) || exiterr2
 
 bigecho "Installing packages required for the VPN..."
 
@@ -160,42 +159,69 @@ REPO3='--enablerepo=*releases-optional*'
 REPO4='--enablerepo=[Pp]ower[Tt]ools'
 [ "$os_type" = "rhel" ] && REPO4='--enablerepo=codeready-builder-for-rhel-8-*'
 
-yum -y install nss-devel nspr-devel pkgconfig pam-devel \
-  libcap-ng-devel libselinux-devel curl-devel nss-tools \
-  flex bison gcc make ppp || exiterr2
-
-yum "$REPO1" -y install xl2tpd || exiterr2
+(
+  set -x
+  yum -y -q install nss-devel nspr-devel pkgconfig pam-devel \
+    libcap-ng-devel libselinux-devel curl-devel nss-tools \
+    flex bison gcc make ppp >/dev/null
+) || exiterr2
+(
+  set -x
+  yum "$REPO1" -y -q install xl2tpd >/dev/null 2>&1
+) || exiterr2
 
 use_nft=0
 if [ "$os_ver" = "7" ]; then
-  yum -y install systemd-devel iptables-services || exiterr2
-  yum "$REPO2" "$REPO3" -y install libevent-devel fipscheck-devel || exiterr2
+  (
+    set -x
+    yum -y -q install systemd-devel iptables-services >/dev/null
+  ) || exiterr2
+  (
+    set -x
+    yum "$REPO2" "$REPO3" -y -q install libevent-devel fipscheck-devel >/dev/null
+  ) || exiterr2
 else
-  yum "$REPO4" -y install systemd-devel libevent-devel fipscheck-devel || exiterr2
+  (
+    set -x
+    yum "$REPO4" -y -q install systemd-devel libevent-devel fipscheck-devel >/dev/null
+  ) || exiterr2
   if systemctl is-active --quiet firewalld.service \
     || grep -qs "hwdsl2 VPN script" /etc/sysconfig/nftables.conf; then
     use_nft=1
-    yum -y install nftables || exiterr2
+    (
+      set -x
+      yum -y -q install nftables >/dev/null
+    ) || exiterr2
   else
-    yum -y install iptables-services || exiterr2
+    (
+      set -x
+      yum -y -q install iptables-services >/dev/null
+    ) || exiterr2
   fi
 fi
 
 bigecho "Installing Fail2Ban to protect SSH..."
 
-yum "$REPO1" -y install fail2ban || exiterr2
+(
+  set -x
+  yum "$REPO1" -y -q install fail2ban >/dev/null
+) || exiterr2
 
-bigecho "Compiling and installing Libreswan..."
+bigecho "Downloading Libreswan..."
 
 SWAN_VER=4.2
 swan_file="libreswan-$SWAN_VER.tar.gz"
 swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
 swan_url2="https://download.libreswan.org/$swan_file"
-if ! { wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -nv -O "$swan_file" "$swan_url2"; }; then
-  exit 1
-fi
+(
+  set -x
+  wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
+) || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
 tar xzf "$swan_file" && /bin/rm -f "$swan_file"
+
+bigecho "Compiling and installing Libreswan, please wait..."
+
 cd "libreswan-$SWAN_VER" || exit 1
 cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS=-w
@@ -209,7 +235,10 @@ if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
 fi
 NPROCS=$(grep -c ^processor /proc/cpuinfo)
 [ -z "$NPROCS" ] && NPROCS=1
-make "-j$((NPROCS+1))" -s base && make -s install-base
+(
+  set -x
+  make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
+)
 
 cd /opt/src || exit 1
 /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"