Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # Debian 8.5 x64
- # OpenVPN version 2.3.4
- # 05/09/2016
- # Check Arguments
- if [ $# -ne 1 ]
- then
- /bin/echo ''
- /bin/echo 'This script is meant to be used in the following manner:'
- /bin/echo ''
- /bin/echo $0 '$1'
- /bin/echo ''
- /bin/echo ' ***where $1 = client#/android#/ios# depending on type and operating system of new client***'
- /bin/echo ''
- /bin/echo ''
- else
- # Check if client certs/keys/profiles already exist
- if [ -e /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn ]
- then
- /bin/echo "It seems that $1 already has an existing ovpn profile built for this VPN. Verify and remove if you wish to build a new one..."
- else
- # Build client key
- /etc/openvpn/easy-rsa-master/easyrsa3/easyrsa build-client-full $1
- if [ ! -d /etc/openvpn/easy-rsa-master/keys/$1/$1 ]
- then
- # Create new client directory under the easy-rsa keys directory and copy keys/certs
- mkdir /etc/openvpn/easy-rsa-master/keys/$1
- /bin/cp /etc/openvpn/easy-rsa-master/easyrsa3/pki/issued/$1.crt /etc/openvpn/easy-rsa-master/keys/$1
- /bin/cp /etc/openvpn/easy-rsa-master/easyrsa3/pki/private/$1.key /etc/openvpn/easy-rsa-master/keys/$1
- /usr/bin/openssl rsa -in /etc/openvpn/easy-rsa-master/easyrsa3/pki/private/$1.key -out /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.key
- else
- /bin/cp /etc/openvpn/easy-rsa-master/easyrsa3/pki/issued/$1.crt /etc/openvpn/easy-rsa-master/keys/$1
- /bin/cp /etc/openvpn/easy-rsa-master/easyrsa3/pki/private/$1.key /etc/openvpn/easy-rsa-master/keys/$1
- /usr/bin/openssl rsa -in /etc/openvpn/easy-rsa-master/easyrsa3/pki/private/$1.key -out /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.key
- fi
- # Build ovpn profile using newly generated client key/cert and ca.crt
- /bin/cp /etc/openvpn/client.ovpn /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/cp /etc/openvpn/client.ovpn /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo '<ca>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/easyrsa3/pki/ca.crt >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo '</ca>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo ''
- /bin/echo '<ca>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/easyrsa3/pki/ca.crt >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo '</ca>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo ''
- /bin/echo '<cert>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/easyrsa3/pki/issued/$1.crt >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo '</cert>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo ''
- /bin/echo '<cert>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/easyrsa3/pki/issued/$1.crt >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo '</cert>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo ''
- /bin/echo '<key>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/easyrsa3/pki/private/$1.key >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo '</key>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1.ovpn
- /bin/echo ''
- /bin/echo '<key>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/cat /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.key >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- /bin/echo '</key>' >> /etc/openvpn/easy-rsa-master/keys/$1/$1nopass.ovpn
- fi
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement