API tools faq
paste
Advertisement
geirby

open_vpn_setup_history

geirby
Nov 2nd, 2021
888
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.11 KB | None | 0 0
raw download clone embed print report
  1. nano vars #set organization info
  2. ./easyrsa init-pki
  3. ./easyrsa build-ca nopass //create ca.crt
  4.  
  5. cd ../EasyRSA-v3.0.6_locahost/
  6. ./easyrsa init-pki
  7. ./easyrsa gen-req hz3server nopass
  8.  
  9. cp pki/private/hz3server.key /etc/openvpn/
  10.  
  11. #cp pki/reqs/hz3server.req /tmp/
  12. cd ../EasyRSA-v3.0.6
  13. ./easyrsa import-req /tmp/hz3server.req hz3server
  14. ./easyrsa sign-req server hz3server
  15. #Certificate created at: /path_to_easyrsa/EasyRSA-v3.0.6/pki/issued/hz3server.crt
  16.  
  17. cp /tmp/hz3server.crt /etc/openvpn/
  18. cp /tmp/ca.crt /etc/openvpn/
  19.  
  20. cd ../EasyRSA-v3.0.6_locahost/
  21. ./easyrsa gen-dh
  22. #DH parameters of size 2048 created at /path_to_easyrsa/EasyRSA-v3.0.6_localhost/pki/dh.pem
  23. openvpn --genkey --secret ta.key
  24. cp ta.key /etc/openvpn/
  25. cp pki/dh.pem /etc/openvpn/
  26.  
  27. mkdir -p client-config/keys
  28. ./easyrsa gen-req client1 nopass
  29. cp pki/private/client1.key client-config/keys/
  30.  
  31. cd ../EasyRSA-v3.0.6
  32. ./easyrsa import-req /tmp/client1.req client1
  33. ./easyrsa sign-req client client1
  34. cp pki/issued/client1.crt /path_to_easyrsa/EasyRSA-v3.0.6_localhost/client-config/keys
  35.  
  36. cd ../EasyRSA-v3.0.6_locahost/
  37. cp ta.key client-config/keys
  38. cp /etc/openvpn/ca.crt client-config/keys/
  39.  
  40. cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
  41. gzip -d /etc/openvpn/server.conf.gz
  42.  
  43. mkdir client-config/files
  44. cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf client-config/
  45. mv client-config/client.conf client-config/base.conf
  46.  
  47. touch client-config/make_config.sh
  48.  
  49. #!/bin/bash
  50. # First argument: Client identifier
  51. KEY_DIR=/root/openvpn/easyrsa/EasyRSA-v3.0.6_locahost/client-config/keys
  52. OUTPUT_DIR=/root/openvpn/easyrsa/EasyRSA-v3.0.6_locahost/client-config/files
  53. BASE_CONFIG=/root/openvpn/easyrsa/EasyRSA-v3.0.6_locahost/client-config/base.conf
  54. cat ${BASE_CONFIG} \
  55. <(echo -e '<ca>') \
  56. ${KEY_DIR}/ca.crt \
  57. <(echo -e '</ca>\n<cert>') \
  58. ${KEY_DIR}/${1}.crt \
  59. <(echo -e '</cert>\n<key>') \
  60. ${KEY_DIR}/${1}.key \
  61. <(echo -e '</key>\n<tls-auth>') \
  62. ${KEY_DIR}/ta.key \
  63. <(echo -e '</tls-auth>') \
  64. > ${OUTPUT_DIR}/${1}.ovpn
  65.  
  66.  
  67. chmod +x client-config/make_config.sh
  68. cd client-config/
  69. ./make_config.sh client1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!