2023-7-9 myluzh
OpenVPN
0x01 install.sh
#!/bin/bash
#
# https://github.com/hwdsl2/openvpn-install
#
# Based on the work of Nyr and contributors at:
# https://github.com/Nyr/openvpn-install
#
# Copyright (c) 2022-2023 Lin Song <linsongui@gmail.com>
# Copyright (c) 2013-2023 Nyr
#
# Released under the MIT License, see the accompanying file LICENSE.txt
# or https://opensource.org/licenses/MIT
exiterr() { echo "Error: $1" >&2; exit 1; }
exiterr2() { exiterr "'apt-get install' failed."; }
exiterr3() { exiterr "'y...
阅读全文>>
标签: openvpn
评论(0)
(302)
2023-2-4 myluzh
OpenVPN
1、配置OpenVPN
vim /etc/openvpn/checkpsw.sh
#!/bin/sh
###########################################################
# checkpsw.sh (C) 2004 Mathias Sundman
#
# This script will authenticate OpenVPN users against
# a plain text file. The passfile should simply contain
# one row per user with the username first followed by
# one or more space(s) or tab(s) and then the password.
PASSFILE="/etc/openvpn/psw-file"
LOG_FILE="/etc/openvpn/openvpn-password.log"
TIME_STAMP=`date "+%Y-%m-%d %T"`
###################...
阅读全文>>
标签: openvpn
评论(0)
(518)
2023-2-3 myluzh
OpenVPN
1.编辑client.ovpn客户端配置文件:
2.删除在这里我把它们注释掉:
ca ca.crt 改为:#ca ca.crtcert
client.crt 改为:#cert client.crtkey
client.key 改为:#key client.key
tls-auth ta.key 1 改为:#tls-auth ta.key 1
3.在最后面添加以下内容:
<ca>
ca.crt文件内容
</ca>
<cert>
client.crt文件内容
</cert>
<key>
client.key文件内容
</key>
key-direction 1
<tls-auth>
ta.key文件内容
</tls-auth>
阅读全文>>
标签: openvpn
评论(0)
(774)
2023-2-2 myluzh
OpenVPN
0x01 安装OpenVPN
#临时关闭selinux
setenforce 0
#添加epel yum源
wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean
yum makecache
#yum安装包
yum install openvpn -y
0x02 证书制作
# 下载安装easy-rsa
wget https://github.com/OpenVPN/easy-rsa/releases/download/v3.1.2/EasyRSA-3.1.2.tgz
tar xf EasyRSA-3.1.2.tgz
mkdir -p /etc/openvpn/easy-rsa3
cp -r EasyRSA-3.1.2/* /etc/openvpn/easy-rsa3
# 进入easy-rsa3目录
cd /etc/openvpn/easy-rsa3/
#初始化目录
./easyrsa init-pki
# 复制vars文件模板
cp /etc/open...
阅读全文>>
标签: centos openvpn easy-rsa
评论(0)
(489)
2023-1-31 myluzh
OpenVPN
设备:rb750gr3
ROS版本:v6.49.7
一、创建证书
1.创建CA证书
进入System->Certificates->Certificates页面,创建证书。
在General页面填写Name与CommonName为"ovpnCA"。切换到Key Usage选项卡,勾选"key cert. sign","crl sign"。
完成后点击 Apply 后点击 Sign 进行签名。其中,Certificate 选择刚刚创建的 CA 证书,CA CRL Host 填写路由器的地址,最后点击 Start,开始签名。签名完成后,重新回到 General 页面,检查是否勾选了 Trusted 标记。
2.创建服务器证书
与创建 CA 证书方式一样,填写 General页面下的Name与CommonName为"ovpnServer"。切换到 Key Usage 页面,勾选"digital signature","key encipherment","tls server"。
点击 Apply 后点击 Sign 进行签名。在Sign页面CA选项中需要选择刚刚创建的CA证书进行签...
阅读全文>>
标签: routeros openvpn
评论(0)
(1314)