openvpn
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
openvpn [2019/06/11 12:51] – maferreira | openvpn [2019/06/17 06:22] – maferreira | ||
---|---|---|---|
Line 6: | Line 6: | ||
apt-get install openvpn openssl curl jq vim --no-install-recommends </ | apt-get install openvpn openssl curl jq vim --no-install-recommends </ | ||
- Debian jessie (8) and stretch (9) repository have an old easy-rsa version (2.2) and we need at least 3.0.4, so we use github release. | - Debian jessie (8) and stretch (9) repository have an old easy-rsa version (2.2) and we need at least 3.0.4, so we use github release. | ||
+ | < | ||
+ | wget --no-check-certificate https:// | ||
+ | tar -xvzf EasyRSA-3.0.4.tgz | ||
+ | rm EasyRSA-3.0.4.tgz | ||
+ | mv EasyRSA-3.0.4/ | ||
+ | </ | ||
<note warning> | <note warning> | ||
- | < | + | - Generate a 2048 RSA public and private key for centrale, with server5 (use sub ca), and add them in < |
- | + | vim /etc/openvpn/server/port_number.key | |
- | - wget https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.4/EasyRSA-3.0.4.tgz | + | vim /etc/openvpn/server/port_number.crt |
- | - tar -xvzf EasyRSA-3.0.4.tgz | + | chmod 660 port_number.key port_number.crt #both files must belong to root:root |
- | - rm EasyRSA-3.0.4.tgz | + | |
- | - mv EasyRSA-3.0.4/ | + | |
</ | </ | ||
- | |||
- | - Generate a 2048 RSA public and private key for centrale, with server5 (use sub ca), and add them in < | ||
- | vim / | ||
- | chmod 660 port_number.key port_number.crt #both files must belong to root: | ||
- Generate diffie hellman file< | - Generate diffie hellman file< | ||
- Generate additonal key for tls-auth mode< | - Generate additonal key for tls-auth mode< |
openvpn.txt · Last modified: 2019/06/17 06:22 by maferreira