Patch/openvpn-install
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added support for tls key

Browse Source
This commit is contained in:
Philipp Menge 2015-11-28 18:39:55 +01:00
parent e58addc2c5
commit 095ebee8c3
1 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openvpn-install.sh
View File

@ -50,6 +50,9 @@ newclient () {
echo "<key>" >> ~/$1.ovpn echo "<key>" >> ~/$1.ovpn
cat /etc/openvpn/easy-rsa/pki/private/$1.key >> ~/$1.ovpn cat /etc/openvpn/easy-rsa/pki/private/$1.key >> ~/$1.ovpn
echo "</key>" >> ~/$1.ovpn echo "</key>" >> ~/$1.ovpn
echo "<tls-auth>" >> ~/$1.ovpn
cat /etc/openvpn/easy-rsa/ta.key >> ~/$1.ovpn
echo "</tls-auth>"
} }
@ -216,8 +219,9 @@ else
./easyrsa build-server-full server nopass ./easyrsa build-server-full server nopass
./easyrsa build-client-full $CLIENT nopass ./easyrsa build-client-full $CLIENT nopass
./easyrsa gen-crl ./easyrsa gen-crl
openvpn --genkey --secret ta.key
# Move the stuff we need # Move the stuff we need
cp pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn cp ta.key pki/ca.crt pki/private/ca.key pki/dh.pem pki/issued/server.crt pki/private/server.key /etc/openvpn
# Generate server.conf # Generate server.conf
echo "port $PORT echo "port $PORT
proto udp proto udp
@ -230,7 +234,8 @@ key server.key
dh dh.pem dh dh.pem
topology subnet topology subnet
server 10.8.0.0 255.255.255.0 server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf ifconfig-pool-persist ipp.txt
tls-auth ta.key 0" > /etc/openvpn/server.conf
echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf
# DNS # DNS
case $DNS in case $DNS in