initial commit of wilks work

2011-09-24 12:31:57 -07:00 · 2011-09-24 12:31:57 -07:00 · 2969c701a0
commit 2969c701a0
parent 49f2d02dc2
1 changed files with 60 additions and 0 deletions
--- a/tools/install_openvpn.sh
+++ b/tools/install_openvpn.sh
@ -0,0 +1,60 @@
 # rough history from wilk - need to cleanup
 apt-get install -y openvpn bridge-utils
 cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/easy-rsa/
 cd /etc/openvpn/easy-rsa
 source vars
 ./clean-all
 ./build-dh
 ./pkitool --initca
 ./pkitool --server server
 ./pkitool client1
 cd keys
 openvpn --genkey --secret ta.key  ## Build a TLS key
 cp server.crt server.key ca.crt dh1024.pem ta.key ../../
 cd ../../
 cat >/etc/openvpn/server.conf <<EOF
 duplicate-cn
 port 6081
 proto tcp
 dev tun
 ca ca.crt
 cert server.crt
 key server.key  # This file should be kept secret
 dh dh1024.pem
 server 172.16.28.0 255.255.255.0
 ifconfig-pool-persist ipp.txt
 push "route 10.0.0.0 255.255.255.224"
 comp-lzo
 persist-key
 persist-tun
 status openvpn-status.log
 EOF
 /etc/init.d/openvpn restart
 echo Use the following ca for your client:
 cat /etc/openvpn/ca.crt
 echo
 echo Use the following cert for your client
 cat /etc/openvpn/easy-rsa/keys/client1.crt 
 echo
 echo Use the following key for your client
 cat /etc/openvpn/easy-rsa/keys/client1.key 
 echo
 echo Use the following client config:
 cat <<EOF
 ca ca.crt
 cert client.crt
 key client.key
 client
 dev tun
 proto tcp
 remote 50.56.12.212 6081
 resolv-retry infinite
 nobind
 persist-key
 persist-tun
 comp-lzo
 verb 3
 EOF