You need to turn on SSH to connect your cloud server as root or user using sudo to access SSH connections. This guide assumes that users use sudo access. But you can take things using roots only by stripping "sudo" from the start of each command. If you are running Linux or Mac on your system, you can use the SSH terminal program. If you are using Windows, you can use putty to login to SSH. Once the terminal is open, assuming you are using the LINUX/MAC system, you can login to enter the following command:
SSH username@ipaddress
Enter the password you want, you can start setting up OpenVPN.
Install OpenVPN and generate the necessary files
Before starting the installation OpenVPN and its prerequisites, we should make sure all the packages in our system are up to date. We can use the following command:
sudo apt-get update
This should be appropriate for the Debian Package Manager. Download all the update packages.
sudo apt-get upgrade
After our system downloads all the updates, we can finally install OpenVPN.
sudo apt-get install OpenVPN udev
Once the installation is complete, you can start configuring OpenVPN. First, you should encrypt all the files in their default directory directory should be in the cloud server to read them.
sudo cp-r/usr/share/doc/openvpn/examples/easy-rsa/etc/openvpn
Now that you've done that, you can start generating RSA algorithm files for your VPN. You will be asked to provide various when you produce these key values. You can set these regardless of what you want, but remember that they will be included in the generated certificate.
cd/etc/openvpn/easy-rsa/2.0/
Then generate the RSA file:
sudo./vars
sudo./clean-all
sudo./build-ca
After the certificate is generated, you can have the server private key. To do this, type the following command, and then change the name server you want to OpenVPN the server. This script will also ask you for information.
Sudo. /etc/openvpn/easy-rsa/2.0/build-key-server Server
Generate Diffie Herman key exchange parameters.
Sudo. /etc/openvpn/easy-rsa/2.0/build-dh
A OpenVPN host is now being generated for each client to generate the key. You should do this step for each client installation will be hosted to ensure that each customer's key identifier is unique.
Sudo. /etc/openvpn/easy-rsa/2.0/build-key Client
Move the file server certificate and key to the/etc/openvpn directory. Replace the server. CRT and server. The file name that is used primarily.
sudo cp/etc/openvpn/easy-rsa/2.0/keys/ca.crt/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/ca.key/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/server.crt/etc/openvpn
sudo cp/etc/openvpn/easy-rsa/2.0/keys/server.key/etc/openvpn
If you need to remove someone else's access VPN, send only the following two commands. Replace "Client" with the name of the customer is deleted.
Sudo. /etc/openvpn/easy-rsa/2.0/vars
Sudo. /etc/openvpn/easy-rsa/2.0/revoke-full client1
Configure OpenVPN
Now that you have generated a profile for us, you can configure your OpenVPN server and client. Retrieve the file and execute the following command:
sudo gunzip-d/usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz
sudo cp/usr/share/doc/openvpn/examples/sample-config-files/server.conf/etc/openvpn
sudo cp/usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/
Cd
You should modify the client configuration file to match what you want it to do. You can also modify some of the values in the following file to match what you want. To do this, first change the "remote" option, which can connect to your cloud server's IP address on which port to configure your OpenVPN to run on. Then change the "certificate" and "key" values to reflect the name of your certificate and key. After editing these values, you can save the file, type Ctrl + X, "Y" type, and then enter.
Now client Profile copy, along with client key and certificate located on/etc/openvpn/easy-rsa/2.0/key to local client machine.
Nano ~/client.conf
After you do this, you only need to make some changes to the server configuration file before we finish. Changing the file's "certificate" and "critical" options point to the following file to match the certificate and key used by your server.
sudo nano/etc/openvpn/server.conf
After this step, you're ready! Just reboot OpenVPN and you have a job OpenVPN install Debian 6!
Sudo/etc/init.d/openvpn restart
To this end, the installation is complete.