Openvpn Server code for Centos installation and configuration

Source: Internet
Author: User
Tags install openssl mkdir openssl vars zookeeper centos


Code

[Root @ vpnserver ~] # Ntpdate time.nist.gov
[Root @ vpnserver ~] # Mkdir/byrd/tools-p
[Root @ vpnserver ~] # Mkdir/byrd/service
[Root @ vpnserver ~] # Cd/byrd/tools/
[Root @ vpnserver tools] # wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.06.tar.gz # lzo compression module
[Root @ vpnserver tools] # tar zxf lzo-2.06.tar.gz
[Root @ vpnserver tools] # cd lzo-2.06
[Root @ vpnserver lzo-2.06] #./configure
[Root @ vpnserver lzo-2.06] # make & make install
[Root @ vpnserver lzo-2.06] # echo $?
0
[Root @ vpnserver lzo-2.06] # cd ..
[Root @ vpnserver tools] # wget http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz
[Root @ vpnserver tools] # tar zxf openvpn-2.2.2.tar.gz
[Root @ vpnserver tools] # cd openvpn-2.2.2
[Root @ vpnserver openvpn-2.2.2] #./configure -- with-lzo-headers =/usr/local/include -- with-lzo-lib =/usr/local/lib
[Root @ vpnserver openvpn-2.2.2] # make & make install
[Root @ vpnserver openvpn-2.2.2] # echo $?
0 [root @ vpnserver openvpn-2.2.2] # rpm-qa openssl *
Openssl-1.0.1e-42.el6_7.4.x86_64
Openssl-devel-1.0.1e-42.el6_7.4.x86_64
[Root @ vpnserver openvpn-2.2.2] # cd easy-rsa/2.0/
[Root @ vpnserver 2.0] # ll
Total 128
-Rwxrwxr-x. 1 500 500 119 Nov 25 2011 build-ca
-Rwxrwxr-x. 1 500 500 352 Nov 25 2011 build-dh
-Rwxrwxr-x. 1 500 500 188 Nov 25 2011 build-inter
-Rwxrwxr-x. 1 500 500 163 Nov 25 2011 build-key
-Rwxrwxr-x. 1 500 500 157 Nov 25 2011 build-key-pass
-Rwxrwxr-x. 1 500 500 249 Nov 25 2011 build-key-pkcs12
-Rwxrwxr-x. 1 500 500 268 Nov 25 2011 build-key-server
-Rwxrwxr-x. 1 500 500 213 Nov 25 2011 build-req
-Rwxrwxr-x. 1 500 500 158 Nov 25 2011 build-req-pass
-Rwxrwxr-x. 1 500 500 428 Nov 25 2011 clean-all
-Rwxrwxr-x. 1 500 500 1457 Nov 25 2011 inherit-inter
-Rwxrwxr-x. 1 500 500 295 Nov 25 2011 list-crl
-Rw-r --. 1 500 500 413 Nov 25 2011 Makefile
-Rwxrwxr-x. 1 500 500 7768 Oct 21 2010 openssl-0.9.6.cnf
-Rwxrwxr-x. 1 500 500 8325 Nov 25 2011 openssl-0.9.8.cnf
-Rwxrwxr-x. 1 500 500 8222 Nov 25 2011 openssl-1.0.0.cnf
-Rwxrwxr-x. 1 500 500 12675 Nov 25 2011 pkitool
-Rw-r --. 1 500 500 9299 Nov 25 2011 README
-Rwxrwxr-x. 1 500 500 918 Nov 25 2011 revoke-full
-Rwxrwxr-x. 1 500 500 178 Nov 25 2011 sign-req
-Rwxrwxr-x. 1 500 500 1841 Nov 25 2011 vars
-Rwxrwxr-x. 1 500 500 714 Nov 25 2011 whichopensslcnf
[Root @ vpnserver 2.0] # cp vars. bk
[Root @ vpnserver 2.0] # tail-12 vars
# Don't leave any of these fields blank.
Export KEY_COUNTRY = "CN"
Export KEY_PROVINCE = "Zhejiang"
Export KEY_CITY = "Hangzhou"
Export KEY_ORG = "t4x.org"
Export KEY_EMAIL = "root@t4x.org"
Export KEY_EMAIL = root@t4x.org
Export KEY_CN = www.t4x.org
Export KEY_NAME = Byrd
Export KEY_OU = Byrd
Export PKCS11_MODULE_PATH = changeme
Export maid = 1234
[Root @ vpnserver 2.0] # source vars
NOTE: If you run./clean-all, I will be doing a rm-rf on/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
[Root @ vpnserver 2.0] #./clean-all
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 4
-Rw-r --. 1 root 0 Mar 9 13:00 index.txt
-Rw-r --. 1 root 3 Mar 9 13:00 serial
[Root @ vpnserver 2.0] #./build-ca
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Zhejiang]:
Locality Name (eg, city) [Hangzhou]:
Organization Name (eg, company) [t4x.org]:
Organizational Unit Name (eg, section) [Byrd]:
Common Name (eg, your name or your server's hostname) [www.t4x.org]: hz.t4x.org
Name [Byrd]:
Email Address [root@t4x.org]:
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 12
-Rw-r --. 1 root 1330 Mar 9 ca. crt
-Rw -------. 1 root 916 Mar 9 13:04 ca. key
-Rw-r --. 1 root 0 Mar 9 13:03 index.txt
-Rw-r --. 1 root 3 Mar 9 13:03 serial
[Root @ vpnserver 2.0] #./build-key-server
The Subject's Distinguished Name is as follows
CountryName: PRINTABLE: 'cn'
StateOrProvinceName: PRINTABLE: 'Zookeeper'
LocalityName: PRINTABLE: 'hangzhou'
OrganizationName: PRINTABLE: 't4x. org'
OrganizationalUnitName: PRINTABLE: 'Byrd'
CommonName: PRINTABLE: 'server'
Name: PRINTABLE: 'Byrd'
EmailAddress: IA5STRING: 'root @ t4x.org'
[Root @ vpnserver 2.0] #./build-key t4x
The Subject's Distinguished Name is as follows
CountryName: PRINTABLE: 'cn'
StateOrProvinceName: PRINTABLE: 'Zookeeper'
LocalityName: PRINTABLE: 'hangzhou'
OrganizationName: PRINTABLE: 't4x. org'
OrganizationalUnitName: PRINTABLE: 'Byrd'
CommonName: PRINTABLE: 't4x'
Name: PRINTABLE: 'Byrd'
EmailAddress: IA5STRING: 'root @ t4x.org'
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys
Total 64
-Rw-r --. 1 root 3893 Mar 9 t4x. crt
-Rw-r --. 1 root 765 Mar 9 t4x. csr
-Rw -------. 1 root 916 Mar 9 13:25 t4x. key
[Root @ vpnserver 2.0] #./build-dh # generate an exchange Key Protocol File
[Root @ vpnserver 2.0] # ll/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys/dh1024.pem
-Rw-r --. 1 root 245 Mar 9/byrd/tools/openvpn-2.2.2/easy-rsa/2.0/keys/dh1024.pem
[Root @ vpnserver 2.0] # openvpn -- genkey -- secret keys/ta. key
[Root @ vpnserver 2.0] # mkdir/etc/openvpns
[Root @ vpnserver 2.0] # cp-ap keys/etc/openvpn/
[Root @ vpnserver 2.0] ############### cp .. /.. /sample-config-files/client. conf/etc/openvpn/
[Root @ vpnserver 2.0] # cp.../sample-config-files/server. conf/etc/openvpn/
[Root @ vpnserver 2.0] # ll/etc/openvpn/
Total 16
Drwx ------ 2 root 4096 Mar 9 keys
-Rw-r -- 1 root 10288 Mar 9 server. conf
[Root @ vpnserver 2.0] # cd/etc/openvpn/
[Root @ vpnserver openvpn] # cp server. conf server. conf. bk
[Root @ vpnserver openvpn] # grep-vE "; |#| ^ $" server. conf # egrep-v "; |#| ^ $" server. conf
Port 1194
Proto udp
Dev tun
Ca. crt
Cert server. crt
Dh dh1024.pem
Server 10.8.0.0 255.255.255.0
Ifconfig-pool-persist ipp.txt
Keepalive 10 120
Comp-lzo
Persist-key
Persist-tun
Status openvpn-status.log
Verb 3


[Root @ hk openvpn] # cp/byrd/tools/openvpn-2.2.2/sample-scripts/openvpn. init/etc/init. d/openvpn


Configure: error: OpenSSL Crypto headers not found.
[Root @ vpnserver openvpn-2.2.2] # yum install openssl-devel
Configure: error: libpam required but missing
[Root @ vpnserver openvpn-2.2.2] # yum install pam-devel

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.