From a9dbd90aacab48d44dac3d6525be7e710fdf9e2f Mon Sep 17 00:00:00 2001 From: David Luevano Alvarado Date: Sun, 1 Aug 2021 03:28:02 -0600 Subject: fix minor stuff --- blog/dst/a/vpn_server_with_openvpn.html | 6 +++--- blog/dst/rss.xml | 10 +++++----- blog/src/.files | 2 +- blog/src/a/vpn_server_with_openvpn.md | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/blog/dst/a/vpn_server_with_openvpn.html b/blog/dst/a/vpn_server_with_openvpn.html index 5c4eeda..000e72a 100644 --- a/blog/dst/a/vpn_server_with_openvpn.html +++ b/blog/dst/a/vpn_server_with_openvpn.html @@ -296,7 +296,7 @@ verb 3

Where you should make any changes necessary, depending on your configuration.

Now, we need a way to create and revoke new configuration files. For this I created a script, heavily based on one of the links I mentioned at the beginning, by the way. You can place these scripts anywhere you like, and you should take a look before running them because you’ll be running them as root.

In a nutshell, what it does is: generate a new client certificate keypair, update the CRL and create a new .ovpn configuration file that consists on the client-common data and all of the required certificates; or, revoke an existing client and refresh the CRL. The file is placed under ~/ovpn.

-

Create a new file with the following content (name it whatever you like) and don’t forget to make it executable (chmod +x script_name):

+

Create a new file with the following content (name it whatever you like) and don’t forget to make it executable (chmod +x vpn_script):

#!/bin/sh
 # Client ovpn configuration creation and revoking.
 MODE=$1
@@ -351,7 +351,7 @@ chown nobody:nobody pki/crl.pem
 chmod o+r pki/crl.pem
 cd $CPWD
 
-

And the way to use is to run ovpn_script new/rev client_name as sudo (when revoking, it doesn’t actually deletes the .ovpn file in ~/ovpn). Again, this is a little script that I put together, so you should check it out, it might need tweaks (depending on your directory structure for easy-rsa) and it might have errors.

+

And the way to use is to run vpn_script new/rev client_name as sudo (when revoking, it doesn’t actually deletes the .ovpn file in ~/ovpn). Again, this is a little script that I put together, so you should check it out, it may need tweaks (depending on your directory structure for easy-rsa) and it could have errors.

Now, just get the .ovpn file generated, import it to OpenVPN in your client of preference and you should have a working VPN service.