New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
OpenVPN automated installer
Few people asked me for the link since it wast lost with the hacks:
https://github.com/Nyr/openvpn-install
It's an script that will set up OpenVPN on Debian-based systems and generate certs/config automagically.
https://github.com/Nyr/openvpn-install
It's an script that will set up OpenVPN on Debian-based systems and generate certs/config automagically.
Comments
If I were to add something like that I would probably want a TCP+UDP option, but that involves two daemons and few more work.
Noob question, can openvpn be installed on the same vps as a controll panel, like kloxo?
Thanks
Yes.
Wow! Thanks a lot. I've been trying to install OpenVPN now for about 3 days. I tried autoinstaller, different tutorials and nothing was working. But your installer works great! And with it I can easily set up new accounts or delete old ones. Thank you so much!
Edit: just a short question: it uses 1024bit encryption right?
OpenVPN only uses long PKI keys for authentication. 2048 bit keys by default IIRC, but doesn't really matter.
During the session, symmetric-key algorithms with lower key lengths are used.
TL;DR: don't worry.
just noticed line 27 and 31 are slightly different of using "grep -q '.'"
not sure if supposed to be like this?
Ok thanks
another question: you wrote that there might be a problem with using this script @lowendspirit boxes because of the NAT IPv4. Is this problem solved, when I set the right IP while the script is running?
Yeah, the -q means it doesn't show the output and I didn't needed sdout the first time it's used
The internal IP with LowEndSpirit boxes is autodetected, so no need to touch that during the setup. Once installation finishes, you need to set the external IPv4 instead the internal one on your client.conf.
But the script asks about the Ip, doesn't it? Isn't it possible to set it there?
It's possible (and needed) to set the internal IP there. If you set the public IP instead, isn't going to work with a NATed box.
Okay but with a normal VPS I have to enter the external IP?
No.
I think we are meaning different things :P
I mean this field:
First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 111.222.333.444
Here I have to enter the IPv4 if it's not a NAT'ed VPS, haven't I?
The IP should be autodetected. If it isn't, or it's wrong, you can enter your VPS IP there, but the default should work on most setups.
Yeah and I mean if it's possible to enter here the external IP from a NAT'ed VPS. Not possible right? I have leave the default IP and change the IP in the client.conf file to the external IP?
Correct. Just follow the instructions.
Fantastic script, I used it to setup a VPN for a friend of mine today on a httpzoom node and it worked perfect!
Yeah! Using this script @bandwagonhost and @httpzoom both debian 6.0.7 64bit minimal.
Works perfectly, all done within minutes! Thanks
awesome update! thanks
Awesome script. You could use bash functions and reduce the size a bit. I'd also like an option to build openvpn from source too, instead of the apt package. I made a fork of it and trying that. The source package doesn't seem to have easy-rsa examples.
Neither do new OpenVPN packages. Just use the easy-rsa directory from this repo:
https://github.com/OpenVPN/easy-rsa
@joelgm @awson looks like easy-rsa will be available as a separate package with future Debian versions. I will update the script in the future to either use that package from the repos or a standalone one before jessie becomes stable
@joelgm I know I should use some functions too. Will cleanup the script in the future before adding new features.
I don't plan on compiling from the sources in the near future, I don't think that would be a good idea on very low RAM containers.
Thanks for the suggestions, guys!
ideas: possible of adding more customized ports and option to listen to tcp as well?
Maybe in the future, that was requested by another user too
Is anyone else having everything error out after the DH key is generated? Until that point, the script was working as expected. Any ideas what caused this or how to fix it?
@Nyr
./openvpn-install.sh: line 160: cd: /usr/share/doc/openvpn/examples/sample-config-files: No such file or directory
gzip: server.conf.gz: No such file or directory
cp: cannot stat
server.conf': No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory ./openvpn-install.sh: line 185: /etc/init.d/openvpn: No such file or directory sed: can't read /usr/share/doc/openvpn/examples/sample-config-files/client.conf: No such file or directory cp: cannot stat
/usr/share/doc/openvpn/examples/sample-config-files/client.conf': No such file or directorysed: can't read client.conf: No such file or directory
sed: can't read client.conf: No such file or directory
tar: client.conf: Cannot stat: No such file or directory
tar: Exiting with failure status due to previous errors
If you want to add more clients, you simply need to run this script another time!
@user123 that's weird. Can you please tell me what Linux distro and version are you using the script in?
@Nyr Debian 6.0 32-bit. 2.6.32-042stab074.10.
@user123 there is definitely something weird going on, since the directory appearing as missing is definitely there on the official Debían Squeeze packages.
I don't know if that's possible, but could I maybe get access to that box you are trying to install the script in?
If not, please paste here the output of:
dpkg --get-selections | grep openvpn
Also a ls of:
/usr/share/doc/openvpn