Wednesday, November 17, 2021

openvpn installation from openvpn-install.sh

fallowed https://www.cyberciti.biz/faq/ubuntu-18-04-lts-set-up-openvpn-server-in-5-minutes/

 

 Welcome to this OpenVPN road warrior installer!

This server is behind NAT. What is the public IPv4 address or hostname?
Public IPv4 address / hostname [129.151.67.166]:

Which protocol should OpenVPN use?
   1) UDP (recommended)
   2) TCP
Protocol [1]:

What port should OpenVPN listen to?
Port [1194]:

Select a DNS server for the clients:
   1) Current system resolvers
   2) Google
   3) 1.1.1.1
   4) OpenDNS
   5) Quad9
   6) AdGuard
DNS server [1]: 3

Enter a name for the first client:
Name [client]:

OpenVPN installation is ready to begin.
Press any key to continue...
Hit:1 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:2 http://uk-cardiff-1-ad-1.clouds.archive.ubuntu.com/ubuntu focal InRelease
Get:3 http://uk-cardiff-1-ad-1.clouds.archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:4 http://uk-cardiff-1-ad-1.clouds.archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Fetched 214 kB in 1s (230 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20210119~20.04.2).
ca-certificates set to manually installed.
openssl is already the newest version (1.1.1f-1ubuntu2.9).
openssl set to manually installed.
The following additional packages will be installed:
  libpkcs11-helper1
Suggested packages:
  resolvconf openvpn-systemd-resolved easy-rsa
The following NEW packages will be installed:
  libpkcs11-helper1 openvpn
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 521 kB of archives.
After this operation, 1343 kB of additional disk space will be used.
Get:1 http://uk-cardiff-1-ad-1.clouds.archive.ubuntu.com/ubuntu focal/main amd64 libpkcs11-helper1 amd64 1.26-1 [44.3 kB]
Get:2 http://uk-cardiff-1-ad-1.clouds.archive.ubuntu.com/ubuntu focal-updates/main amd64 openvpn amd64 2.4.7-1ubuntu2.20.04.3 [477 kB]
Fetched 521 kB in 1s (754 kB/s)
Preconfiguring packages ...
Selecting previously unselected package libpkcs11-helper1:amd64.
(Reading database ... 109458 files and directories currently installed.)
Preparing to unpack .../libpkcs11-helper1_1.26-1_amd64.deb ...
Unpacking libpkcs11-helper1:amd64 (1.26-1) ...
Selecting previously unselected package openvpn.
Preparing to unpack .../openvpn_2.4.7-1ubuntu2.20.04.3_amd64.deb ...
Unpacking openvpn (2.4.7-1ubuntu2.20.04.3) ...
Setting up libpkcs11-helper1:amd64 (1.26-1) ...
Setting up openvpn (2.4.7-1ubuntu2.20.04.3) ...
 * Restarting virtual private network daemon.                                                                                                                                                               [ OK ]
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn.service → /lib/systemd/system/openvpn.service.
Processing triggers for systemd (245.4-4ubuntu3.13) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...

init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/server/easy-rsa/pki


Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020
Generating RSA private key, 2048 bit long modulus (2 primes)
..................................+++++
...........................................................+++++
e is 65537 (0x010001)

Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020
Generating a RSA private key
.........+++++
................................................................................................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-26177.SPTIGN/tmp.5GtBwo'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-26177.SPTIGN/tmp.sr4zkA
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'server'
Certificate is to be certified until Nov 14 21:22:43 2031 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020
Generating a RSA private key
...+++++
.......................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-26252.cc46tn/tmp.ab6NsL'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-26252.cc46tn/tmp.XqmxyS
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'client'
Certificate is to be certified until Nov 14 21:22:43 2031 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Using SSL: openssl OpenSSL 1.1.1f  31 Mar 2020
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-26308.ZWa4G1/tmp.efAUfB

An updated CRL has been created.
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem


Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.

Finished!

The client configuration is available in: /root/client.ovpn
New clients can be added by running this script again.

No comments: