head.daveops.net

Snippets for yer computer needs

OpenVPN

OpenVPN

Setting up an OpenVPN server —————————-

# Set up a cert. authority cd /etc/openvpn/easy-rsa/ # Edit the vars file . ./vars ./clean-all ./build-ca # Create server certs ./build-key-server server # Create client certs ./build-key client1 # Build Diffie Hellman parameters ./build-dh

Hardening

CLI misc

# See list of supported ciphers openvpn –show-ciphers # See list of supported HMACs openvpn –show-digests # See list of supported TLS cipher-suites openvpn –show-tls

Using a static key

# generate static key openvpn –genkey –secret static.key

In configuration files:

secret static.key # or

Key contents