Linux下安装OpenVPN Server并生成客户端配置

企业开发 2018-04-17 08:44:20 阅读次数: 8
1、创建openvpnserver目录

关键命令:

mkdir openvpnserver
过程命令: 
bin  Dockerfile  etc  games  include  lib  lib64  libexec  nginx  nginx-1.12.2  nginx-rtmp-module  sbin  share  src
[root@localhost local]# mkdir openvpnserver
[root@localhost local]# ls
bin  Dockerfile  etc  games  include  lib  lib64  libexec  nginx  nginx-1.12.2  nginx-rtmp-module  openvpnserver  sbin  share  src
2、下载程序安装脚本

下载命令:

wget https://git.io/vpn -O openvpn-install.sh
过程命令: 
[root@localhost local]# cd openvpnserver
[root@localhost openvpnserver]# wget https://git.io/vpn -O openvpn-install.sh
--2018-04-16 04:30:02--  https://git.io/vpn
Resolving git.io (git.io)... 50.16.232.79, 50.17.225.199, 50.19.93.33, ...
Connecting to git.io (git.io)|50.16.232.79|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh [following]
--2018-04-16 04:30:08--  https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh
Resolving raw.github.com (raw.github.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...
Connecting to raw.github.com (raw.github.com)|151.101.0.133|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh [following]
--2018-04-16 04:30:10--  https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.0.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15071 (15K) [text/plain]
Saving to: ‘openvpn-install.sh’

100%[=====================================================================================================================================================>] 15,071      --.-K/s   in 0.1s    

2018-04-16 04:30:11 (109 KB/s) - ‘openvpn-install.sh’ saved [15071/15071]

[root@localhost openvpnserver]# ls
3、OpenVPN 服务端的安装和配置

关键命令:

bash openvpn-install.sh

过程命令:

openvpn-install.sh
[root@localhost openvpnserver]# sudo su
[root@localhost openvpnserver]# bash openvpn-install.sh
Welcome to this quick OpenVPN "road warrior" installer

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 172.16.20.10

Which protocol do you want for OpenVPN connections?
   1) UDP (recommended)
   2) TCP
Protocol [1-2]: 2

What port do you want OpenVPN listening to?
Port: 1194

Which DNS do you want to use with the VPN?
   1) Current system resolvers
   2) 1.1.1.1
   3) Google
   4) OpenDNS
   5) Verisign
DNS [1-5]: 3

Finally, tell me your name for the client certificate
Please, use one word only, no special characters
Client name: client

Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base                                                                                                                                                                    | 3.6 kB  00:00:00     
epel/x86_64/metalink                                                                                                                                                    | 6.5 kB  00:00:00     
epel                                                                                                                                                                    | 4.7 kB  00:00:00     
extras                                                                                                                                                                  | 3.4 kB  00:00:00     
updates                                                                                                                                                                 | 3.4 kB  00:00:00     
(1/4): epel/x86_64/updateinfo                                                                                                                                           | 775 kB  00:00:01     
(2/4): extras/7/x86_64/primary_db                                                                                                                                       | 185 kB  00:00:06     
(3/4): epel/x86_64/primary_db                                                                                                                                           | 6.0 MB  00:00:11     
(4/4): updates/7/x86_64/primary_db                                                                                                                                      | 6.9 MB  00:00:23     
Determining fastest mirrors
 * base: mirrors.cqu.edu.cn
 * epel: mirrors.tongji.edu.cn
 * extras: mirrors.cn99.com
 * updates: mirrors.cqu.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:6-8 will be updated
---> Package epel-release.noarch 0:7-9 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================
 Package                                            Arch                                         Version                                    Repository                                    Size
===============================================================================================================================================================================================
Updating:
 epel-release                                       noarch                                       7-9                                        extras                                        14 k

Transaction Summary
===============================================================================================================================================================================================
Upgrade  1 Package

Total download size: 14 k
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
epel-release-7-9.noarch.rpm                                                                                                                                             |  14 kB  00:00:05     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : epel-release-7-9.noarch                                                                                                                                                     1/2 
  Cleanup    : epel-release-6-8.noarch                                                                                                                                                     2/2 
  Verifying  : epel-release-7-9.noarch                                                                                                                                                     1/2 
  Verifying  : epel-release-6-8.noarch                                                                                                                                                     2/2 

Updated:
  epel-release.noarch 0:7-9                                                                                                                                                                    

Complete!
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.cqu.edu.cn
 * epel: mirrors.tongji.edu.cn
 * extras: mirrors.cn99.com
 * updates: mirrors.cqu.edu.cn
Package 1:openssl-1.0.2k-8.el7.x86_64 already installed and latest version
Package wget-1.14-15.el7_4.1.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package ca-certificates.noarch 0:2015.2.6-73.el7 will be updated
---> Package ca-certificates.noarch 0:2017.2.14-71.el7 will be an update
--> Processing Dependency: p11-kit-trust >= 0.23.5 for package: ca-certificates-2017.2.14-71.el7.noarch
--> Processing Dependency: p11-kit >= 0.23.5 for package: ca-certificates-2017.2.14-71.el7.noarch
---> Package iptables.x86_64 0:1.4.21-17.el7 will be updated
---> Package iptables.x86_64 0:1.4.21-18.3.el7_4 will be an update
---> Package openvpn.x86_64 0:2.4.5-1.el6 will be installed
--> Processing Dependency: liblz4.so.1()(64bit) for package: openvpn-2.4.5-1.el6.x86_64
--> Processing Dependency: libpkcs11-helper.so.1()(64bit) for package: openvpn-2.4.5-1.el6.x86_64
--> Running transaction check
---> Package lz4.x86_64 0:r131-1.el6 will be installed
---> Package p11-kit.x86_64 0:0.20.7-3.el7 will be updated
---> Package p11-kit.x86_64 0:0.23.5-3.el7 will be an update
---> Package p11-kit-trust.x86_64 0:0.20.7-3.el7 will be updated
---> Package p11-kit-trust.x86_64 0:0.23.5-3.el7 will be an update
---> Package pkcs11-helper.x86_64 0:1.11-3.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================
 Package                                          Arch                                    Version                                               Repository                                Size
===============================================================================================================================================================================================
Installing:
 openvpn                                          x86_64                                  2.4.5-1.el6                                           epel                                     492 k
Updating:
 ca-certificates                                  noarch                                  2017.2.14-71.el7                                      base                                     472 k
 iptables                                         x86_64                                  1.4.21-18.3.el7_4                                     updates                                  428 k
Installing for dependencies:
 lz4                                              x86_64                                  r131-1.el6                                            epel                                      63 k
 pkcs11-helper                                    x86_64                                  1.11-3.el6                                            epel                                      54 k
Updating for dependencies:
 p11-kit                                          x86_64                                  0.23.5-3.el7                                          base                                     252 k
 p11-kit-trust                                    x86_64                                  0.23.5-3.el7                                          base                                     129 k

Transaction Summary
===============================================================================================================================================================================================
Install  1 Package  (+2 Dependent packages)
Upgrade  2 Packages (+2 Dependent packages)

Total download size: 1.8 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/7): ca-certificates-2017.2.14-71.el7.noarch.rpm                                                                                                                      | 472 kB  00:00:00     
(2/7): p11-kit-trust-0.23.5-3.el7.x86_64.rpm                                                                                                                            | 129 kB  00:00:00     
(3/7): lz4-r131-1.el6.x86_64.rpm                                                                                                                                        |  63 kB  00:00:06     
(4/7): iptables-1.4.21-18.3.el7_4.x86_64.rpm                                                                                                                            | 428 kB  00:00:06     
(5/7): openvpn-2.4.5-1.el6.x86_64.rpm                                                                                                                                   | 492 kB  00:00:06     
(6/7): p11-kit-0.23.5-3.el7.x86_64.rpm                                                                                                                                  | 252 kB  00:00:07     
(7/7): pkcs11-helper-1.11-3.el6.x86_64.rpm                                                                                                                              |  54 kB  00:00:07     
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                          221 kB/s | 1.8 MB  00:00:08     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : p11-kit-0.23.5-3.el7.x86_64                                                                                                                                                1/11 
  Updating   : p11-kit-trust-0.23.5-3.el7.x86_64                                                                                                                                          2/11 
  Installing : lz4-r131-1.el6.x86_64                                                                                                                                                      3/11 
  Installing : pkcs11-helper-1.11-3.el6.x86_64                                                                                                                                            4/11 
  Installing : openvpn-2.4.5-1.el6.x86_64                                                                                                                                                 5/11 
  Updating   : ca-certificates-2017.2.14-71.el7.noarch                                                                                                                                    6/11 
  Updating   : iptables-1.4.21-18.3.el7_4.x86_64                                                                                                                                          7/11 
  Cleanup    : ca-certificates-2015.2.6-73.el7.noarch                                                                                                                                     8/11 
  Cleanup    : p11-kit-trust-0.20.7-3.el7.x86_64                                                                                                                                          9/11 
  Cleanup    : p11-kit-0.20.7-3.el7.x86_64                                                                                                                                               10/11 
  Cleanup    : iptables-1.4.21-17.el7.x86_64                                                                                                                                             11/11 
  Verifying  : ca-certificates-2017.2.14-71.el7.noarch                                                                                                                                    1/11 
  Verifying  : openvpn-2.4.5-1.el6.x86_64                                                                                                                                                 2/11 
  Verifying  : p11-kit-0.23.5-3.el7.x86_64                                                                                                                                                3/11 
  Verifying  : pkcs11-helper-1.11-3.el6.x86_64                                                                                                                                            4/11 
  Verifying  : lz4-r131-1.el6.x86_64                                                                                                                                                      5/11 
  Verifying  : p11-kit-trust-0.23.5-3.el7.x86_64                                                                                                                                          6/11 
  Verifying  : iptables-1.4.21-18.3.el7_4.x86_64                                                                                                                                          7/11 
  Verifying  : p11-kit-0.20.7-3.el7.x86_64                                                                                                                                                8/11 
  Verifying  : ca-certificates-2015.2.6-73.el7.noarch                                                                                                                                     9/11 
  Verifying  : p11-kit-trust-0.20.7-3.el7.x86_64                                                                                                                                         10/11 
  Verifying  : iptables-1.4.21-17.el7.x86_64                                                                                                                                             11/11 

Installed:
  openvpn.x86_64 0:2.4.5-1.el6                                                                                                                                                                 

Dependency Installed:
  lz4.x86_64 0:r131-1.el6                                                                   pkcs11-helper.x86_64 0:1.11-3.el6                                                                  

Updated:
  ca-certificates.noarch 0:2017.2.14-71.el7                                                         iptables.x86_64 0:1.4.21-18.3.el7_4                                                        

Dependency Updated:
  p11-kit.x86_64 0:0.23.5-3.el7                                                               p11-kit-trust.x86_64 0:0.23.5-3.el7                                                              

Complete!
--2018-04-16 04:35:02--  https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.4/EasyRSA-3.0.4.tgz
Resolving github.com (github.com)... 13.250.177.223, 52.74.223.119, 13.229.188.59
Connecting to github.com (github.com)|13.250.177.223|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/ece05f24-fe8f-11e7-8f40-254abfa9b228?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20180416%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180416T083508Z&X-Amz-Expires=300&X-Amz-Signature=63bf246fef4e8a812564d0c0ed6082df3742f4c1131de660758572aadfa91888&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.4.tgz&response-content-type=application%2Foctet-stream [following]
--2018-04-16 04:35:08--  https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/ece05f24-fe8f-11e7-8f40-254abfa9b228?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20180416%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180416T083508Z&X-Amz-Expires=300&X-Amz-Signature=63bf246fef4e8a812564d0c0ed6082df3742f4c1131de660758572aadfa91888&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.4.tgz&response-content-type=application%2Foctet-stream
Resolving github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)... 52.216.161.131
Connecting to github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)|52.216.161.131|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 37721 (37K) [application/octet-stream]
Saving to: ‘/root/EasyRSA-3.0.4.tgz’

100%[=====================================================================================================================================================>] 37,721      39.9KB/s   in 0.9s   

2018-04-16 04:35:10 (39.9 KB/s) - ‘/root/EasyRSA-3.0.4.tgz’ saved [37721/37721]


init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki

Generating a 2048 bit RSA private key
.........................+++
...+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.hA08iBZjvy'
-----
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
..................................+...................+.................................................................................+....................................................................+.....................+.............................................................+.....................+..............+......................+............................+.........................................................................................+.............................................................................................................................................................................................................................................+..........................................................................................................................................................................................+..............................................................................................+.......................................................................+............................................................................................................................................................................+........................................................................+..............................................................................................................+.......................................................................................................................+.......................................................................................................................................+.......+.........................................................................................................................................+.................+.........................................................................................................................................................................................................................+.........................................................................................................................................................................................................................................................................................................................................................................................+......................................................................................................................................+.......+......+...............................................................................................................+.....................................................................................................................................................+..................................................................+....................................+..............................+.............................+.......................................................................................................................................................+.......................+...................................................+...........................................................+.............+...................................................................................................................................................................................................................................................................................................+...................................................................................................................+....................+..............................................+.+..................................................................................................................................................................+.........................................+..........................................................................................................................................................................................+.......................................+..................................................................................................................................................................................................................+...................................................................................................................................+..........................................................................................................+......................................................................+....................................................................................................................................................................................+........................................................+....................+..................................................................................................................................................................................................................................................................................................+..................................................................................................................................................................................+...............................+...........+..............................................................................................................................................................................................+.....................................................................................................................................................................................................................................+.............................................................................................................................................................+.................+..........................+.....................................+...........................+...........................................................................................................................................................................................................................................................................................................................................................................................................+.........+.............................................+..+.......................................................................................................................................................................................................................................+......+....................................................................................................................................................................................................+...........................+.....................................................................................................................................................................................................................................................................................+..............................................................................................................................+...........................................................................+.........................+...................................................+..............................................................................................................................................................................................................+.................................................................+...............................................................................................................+........................................+.......................................................+................................................+.................................................................................................................................................................................................+.........................................................................................................+...............................................................................................................................................................................................................................................................................................+..................................................................+..........................................................................................................................................+........................................................................................................................................................................................................................+.............................................................................................................................................................+............................................................................................................................................................................................................+.....................................................+............................+..........+.+...+.........................................................................................................................................................................................................................+.........................................................................................................................................................................................................+..............................+..........................................................................................................................................................................................................................................................+......................................................................+...............................................................................................................................................+.........................................................+...........+.............................................................+..............................................................................+...................................+...........................................................................................................................................................................+..........................................................................+........................................................+....................+............................................................+......+.....+..........................................................................................................................................................................................+.........................................................................................................................................................................................................................................................................................................................+..........................+...........................................................................................................................................................................................................................................+.......................................................+........................................................................................................................................................................................................................................................................+................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.......................................................................................................+........................................................................................+..........................+.................................................+.........+.....................................................................................................................................................................+...................................................................................................+................................................................+............+.........................................+..................................................................................................................................................................+......................................................................................................................................................................................+.......................................+.............................................+..................................................................................................+...................................+.............+................................................................................................................................................................................+......................................................+..................................+.................................................+..................................................................................................................+....................................................................................+...........................................................................+........................................................................+................+..............+..................+................................................................................................+.........................+......................................+....+.................................................+.............................................................+.................+..........................................................................................................+...........................................................................................................+........................................................................................................................................................+.............................................................+...........+..................................+................................................................................................................................+................................................................................................................+..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+..+.....................................................+............................................................+...........................................................................................................................+..........................................................................+......................................+.......................................+.................................................+......................................................................+...................................................+...................................................................+..........................+........................................................+........................+......................................................................+...+.....................................................................+...........................................+.......+.........+.................................................................................................................+....................................+...........+..................................+..............+........+...................................................................................................+..............................................................................................................................................................................................+..........................................................................................................................................................................+...................................................................................................................................................................................................................+.............................................................................................................................................................................................................................................................................................................................................+......+..........................................................................................+.................................+..........................................+....+...................................................++*++*

DH parameters of size 2048 created at /etc/openvpn/easy-rsa/pki/dh.pem

Generating a 2048 bit RSA private key
...........+++
..................................................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/server.key.s43SLQ2kxH'
-----
Using configuration from ./openssl-easyrsa.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'server'
Certificate is to be certified until Apr 13 08:39:52 2028 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated
Generating a 2048 bit RSA private key
.................................................................................................+++
.........+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/client.key.YBeTeHRJGt'
-----
Using configuration from ./openssl-easyrsa.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'client'
Certificate is to be certified until Apr 13 08:39:52 2028 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated
Using configuration from ./openssl-easyrsa.cnf

An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem

ValueError: Port tcp/1194 already defined
509
Failed to restart [email protected]: Unit not found.
Failed to execute operation: Access denied

Looks like your server is behind a NAT!

If your server is NATed (e.g. LowEndSpirit), I need to know the external IP
If that's not the case, just ignore this and leave the next field blank
External IP: 

Finished!

Your client configuration is available at /root/client.ovpn
If you want to add more clients, you simply need to run this script again!

注:这里提示生成的client.ovpn的位置位于/root/client.ovpn,需要使用的时候在客户端安装openvpn 并将客户端的配置更改为/root/client.ovpn就行了。

4、下载client.ovpn文件

关键命令:

sz client.ovpn

过程命令:

[root@localhost openvpnserver]# cd /root
[root@localhost ~]# ls
anaconda-ks.cfg  client.ovpn
[root@localhost ~]# sz client.ovpn

参考文章:http://netsecurity.51cto.com/art/201704/537925.htm


猜你喜欢

转载自blog.csdn.net/boonya/article/details/79963200
今日推荐
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
Java自定义时间格式
同步整形电路
在开发中最最最常用的字符串的属性大集合
Linux 查看端口占用并杀掉
Java基础四:ArrayList
多线程之死锁就是这么简单
mysql 基础命令集
awk 命令详解
Centos6.3编译安装nginx+php步骤
OCR (Optical Character Recognition,光学字符识别)
每日归档
更多
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022