ssdnode mailing list archives
Browse archives
https://www.cyberciti.biz/faq/ [...]
by
CalTek.Net, Kenneth Wyrick
https://www.cyberciti.biz/faq/ubuntu-20-04-lts-set-up-openvpn-server-in-5-minutes/#Install_OpenVPN_server
Welcome to this OpenVPN road warrior installer!
Which IPv4 address should be used?
1) 208.87.131.190
2) 172.17.0.1
IPv4 address [1]: 1
Which protocol should OpenVPN use?
1) UDP (recommended)
2) TCP
Protocol [1]:
What port should OpenVPN listen to?
Port [1194]:
Select a DNS server for the clients:
1) Current system resolvers
2) Google
3) 1.1.1.1
4) OpenDNS
5) Quad9
6) AdGuard
DNS server [1]:
Enter a name for the first client:
Name [client]: hakeem
OpenVPN installation is ready to begin.
Press any key to continue...
Hit:1 https://download.jitsi.org stable/ InRelease
Get:2 http://security.ubuntu.com/ubuntu focal-security InRelease [109 kB]
Hit:3 https://download.docker.com/linux/ubuntu focal InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal InRelease
Get:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Fetched 324 kB in 3s (108 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
openvpn is already the newest version (2.4.7-1ubuntu2).
ca-certificates is already the newest version (20201027ubuntu0.20.04.1).
openssl is already the newest version (1.1.1f-1ubuntu2.1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/server/easy-rsa/pki
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating RSA private key, 2048 bit long modulus (2 primes)
...+++++
..........+++++
e is 65537 (0x010001)
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating a RSA private key
............+++++
.............................................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-67990.nzPOZV/tmp.D60L4n'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-67990.nzPOZV/tmp.NuG8tI
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'server'
Certificate is to be certified until Dec 27 02:54:14 2030 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating a RSA private key
.......................................................................................................+++++
........+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-68065.uuxzal/tmp.B6WGjX'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-68065.uuxzal/tmp.25ZOFn
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'hakeem'
Certificate is to be certified until Dec 27 02:54:14 2030 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-68121.nkBXuC/tmp.OqKbqI
An updated CRL has been created.
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.
Finished!
The client configuration is available in: /root/hakeem.ovpn
New clients can be added by running this script again.
Welcome to this OpenVPN road warrior installer!
Which IPv4 address should be used?
1) 208.87.131.190
2) 172.17.0.1
IPv4 address [1]: 1
Which protocol should OpenVPN use?
1) UDP (recommended)
2) TCP
Protocol [1]:
What port should OpenVPN listen to?
Port [1194]:
Select a DNS server for the clients:
1) Current system resolvers
2) Google
3) 1.1.1.1
4) OpenDNS
5) Quad9
6) AdGuard
DNS server [1]:
Enter a name for the first client:
Name [client]: hakeem
OpenVPN installation is ready to begin.
Press any key to continue...
Hit:1 https://download.jitsi.org stable/ InRelease
Get:2 http://security.ubuntu.com/ubuntu focal-security InRelease [109 kB]
Hit:3 https://download.docker.com/linux/ubuntu focal InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal InRelease
Get:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
Fetched 324 kB in 3s (108 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
openvpn is already the newest version (2.4.7-1ubuntu2).
ca-certificates is already the newest version (20201027ubuntu0.20.04.1).
openssl is already the newest version (1.1.1f-1ubuntu2.1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/server/easy-rsa/pki
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating RSA private key, 2048 bit long modulus (2 primes)
...+++++
..........+++++
e is 65537 (0x010001)
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating a RSA private key
............+++++
.............................................................+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-67990.nzPOZV/tmp.D60L4n'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-67990.nzPOZV/tmp.NuG8tI
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'server'
Certificate is to be certified until Dec 27 02:54:14 2030 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Generating a RSA private key
.......................................................................................................+++++
........+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/easy-rsa-68065.uuxzal/tmp.B6WGjX'
-----
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-68065.uuxzal/tmp.25ZOFn
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName :ASN.1 12:'hakeem'
Certificate is to be certified until Dec 27 02:54:14 2030 GMT (3650 days)
Write out database with 1 new entries
Data Base Updated
Using SSL: openssl OpenSSL 1.1.1f 31 Mar 2020
Using configuration from /etc/openvpn/server/easy-rsa/pki/easy-rsa-68121.nkBXuC/tmp.OqKbqI
An updated CRL has been created.
CRL file: /etc/openvpn/server/easy-rsa/pki/crl.pem
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-server@server.service → /lib/systemd/system/openvpn-server@.service.
Finished!
The client configuration is available in: /root/hakeem.ovpn
New clients can be added by running this script again.