1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
OpenVPN is a full-featured SSL VPN solution which can accomodate a wide
range of configurations, including remote access, site-to-site VPNs,
WiFi security, and enterprise-scale remote access solutions with load
balancing, failover, and fine-grained access-controls.
OpenVPN implements OSI layer 2 or 3 secure network extension using the
industry standard SSL/TLS protocol, supports flexible client
authentication methods based on certificates, smart cards, and/or
2-factor authentication, and allows user or group-specific access
control policies using firewall rules applied to the VPN virtual
interface.
Naturally OpenVPN depends upon having openssl (not just openssl-solibs)
installed on your computer. However, this script does not include
support for LZO compression.
Please note that there is no default config file for OpenVPN. This is
by design. OpenVPN can technically use any config file in any location.
However, this script does create an /etc/openvpn/ directory with certs/
and keys/ subdirectories. Feel free to place config files, keys, and
certificates in these directories. certs/ and keys/ are owned by user
root and group nobody and are not world readable nor writable.
Additionally, they are not writable by group nobody. It is recommended
that you run openvpn nobody:nobody, but you may use another
non-privilaged user and group at your option. Just change the
permissions on these permissions to reflect that if you do.
|