Linode+CentOS6+openvpn

1)添加EPEL源

rpm -Uvh <a href="http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-7.noarch.rpm">http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-7.noarch.rpm</a>

epel

然后更新

yum update

2) 安装openvpn

yum install openvpn

3)copy “easy-rsa”

cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn

4)创建Public Key Infrastructure (PKI)

cd /etc/openvpn/easy-rsa/2.0/<br /> . /etc/openvpn/easy-rsa/2.0/vars<br /> . /etc/openvpn/easy-rsa/2.0/clean-all<br /> cp openssl-1.0.0.cnf openssl.cnf<br /> . /etc/openvpn/easy-rsa/2.0/build-ca

5)生成Certificates and Private Keys

. /etc/openvpn/easy-rsa/2.0/build-key-server server<br /> . /etc/openvpn/easy-rsa/2.0/build-key client1

6)生成Diffie Hellman Parameters

. /etc/openvpn/easy-rsa/2.0/build-dh

Diffie Hellman Parameters

7)复制相应的key

客户端需要以下三个文件:

  • ca.crt
  • client1.crt
  • client1.key

服务器端需要5个文件,将以下5个文件复制到openvpn目录

  • ca.crt
  • ca.key
  • dh1024.pem
  • server.crt
  • server.key

cd /etc/openvpn/easy-rsa/2.0/keys<br /> cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn

8)配置vpn

cp /usr/share/doc/openvpn-2.2.1/sample-config-files/server.conf /etc/openvpn/<br /> cp /usr/share/doc/openvpn-2.2.1/sample-config-files/client.conf ~/<br /> cd ~/

————————–

如果要生成新的客户端key,需要再次执行

. /etc/openvpn/easy-rsa/2.0/vars

未完待续