6月 242012
 
1)添加EPEL源

rpm -Uvh http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-7.noarch.rpm
epel

然后更新
yum update

2) 安装openvpn

yum install openvpn

3)copy “easy-rsa”

cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn

4)创建Public Key Infrastructure (PKI)

cd /etc/openvpn/easy-rsa/2.0/
. /etc/openvpn/easy-rsa/2.0/vars
. /etc/openvpn/easy-rsa/2.0/clean-all
cp openssl-1.0.0.cnf openssl.cnf
. /etc/openvpn/easy-rsa/2.0/build-ca

5)生成Certificates and Private Keys

. /etc/openvpn/easy-rsa/2.0/build-key-server server
. /etc/openvpn/easy-rsa/2.0/build-key client1

6)生成Diffie Hellman Parameters

. /etc/openvpn/easy-rsa/2.0/build-dh
Diffie Hellman Parameters

7)复制相应的key

客户端需要以下三个文件:

  • ca.crt
  • client1.crt
  • client1.key

服务器端需要5个文件,将以下5个文件复制到openvpn目录

  • ca.crt
  • ca.key
  • dh1024.pem
  • server.crt
  • server.key

cd /etc/openvpn/easy-rsa/2.0/keys
cp ca.crt ca.key dh1024.pem server.crt server.key /etc/openvpn

8)配置vpn

cp /usr/share/doc/openvpn-2.2.1/sample-config-files/server.conf /etc/openvpn/
cp /usr/share/doc/openvpn-2.2.1/sample-config-files/client.conf ~/
cd ~/

————————–
如果要生成新的客户端key,需要再次执行
. /etc/openvpn/easy-rsa/2.0/vars
未完待续

  1条评论 到 “Linode+CentOS6+openvpn”

  1. […] WIKAI What I Know About It Home关于Copyright « Linode+CentOS6+openvpn […]

 评论

您可以使用这些 HTML 标签和属性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*(必需)

*(必需)

Time limit is exhausted. Please reload CAPTCHA.

3,430 人阅读