Last active
June 7, 2016 23:59
-
-
Save WaaromZoMoeilijk/6770e651f6a9dfd49fe28d8a27c697fc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
IP='techandme.nl' | |
# Check if root | |
if [ "$(whoami)" != "root" ]; then | |
echo | |
echo -e "\e[31mSorry, you are not root.\n\e[0mYou must type: \e[36msudo \e[0mbash vpnserver2.sh" | |
echo | |
exit 1 | |
fi | |
cat <<-SERVER1 > "/etc/openvpn/easy-rsa/keys/Default.txt" | |
client | |
dev tun | |
proto udp | |
remote $IP 1194 | |
resolv-retry infinite | |
nobind | |
persist-key | |
persist-tun | |
mute-replay-warnings | |
ns-cert-type server | |
key-direction 1 | |
cipher AES-128-CBC | |
comp-lzo | |
verb 1 | |
mute 20 | |
SERVER1 | |
cat <<-SERVER > "/etc/openvpn/easy-rsa/keys/MakeOVPN.sh" | |
#!/bin/bash | |
# Default Variable Declarations | |
DEFAULT="Default.txt" | |
FILEEXT=".ovpn" | |
CRT=".crt" | |
KEY=".3des.key" | |
NODES_KEY=".key" | |
CA="ca.crt" | |
TA="ta.key" | |
NAME="${1}" | |
if [ -z "${NAME}" ]; then | |
# Ask for a Client name | |
echo "Please enter an existing Client Name:" | |
read NAME | |
fi | |
#1st Verify that client's Public Key Exists | |
if [ ! -f $NAME$CRT ]; then | |
echo "[ERROR]: Client Public Key Certificate not found: $NAME$CRT" | |
exit | |
fi | |
echo "Client's cert found: $NAME$CR" | |
#Then, verify that there is a private key for that client | |
if [ ! -f $NAME$KEY ]; then | |
echo "[INFO]: Client 3des Private Key not found: $NAME$KEY" | |
KEY="${NODES_KEY}" | |
fi | |
if [ ! -f $NAME$KEY ]; then | |
echo "[ERROR]: Client Private Key not found: $NAME$KEY" | |
exit | |
fi | |
echo "Client's Private Key found: $NAME$KEY" | |
#Confirm the CA public key exists | |
if [ ! -f $CA ]; then | |
echo "[ERROR]: CA Public Key not found: $CA" | |
exit | |
fi | |
echo "CA public Key found: $CA" | |
#Confirm the tls-auth ta key file exists | |
if [ ! -f $TA ]; then | |
echo "[ERROR]: tls-auth Key not found: $TA" | |
exit | |
fi | |
echo "tls-auth Private Key found: $TA" | |
#Ready to make a new .opvn file - Start by populating with the default file | |
cat $DEFAULT > $NAME$FILEEXT | |
#Now, append the CA Public Cert | |
echo "<ca>" >> $NAME$FILEEXT | |
cat $CA >> $NAME$FILEEXT | |
echo "</ca>" >> $NAME$FILEEXT | |
#Next append the client Public Cert | |
echo "<cert>" >> $NAME$FILEEXT | |
cat $NAME$CRT | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $NAME$FILEEXT | |
echo "</cert>" >> $NAME$FILEEXT | |
#Then, append the client Private Key | |
echo "<key>" >> $NAME$FILEEXT | |
cat $NAME$KEY >> $NAME$FILEEXT | |
echo "</key>" >> $NAME$FILEEXT | |
#Finally, append the TA Private Key | |
echo "<tls-auth>" >> $NAME$FILEEXT | |
cat $TA >> $NAME$FILEEXT | |
echo "</tls-auth>" >> $NAME$FILEEXT | |
echo "Done! $NAME$FILEEXT Successfully Created." | |
#Script written by Eric Jodoin | |
SERVER | |
cd /etc/openvpn/easy-rsa/keys | |
chmod 700 MakeOVPN.sh | |
./MakeOVPN.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment