Jul 212008

1. First of all get a few additional repos, If you already have your repos setup, skip this step

If you have Fedora 3, follow these steps, http://stanton-finley.net/fedora_cor…notes.html#Yum

If you have Fedora 4, follow these steps, http://stanton-finley.net/fedora_cor…notes.html#Yum

If you have Fedora 5, follow these steps, http://stanton-finley.net/fedora_cor…notes.html#Yum

if you have CentOS, follow the “additional third party CentOS repos” http://www.osresources.com/11_6_en.html Then issue these commands, each line is a new command, anything beginning with “#” are comments so dont try to execute those.

# yum update
# yum install openssl openssl-devel
# openssl and openssl-devel may be installed already… so don’t worry

2. Right, now you want to install OpenVPN, here are the commands,

# yum install openvpn -y
// Now check that it works
# service openvpn start
# service openvpn stop

3. A few things to setup before you can make certificates, issue these commands,

# find / -name "easy-rsa"
// you should get an output like this
# /usr/share/doc/openvpn-2.0.7/easy-rsa
// Now, make a copy of the easy-rsa directory, to /etc/openvpn/
( make sure you #have put the right version number in i.e. mine was -2.0.7, change if needed)
# cp -R /usr/share/doc/openvpn-2.0.7/easy-rsa /etc/openvpn/
# cd /etc/openvpn/easy-rsa
# chmod 777 *
# mkdir /etc/openvpn/keys

Continue reading »

Jul 212008

Do it with a Script


The following script will let you start a full featured VPN using SSH and tun.

* OpenSSH with tun support on both sides (tested Debian 4.3 on server, Gentoo 4.5 on client)
* Root access on both sides * Allowed root access and tunnel on server side:

File: /etc/ssh/sshd_config

PermitRootLogin yes
PermitTunnel yes
TCPKeepAlive yes # Not required but makes things much more stable. This is default now
* Compiled ‘tun’ module on both sides
* Loaded ‘tun’ module on server side 
* Allowed ARP proxy (required only for accessing client from within the private network)

Continue reading »