An OpenVPN configuration menu based generator

It’s not extremly difficult to set up an openvpn server, but you have to deal with certificates, rsa keys, configs, subnet addresses, iptables … such trifles are annoying.

So I wrote this script to make my life easier, only to provide essential infomation like the server IP, and configuraion will be done at the background, then tared packages are ready for both servers and clients.

ovpn_menu.png

Source is available at Github. Pull requests are welcome.

The script is recommanded running at your work station, and then upload only the server part to the server, for secure considerations.

Features

  • Provide tared config which ready for any server distribution.
  • Random VPN subnet will be generated to avoid conflict.
  • Random digital subffixed server/client CommonName will be assigned (if you don’t provide one) for clearer management.
  • All those config files are based on examples that ship together within your distribution.
  • tls-auth enabled by default.

Usage

For new setup:

./much-easier-rsa-menu.sh

Just do as promoted. When select 5 to exit, all the files will be packed into a single NAME-all.tar.gz, you should save it to somewhere safe. And if you want to sign some more certificate from this root ca, put this tar file as the argument.

./much-easier-rsa-menu.sh /path/to/YOUR-VPN-all.tar.gz

At last the script also provide you iptables commands that can be useful to setup the server as a VPN gateway.

Download

Direct download via wget/curl should be ok:

https://github.com/pentie/much-easier-rsa-for-openvpn/raw/master/much-easier-rsa-menu.sh

文章分类 Unix/Linux 标签: ,
One comment on “An OpenVPN configuration menu based generator
  1. Blacksheep说道:

    Great job! But why you do not use the script to generate / modify the *.conf file for OpenVPN?

    Additional ideas:
    – Asking for gateway to push routes to clients
    – Asking for DNS to push DNS to clients
    – Enable compression
    – Change subnet option in the option menu to specify a subnet if a random subnet does not fit
    – Using scp to distribute the client / server files to the hosts

    Regards
    Blacksheep

发表评论

电子邮件地址不会被公开。 必填项已用*标注

*