OpenVPN adalah salah satu tools personal VPN yang dapat kita install di VPS atau Server yang kita miliki. Dengan OpenVPN kita dapat menyembunyikan IP yang kita miliki saat browsing.
Dengan OpenVPN juga kita dapat melakukan browsing ke situs-situs xxx atau situs-situs yang di blokir oleh Menkominfo.
Selain itu kita juga dapat melakukan koneksi ke VPS yang tidak memiliki IP berupa IPV4 dan hanya memiliki IPV6 only. Seperti VPS Gratis dari EUServ.com. (Baca Cara Mudah Mendapatkan VPS Gratis dari euserv.com)
Nah bagaimana cara melakukan installasi OpenVPN di Debian 10? Berikut cara mudah install OpenVPN di Debian 10.
Prerequirest
- Sudah memiliki VPS debian 10. Jika belum memiliki baca Cara Mendapatkan Balance $50 dari Vultr dan Buat VPS Anda Selama 10 Bulan dan Cara Mendapatkan Balance $100 Digital Ocean
- Buat VPS menggunakan Distro Debian 10. Baca Cara Membuat Droplet (VPS) di Digital Ocean
- Memiliki IPV4 di VPS.
- Koneksi Internet
- Segelas Kopi Hitam.
Cara Mudah Melakukan Instalasi OpenVPN di Debian 10
Step 1 – Login ke VPS Debian 10
Login ke vps debian 10 menggunakan id root anda menggunakan putty atau jika anda menggunakan windows 10 anda bisa langsung connect menggunakan CMD
Step 2 – Update VPS Debian 10
Lakukan update pada VPS Debian 10 anda menggunakan perintah
{content@deb10:~ }$ sudo apt update
{content@deb10:~ }$ sudo apt upgrade
Step 3 – Check IP
Cek ip yang diberikan oleh VPS provider anda menggunakan perintah
{contentdeb10:~ }$ ip a
{content@deb10:~ }$ ip a show eth0
Step 4 – Download script installasi OpenVPN untuk Debian 10
{content@deb10:~ }$ wget https://raw.githubusercontent.com/Angristan/openvpn-install/master/openvpn-install.sh -O debian10-vpn.shStep 5 – Rubah permition script debian10-vpn.sh
Rubah permition script instalasi agar bisa di eksekusi dengan memberikan perintah chmod +x
{content@deb10:~ }$ chmod +x debian10-vpn.sh
Step 6 – Exekusi script debian10-vpn.sh
{content@deb10:~ }$ sudo ./debian10-vpn.sh
Step 7 – Proses Instalasi
Lanjutkan proses instalasi dengan mengikuti petunjuk yang diberikan
Step 8 – Tambahkan user untuk akses openvpn
Tambahkan user untuk akses ke openvpn. Berikan nama sesuai dengan keinginan anda.
Step 9 – Proses Selesai
Proses instalasi openvpn selesai. OpenVPN yang sudah di install di VPS sudah dapat dipakai. Tambahkan user sebanyak yang anda inginkan dengan perintah
{content@deb10:~ }$ ./debian10-vpn.sh
Cara melakukan start dan stop openvpn
HOW DO I START/STOP/RESTART OPENVPN SERVER ON DEBIAN 10 ?
{content@deb10:~ }$ sudo systemctl stop openvpn@server # <--- stop server
{content@deb10:~ }$ sudo systemctl start openvpn@server # <--- start server
{content@deb10:~ }$ sudo systemctl restart openvpn@server # <--- restart server
{content@deb10:~ }$ sudo systemctl status openvpn@server # <--- get server statusCara Mudah Menggunakan OpenVPN
Step 1 – Download dan install client OpenVPN di sini
Step 2 – Copy file yang telah dibuat misalnya “content.ovpn” ke komputer anda
Step 3 – Kalau tidak bisa di-copy gunakan perintah cat untuk membuka file. Block dan bawa ke notepad.
{content@deb10:~ } cat content.ovpn
client
proto udp
remote 66.42.xxx.xxx 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_zog3tmYcwC9nTFVV name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxx
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxx
-----END OpenVPN Static key V1-----
</tls-crypt>
Step 4 – Copy dan paste ke notepad
Copy dan paste hasil cat tadi ke notepad dan simpan dengan nama sesuai pilihan anda misalnya “content.ovpn”
Step 5 – Import file content.ovpn ke program OpenVPN GUI
Import file konfigurasi (content.ovpn) yang sudah anda simpan tadi ke OpenVPN GUI
Step 6 – Connect ke VPN yang sudah anda install
Lakukan koneksi Komputer anda dengan OpenVPN yang telah anda install
Step 7 – Check Koneksi dan IP Address
Check koneksi anda dan lakukan pengecekan IP Address ke situs check ip address kesukaan anda misalnya whatismyipaddress
Penutup Cara Mudah Install OpenVPN di Debian 10
Nah cukup mudah bukan cara mudah melakukan instalasi OpenVPN server di Debian 10. Dengan menggunakan OpenVPN anda dapat mengakses situs-situs yang di blokir oleh Menkominfo.
Selain itu dengan OpenVPN anda juga dapat membuka situs yang hanya bisa diakses menggunakan IPV6 only seperti ipv6.google.com
Anda juga dapat mengakses server anda yang hanya menggunakan IPV6 only seperti VPS gratis dari EUServ.com.
Proces Jalannya Instalasi OpenVPN di Debian 10
root@nynat:~# ./debian10-vpn.sh TUN is not available root@nynat:~# ./debian10-vpn.sh Welcome to the OpenVPN installer! The git repository is available at: https://github.com/angristan/openvpn-install I need to ask you a few questions before starting the setup. You can leave the default options and just press enter if you are ok with them. I need to know the IPv4 address of the network interface you want OpenVPN listening to. Unless your server is behind NAT, it should be your public IPv4 address. IP address: 172.16.120.129 It seems this server is behind NAT. What is its public IPv4 address or hostname? We need it for the clients to connect to the server. Public IPv4 address or hostname: 45.61.xxx.xxx Checking for IPv6 connectivity... Your host appears to have IPv6 connectivity. Do you want to enable IPv6 support (NAT)? [y/n]: y What port do you want OpenVPN to listen to? 1) Default: 1194 2) Custom 3) Random [49152-65535] Port choice [1-3]: 2 Custom port [1-65535]: 1194 What protocol do you want OpenVPN to use? UDP is faster. Unless it is not available, you shouldn't use TCP. 1) UDP 2) TCP Protocol [1-2]: 1 What DNS resolvers do you want to use with the VPN? 1) Current system resolvers (from /etc/resolv.conf) 2) Self-hosted DNS Resolver (Unbound) 3) Cloudflare (Anycast: worldwide) 4) Quad9 (Anycast: worldwide) 5) Quad9 uncensored (Anycast: worldwide) 6) FDN (France) 7) DNS.WATCH (Germany) 8) OpenDNS (Anycast: worldwide) 9) Google (Anycast: worldwide) 10) Yandex Basic (Russia) 11) AdGuard DNS (Russia) 12) NextDNS (Worldwide) 13) Custom DNS [1-12]: 3 Do you want to use compression? It is not recommended since the VORACLE attack make use of it. Enable compression? [y/n]: n Do you want to customize encryption settings? Unless you know what you're doing, you should stick with the default parameters provided by the script. Note that whatever you choose, all the choices presented in the script are safe. (Unlike OpenVPN's defaults) See https://github.com/angristan/openvpn-install#security-and-encryption to learn more. Customize encryption settings? [y/n]: n Okay, that was all I needed. We are ready to setup your OpenVPN server now. You will be able to generate a client at the end of the installation. Press any key to continue... Hit http://security.debian.org jessie/updates InRelease Ign http://ftp.debian.org jessie InRelease Hit http://ftp.debian.org jessie-updates InRelease Hit http://ftp.debian.org jessie Release.gpg Hit http://security.debian.org jessie/updates/main amd64 Packages Hit http://security.debian.org jessie/updates/contrib amd64 Packages Hit http://ftp.debian.org jessie-updates/main amd64 Packages Hit http://security.debian.org jessie/updates/non-free amd64 Packages Hit http://ftp.debian.org jessie-updates/contrib amd64 Packages Hit http://ftp.debian.org jessie-updates/non-free amd64 Packages Hit http://ftp.debian.org jessie-updates/contrib Translation-en Hit http://security.debian.org jessie/updates/contrib Translation-en Hit http://security.debian.org jessie/updates/main Translation-en Hit http://ftp.debian.org jessie-updates/main Translation-en Hit http://ftp.debian.org jessie-updates/non-free Translation-en Hit http://security.debian.org jessie/updates/non-free Translation-en Hit http://ftp.debian.org jessie Release Hit http://ftp.debian.org jessie/main amd64 Packages Hit http://ftp.debian.org jessie/contrib amd64 Packages Hit http://ftp.debian.org jessie/non-free amd64 Packages Hit http://ftp.debian.org jessie/contrib Translation-en Hit http://ftp.debian.org jessie/main Translation-en Hit http://ftp.debian.org jessie/non-free Translation-en Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done gnupg is already the newest version. ca-certificates is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. converted 'https://swupdate.openvpn.net/repos/repo-public.gpg' (ANSI_X3.4-1968) -> 'https://swupdate.openvpn.net/repos/repo-public.gpg' (UTF-8) --2020-03-18 07:52:01-- https://swupdate.openvpn.net/repos/repo-public.gpg Resolving swupdate.openvpn.net (swupdate.openvpn.net)... 104.18.188.225, 104.18.187.225 Connecting to swupdate.openvpn.net (swupdate.openvpn.net)|104.18.188.225|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1806 (1.8K) [binary/octet-stream] Saving to: 'STDOUT' - 100%[===================================================>] 1.76K --.-KB/s in 0s 2020-03-18 07:52:01 (79.9 MB/s) - written to stdout [1806/1806] OK Hit http://security.debian.org jessie/updates InRelease Hit http://security.debian.org jessie/updates/main amd64 Packages Get:1 http://build.openvpn.net jessie InRelease [3214 B] Hit http://security.debian.org jessie/updates/contrib amd64 Packages Hit http://security.debian.org jessie/updates/non-free amd64 Packages Hit http://security.debian.org jessie/updates/contrib Translation-en Hit http://security.debian.org jessie/updates/main Translation-en Hit http://security.debian.org jessie/updates/non-free Translation-en Ign http://ftp.debian.org jessie InRelease Hit http://ftp.debian.org jessie-updates InRelease Get:2 http://build.openvpn.net jessie/main amd64 Packages [1234 B] Hit http://ftp.debian.org jessie Release.gpg Hit http://ftp.debian.org jessie-updates/main amd64 Packages Hit http://ftp.debian.org jessie-updates/contrib amd64 Packages Hit http://ftp.debian.org jessie-updates/non-free amd64 Packages Hit http://ftp.debian.org jessie-updates/contrib Translation-en Ign http://build.openvpn.net jessie/main Translation-en Hit http://ftp.debian.org jessie-updates/main Translation-en Hit http://ftp.debian.org jessie-updates/non-free Translation-en Hit http://ftp.debian.org jessie Release Hit http://ftp.debian.org jessie/main amd64 Packages Hit http://ftp.debian.org jessie/contrib amd64 Packages Hit http://ftp.debian.org jessie/non-free amd64 Packages Hit http://ftp.debian.org jessie/contrib Translation-en Hit http://ftp.debian.org jessie/main Translation-en Hit http://ftp.debian.org jessie/non-free Translation-en Fetched 4448 B in 1s (2332 B/s) Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done iptables is already the newest version. ca-certificates is already the newest version. openssl is already the newest version. wget is already the newest version. The following extra packages will be installed: easy-rsa libccid libcurl3 liblzo2-2 libpcsclite1 libpkcs11-helper1 librtmp1 libssh2-1 libusb-1.0-0 opensc opensc-pkcs11 pcscd Suggested packages: pcmciautils resolvconf The following NEW packages will be installed: curl easy-rsa libccid libcurl3 liblzo2-2 libpcsclite1 libpkcs11-helper1 librtmp1 libssh2-1 libusb-1.0-0 opensc opensc-pkcs11 openvpn pcscd 0 upgraded, 14 newly installed, 0 to remove and 0 not upgraded. Need to get 2700 kB of archives. After this operation, 7408 kB of additional disk space will be used. Get:1 http://security.debian.org/ jessie/updates/main libssh2-1 amd64 1.4.3-4.1+deb8u6 [128 kB] Get:2 http://security.debian.org/ jessie/updates/main libcurl3 amd64 7.38.0-4+deb8u16 [261 kB] Get:3 http://security.debian.org/ jessie/updates/main opensc-pkcs11 amd64 0.16.0-3+deb8u2 [752 kB] Get:4 http://security.debian.org/ jessie/updates/main curl amd64 7.38.0-4+deb8u16 [202 kB] Get:5 http://security.debian.org/ jessie/updates/main opensc amd64 0.16.0-3+deb8u2 [238 kB] Get:6 http://build.openvpn.net/debian/openvpn/stable/ jessie/main openvpn amd64 2.4.8-jessie0 [574 kB] Get:7 http://ftp.debian.org/debian/ jessie/main librtmp1 amd64 2.4+20150115.gita107cef-1+deb8u1 [60.0 kB] Get:8 http://ftp.debian.org/debian/ jessie/main liblzo2-2 amd64 2.08-1.2 [54.6 kB] Get:9 http://ftp.debian.org/debian/ jessie/main libpcsclite1 amd64 1.8.13-1+deb8u1 [56.2 kB] Get:10 http://ftp.debian.org/debian/ jessie/main libpkcs11-helper1 amd64 1.11-2 [45.4 kB] Get:11 http://ftp.debian.org/debian/ jessie/main libusb-1.0-0 amd64 2:1.0.19-1 [48.1 kB] Get:12 http://ftp.debian.org/debian/ jessie/main libccid amd64 1.4.18-1 [173 kB] Get:13 http://ftp.debian.org/debian/ jessie/main pcscd amd64 1.8.13-1+deb8u1 [91.0 kB] Get:14 http://ftp.debian.org/debian/ jessie/main easy-rsa all 2.2.2-1 [17.1 kB] Fetched 2700 kB in 1s (2103 kB/s) Preconfiguring packages ... Selecting previously unselected package librtmp1:amd64. (Reading database ... 26676 files and directories currently installed.) Preparing to unpack .../librtmp1_2.4+20150115.gita107cef-1+deb8u1_amd64.deb ... Unpacking librtmp1:amd64 (2.4+20150115.gita107cef-1+deb8u1) ... Selecting previously unselected package libssh2-1:amd64. Preparing to unpack .../libssh2-1_1.4.3-4.1+deb8u6_amd64.deb ... Unpacking libssh2-1:amd64 (1.4.3-4.1+deb8u6) ... Selecting previously unselected package libcurl3:amd64. Preparing to unpack .../libcurl3_7.38.0-4+deb8u16_amd64.deb ... Unpacking libcurl3:amd64 (7.38.0-4+deb8u16) ... Selecting previously unselected package liblzo2-2:amd64. Preparing to unpack .../liblzo2-2_2.08-1.2_amd64.deb ... Unpacking liblzo2-2:amd64 (2.08-1.2) ... Selecting previously unselected package libpcsclite1:amd64. Preparing to unpack .../libpcsclite1_1.8.13-1+deb8u1_amd64.deb ... Unpacking libpcsclite1:amd64 (1.8.13-1+deb8u1) ... Selecting previously unselected package libpkcs11-helper1:amd64. Preparing to unpack .../libpkcs11-helper1_1.11-2_amd64.deb ... Unpacking libpkcs11-helper1:amd64 (1.11-2) ... Selecting previously unselected package libusb-1.0-0:amd64. Preparing to unpack .../libusb-1.0-0_2%3a1.0.19-1_amd64.deb ... Unpacking libusb-1.0-0:amd64 (2:1.0.19-1) ... Selecting previously unselected package opensc-pkcs11:amd64. Preparing to unpack .../opensc-pkcs11_0.16.0-3+deb8u2_amd64.deb ... Unpacking opensc-pkcs11:amd64 (0.16.0-3+deb8u2) ... Selecting previously unselected package curl. Preparing to unpack .../curl_7.38.0-4+deb8u16_amd64.deb ... Unpacking curl (7.38.0-4+deb8u16) ... Selecting previously unselected package openvpn. Preparing to unpack .../openvpn_2.4.8-jessie0_amd64.deb ... Unpacking openvpn (2.4.8-jessie0) ... Selecting previously unselected package libccid. Preparing to unpack .../libccid_1.4.18-1_amd64.deb ... Unpacking libccid (1.4.18-1) ... Selecting previously unselected package pcscd. Preparing to unpack .../pcscd_1.8.13-1+deb8u1_amd64.deb ... Unpacking pcscd (1.8.13-1+deb8u1) ... Selecting previously unselected package easy-rsa. Preparing to unpack .../easy-rsa_2.2.2-1_all.deb ... Unpacking easy-rsa (2.2.2-1) ... Selecting previously unselected package opensc. Preparing to unpack .../opensc_0.16.0-3+deb8u2_amd64.deb ... Unpacking opensc (0.16.0-3+deb8u2) ... Processing triggers for man-db (2.7.0.2-5) ... Processing triggers for systemd (215-17+deb8u13) ... Setting up librtmp1:amd64 (2.4+20150115.gita107cef-1+deb8u1) ... Setting up libssh2-1:amd64 (1.4.3-4.1+deb8u6) ... Setting up libcurl3:amd64 (7.38.0-4+deb8u16) ... Setting up liblzo2-2:amd64 (2.08-1.2) ... Setting up libpcsclite1:amd64 (1.8.13-1+deb8u1) ... Setting up libpkcs11-helper1:amd64 (1.11-2) ... Setting up libusb-1.0-0:amd64 (2:1.0.19-1) ... Setting up opensc-pkcs11:amd64 (0.16.0-3+deb8u2) ... Setting up curl (7.38.0-4+deb8u16) ... Setting up openvpn (2.4.8-jessie0) ... [ ok ] Restarting virtual private network daemon.:. Setting up libccid (1.4.18-1) ... Setting up pcscd (1.8.13-1+deb8u1) ... Setting up easy-rsa (2.2.2-1) ... Setting up opensc (0.16.0-3+deb8u2) ... Processing triggers for libc-bin (2.19-18+deb8u10) ... Processing triggers for systemd (215-17+deb8u13) ... converted 'https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.6/EasyRSA-unix-v3.0.6.tgz' (ANSI_X3.4-1968) -> 'https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.6/EasyRSA-unix-v3.0.6.tgz' (UTF-8) --2020-03-18 07:52:09-- https://github.com/OpenVPN/easy-rsa/releases/download/v3.0.6/EasyRSA-unix-v3.0.6.tgz Resolving github.com (github.com)... 140.82.113.3 Connecting to github.com (github.com)|140.82.113.3|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/8d46db80-266e-11e9-85e3-7de4dbee40d9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20200318%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20200318T115210Z&X-Amz-Expires=300&X-Amz-Signature=36d742ba533e90393cd4f8509e5733bb0b50835971b6f614b90e2ccac06f429a&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-unix-v3.0.6.tgz&response-content-type=application%2Foctet-stream [following] converted 'https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/8d46db80-266e-11e9-85e3-7de4dbee40d9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20200318%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20200318T115210Z&X-Amz-Expires=300&X-Amz-Signature=36d742ba533e90393cd4f8509e5733bb0b50835971b6f614b90e2ccac06f429a&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-unix-v3.0.6.tgz&response-content-type=application%2Foctet-stream' (ANSI_X3.4-1968) -> 'https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/8d46db80-266e-11e9-85e3-7de4dbee40d9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A/20200318/us-east-1/s3/aws4_request&X-Amz-Date=20200318T115210Z&X-Amz-Expires=300&X-Amz-Signature=36d742ba533e90393cd4f8509e5733bb0b50835971b6f614b90e2ccac06f429a&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment; filename=EasyRSA-unix-v3.0.6.tgz&response-content-type=application/octet-stream' (UTF-8) --2020-03-18 07:52:10-- https://github-production-release-asset-2e65be.s3.amazonaws.com/4519663/8d46db80-266e-11e9-85e3-7de4dbee40d9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A/20200318/us-east-1/s3/aws4_request&X-Amz-Date=20200318T115210Z&X-Amz-Expires=300&X-Amz-Signature=36d742ba533e90393cd4f8509e5733bb0b50835971b6f614b90e2ccac06f429a&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment;%20filename=EasyRSA-unix-v3.0.6.tgz&response-content-type=application/octet-stream Resolving github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)... 52.217.38.228 Connecting to github-production-release-asset-2e65be.s3.amazonaws.com (github-production-release-asset-2e65be.s3.amazonaws.com)|52.217.38.228|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 40840 (40K) [application/octet-stream] Saving to: '/root/EasyRSA-unix-v3.0.6.tgz' /root/EasyRSA-unix-v3.0.6.tgz 100%[===================================================>] 39.88K --.-KB/s in 0.008s 2020-03-18 07:52:10 (4.67 MB/s) - '/root/EasyRSA-unix-v3.0.6.tgz' saved [40840/40840] Note: using Easy-RSA configuration from: ./vars init-pki complete; you may now create a CA or requests. Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki read EC key writing EC key Note: using Easy-RSA configuration from: ./vars Using SSL: openssl OpenSSL 1.0.1t 3 May 2016 Generating a 256 bit EC private key writing new private key to '/etc/openvpn/easy-rsa/pki/private/server_eqwRsSG9K3YppQ5B.key.r7q4S0E3QB' ----- Using configuration from /etc/openvpn/easy-rsa/pki/safessl-easyrsa.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'server_eqwRsSG9K3YppQ5B' Certificate is to be certified until Mar 3 11:52:10 2023 GMT (1080 days) Write out database with 1 new entries Data Base Updated Note: using Easy-RSA configuration from: ./vars Using SSL: openssl OpenSSL 1.0.1t 3 May 2016 Using configuration from /etc/openvpn/easy-rsa/pki/safessl-easyrsa.cnf An updated CRL has been created. CRL file: /etc/openvpn/easy-rsa/pki/crl.pem * Applying /etc/sysctl.d/20-openvpn.conf ... net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 1 * Applying /etc/sysctl.d/99-sysctl.conf ... * Applying /etc/sysctl.conf ... Created symlink from /etc/systemd/system/multi-user.target.wants/[email protected] to /etc/systemd/system/[email protected]. Created symlink from /etc/systemd/system/multi-user.target.wants/iptables-openvpn.service to /etc/systemd/system/iptables-openvpn.service. Tell me a name for the client. Use one word only, no special characters. Client name: rumah Do you want to protect the configuration file with a password? (e.g. encrypt the private key with a password) 1) Add a passwordless client 2) Use a password for the client Select an option [1-2]: 1 Note: using Easy-RSA configuration from: ./vars Using SSL: openssl OpenSSL 1.0.1t 3 May 2016 Generating a 256 bit EC private key writing new private key to '/etc/openvpn/easy-rsa/pki/private/rumah.key.ePpkF08tO9' ----- Using configuration from /etc/openvpn/easy-rsa/pki/safessl-easyrsa.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'rumah' Certificate is to be certified until Mar 3 11:52:27 2023 GMT (1080 days) Write out database with 1 new entries Data Base Updated Client rumah added, the configuration file is available at /root/rumah.ovpn. Download the .ovpn file and import it in your OpenVPN client.
Salam
Content.ID
