如何在CentOS 8上安装OpenVPN

2021年4月27日07:27:01 发表评论 1,265 views

CentOS 8安装OpenVPN

步骤1.首先,让我们首先确保您的系统是最新的。
sudo dnf clean all
sudo dnf update
步骤2.在CentOS 8上安装OpenVPN。 现在我们从GitHub下载脚本自动安装OpenVPN:
yum install git
git clone https://github.com/Nyr/openvpn-install.git
接下来,切换到目录并运行安装程序脚本:openvpn-install
cd openvpn-install
chmod +x openvpn-install.sh
sudo ./openvpn-install.sh
您应该获得以下输出:
Welcome to this OpenVPN "road warrior" installer!
 I need to ask you a few questions before starting the setup.
 You can leave the default options and just press enter if you are ok with them.
 First, provide the IPv4 address of the network interface you want OpenVPN
 listening to.
 IP address: 192.168.1.11 This server is behind NAT. What is the public IPv4 address or hostname?
 Public IP address / hostname: internet.mobi Which protocol do you want for OpenVPN connections?
    1) UDP (recommended)
    2) TCP
 Protocol [1-2]: 1 What port do you want OpenVPN listening to?
 Port: 148
 Which DNS do you want to use with the VPN?
    1) Current system resolvers
    2) 1.1.1.1
    3) Google
    4) OpenDNS
    5) Verisign
 DNS [1-5]: 3 
 Finally, tell me your name for the client certificate.
 Please, use one word only, no special characters.
 Client name: gokey Okay, that was all I needed. We are ready to set up your OpenVPN server now.
 Press any key to continue
 Updating Subscription Management repositories.
 Updating Subscription Management repositories.
 Extra Packages for Enterprise Linux 8 - x86_64                                                                         189 kB/s |  16 MB     01:24    
 Last metadata expiration check: 0:00:40 ago on Wed 16 Dec 2019 09:36:46 PM EAT.
 Package epel-release-7-11.noarch is already installed.
 Dependencies resolved.
 Nothing to do.
 Complete!
OpenVPN服务器的主要配置文件是,您可以根据自己的喜好随意调整它:/etc/openvpn/server.conf
$ cat  /etc/openvpn/server.conf 

port 148
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.22.1"
keepalive 30 120
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
步骤3.生成OpenVPN用户配置文件。 现在,我们使用以下命令生成客户端证书和密钥:
$ sudo ./openvpn-install.sh

Looks like OpenVPN is already installed.
 What do you want to do?
    1) Add a new user
    2) Revoke an existing user
    3) Remove OpenVPN
    4) Exit
 Select an option [1-4]: 1 Tell me a name for the client certificate.
 Please, use one word only, no special characters.
 Client name: meilana
 Using SSL: openssl OpenSSL 1.1.1 FIPS  11 Sep 2018
 Can
 139966006863680:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:90:Filename=/etc/openvpn/easy-rsa/pki/.rnd
 Generating a RSA private key
 ……………………………………………………………………..+++++
 ……………………………………….+++++
 writing new private key to '/etc/openvpn/easy-rsa/pki/private/meilana.key.SmeichedelicsaH
 Using configuration from /etc/openvpn/easy-rsa/pki/safessl-easyrsa.cnf
 Can't load /etc/openvpn/easy-rsa/pki/.rnd into RNG
 13982808174100232:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:90:Filename=/etc/openvpn/easy-rsa/pki/.rnd
 Check that the request matches the signature
 Signature ok
 The Subject
 commonName            :ASN.1 12:'meilana
 Certificate is to be certified until Dec 10 16:36:46 2026 GMT (3650 days)
 Write out database with 1 new entries
 Data Base Updated
 Client user1 added, configuration is available at: /root/meilana.ovpn
该OpenVPN的配置文件放在里面的文件夹。.ovpn/root 步骤4.从客户端连接到OpenVPN Server。 您可以使用与选择相关联的VPN客户端在操作系统上配置OpenVPN客户端。对于所有想要使用官方OpenVPN客户端的用户,请转到下载网页,并在安装后获取最新版本。 恭喜你!您已经成功安装了OpenVPN。感谢您使用本教程在CentOS 8系统上安装OpenVPN服务器。有关其他帮助或有用信息,我们建议您检查OpenVPN官方网站
  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin
0 0 投票数
文章评分
订阅评论
提醒
guest

0 评论
最旧
最新 最多投票
内联反馈
查看所有评论