Created
January 27, 2021 14:36
-
-
Save emreozkangit/c3d4dbef2cb4a9ec6fe26159664e8f4e to your computer and use it in GitHub Desktop.
openvpn-useradd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Note: using Easy-RSA configuration from: /etc/openvpn/easy-rsa/vars | |
| init-pki complete; you may now create a CA or requests. | |
| Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki | |
| Using SSL: openssl OpenSSL 1.1.1g FIPS 21 Apr 2020 | |
| read EC key | |
| writing EC key | |
| Note: using Easy-RSA configuration from: /etc/openvpn/easy-rsa/vars | |
| Using SSL: openssl OpenSSL 1.1.1g FIPS 21 Apr 2020 | |
| Generating an EC private key | |
| writing new private key to '/etc/openvpn/easy-rsa/pki/easy-rsa-46209.5cFmTY/tmp.vkF2sV' | |
| ----- | |
| Using configuration from /etc/openvpn/easy-rsa/pki/easy-rsa-46209.5cFmTY/tmp.ub3ds3 | |
| Check that the request matches the signature | |
| Signature ok | |
| The Subject's Distinguished Name is as follows | |
| commonName :ASN.1 12:'server_kgpZLd7egXlDTp62' | |
| Certificate is to be certified until May 2 14:33:40 2023 GMT (825 days) | |
| Write out database with 1 new entries | |
| Data Base Updated | |
| Note: using Easy-RSA configuration from: /etc/openvpn/easy-rsa/vars | |
| Using SSL: openssl OpenSSL 1.1.1g FIPS 21 Apr 2020 | |
| Using configuration from /etc/openvpn/easy-rsa/pki/easy-rsa-46298.A3JrG1/tmp.JowFip | |
| An updated CRL has been created. | |
| CRL file: /etc/openvpn/easy-rsa/pki/crl.pem | |
| * Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ... | |
| kernel.yama.ptrace_scope = 0 | |
| * Applying /usr/lib/sysctl.d/50-coredump.conf ... | |
| kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e | |
| * Applying /usr/lib/sysctl.d/50-default.conf ... | |
| kernel.sysrq = 16 | |
| kernel.core_uses_pid = 1 | |
| kernel.kptr_restrict = 1 | |
| net.ipv4.conf.all.rp_filter = 1 | |
| net.ipv4.conf.all.accept_source_route = 0 | |
| net.ipv4.conf.all.promote_secondaries = 1 | |
| net.core.default_qdisc = fq_codel | |
| fs.protected_hardlinks = 1 | |
| fs.protected_symlinks = 1 | |
| * Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ... | |
| net.core.optmem_max = 81920 | |
| * Applying /usr/lib/sysctl.d/50-pid-max.conf ... | |
| kernel.pid_max = 4194304 | |
| * Applying /etc/sysctl.d/60-gce-network-security.conf ... | |
| net.ipv4.tcp_syncookies = 1 | |
| net.ipv4.conf.all.accept_source_route = 0 | |
| net.ipv4.conf.default.accept_source_route = 0 | |
| net.ipv4.conf.all.accept_redirects = 0 | |
| net.ipv4.conf.default.accept_redirects = 0 | |
| net.ipv4.conf.all.secure_redirects = 1 | |
| net.ipv4.conf.default.secure_redirects = 1 | |
| net.ipv4.ip_forward = 0 | |
| net.ipv4.conf.all.send_redirects = 0 | |
| net.ipv4.conf.default.send_redirects = 0 | |
| net.ipv4.conf.all.rp_filter = 1 | |
| net.ipv4.conf.default.rp_filter = 1 | |
| net.ipv4.icmp_echo_ignore_broadcasts = 1 | |
| net.ipv4.icmp_ignore_bogus_error_responses = 1 | |
| net.ipv4.conf.all.log_martians = 1 | |
| net.ipv4.conf.default.log_martians = 1 | |
| kernel.randomize_va_space = 2 | |
| kernel.panic = 10 | |
| * Applying /etc/sysctl.d/99-openvpn.conf ... | |
| net.ipv4.ip_forward = 1 | |
| * Applying /etc/sysctl.d/99-sysctl.conf ... | |
| * Applying /etc/sysctl.conf ... | |
| Created symlink /etc/systemd/system/multi-user.target.wants/[email protected] → /etc/systemd/system/[email protected]. | |
| Created symlink /etc/systemd/system/multi-user.target.wants/iptables-openvpn.service → /etc/systemd/system/iptables-openvpn.service. | |
| Tell me a name for the client. | |
| The name must consist of alphanumeric character. It may also include an underscore or a dash. | |
| Client name: sysaix | |
| Do you want to protect the configuration file with a password? | |
| (e.g. encrypt the private key with a password) | |
| 1) Add a passwordless client | |
| 2) Use a password for the client | |
| Select an option [1-2]: 1 | |
| ote: using Easy-RSA configuration from: /etc/openvpn/easy-rsa/vars | |
| Using SSL: openssl OpenSSL 1.1.1g FIPS 21 Apr 2020 | |
| Generating an EC private key | |
| writing new private key to '/etc/openvpn/easy-rsa/pki/easy-rsa-46463.wx1uTZ/tmp.d6dIo3' | |
| ----- | |
| Using configuration from /etc/openvpn/easy-rsa/pki/easy-rsa-46463.wx1uTZ/tmp.OWnISg | |
| Check that the request matches the signature | |
| Signature ok | |
| The Subject's Distinguished Name is as follows | |
| commonName :ASN.1 12:'sysaix' | |
| Certificate is to be certified until May 2 14:34:04 2023 GMT (825 days) | |
| Write out database with 1 new entries | |
| Data Base Updated | |
| Client sysaix added. | |
| The configuration file has been written to /home/eozkan/sysaix.ovpn. | |
| Download the .ovpn file and import it in your OpenVPN client. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment