Itsec

CentOS 7, CA infrastructure

Install Easy-RSA scripts We will use auxiliary scripts for creating of encryption keys for OpenVPN server and clients. Enable epel repo: yum -y install epel-release yum -y install easy-rsa CA preparation Copy the easy-rsa scripts to OpenVPN config directory: cd /etc/openvpn cp -r /usr/share/easy-rsa/2.0/ ./CA cd CA Set default parameters for certificates in vars file: export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="Hermosa Beach" export KEY_ORG="Adventurer" export KEY_EMAIL="big_boss@adventurer.us" export KEY_OU="Core" Define the version of used openssl: »

Configure of clients

First of all, these keys and certificates should be copied to client device: ca.crt CLIENT_NAME.crt CLIENT_NAME.key ta.key Linux Install OpenVPN (Arch Linux): pacman -S openvpn Install OpenVPN (CentOS 7): yum -y install openvpn There are several ways to connect to VPN. OpenVPN client as service Create directory to store of client keys cd <path to directory with client's keys> mkdir /etc/openvpn/client cp ca.crt CLIENT_NAME.crt CLIENT_NAME.key ta. »

Information security

This section is devoted to information security in all its manifestations. DISCLAIMER: All information published in this section is intended for educational purposes only and should not be used for illegal activities. The author is not responsible for the use of this information for illegal purposes and for damage caused in consequence of using the materials from this section. »

OpenVPN

What is it? VPN - Virtual Private Network You may use VPN for: creating of one virtual network from several local networks located in different places; forwarding of internet traffic over VPN server for prevention of interception of data in a non-trusted network or/and to change external IP; creationg of secure connection to corporate or home local network; … VPN can be created using by different protocols: »

Server on CentOS 7

Install OpenVPN yum -y install openvpn Configure OpenVPN server Copy the example of openvpn config file to /etc/openvpn. cd /etc/openvpn cp /usr/share/doc/openvpn-2.4.4/sample/sample-config-files/server.conf ./ Copy keys and certificates to /etc/openvpn/server. cd /etc/openvpn/CA/keys cp ca.crt VPN_SRV_KEY.crt VPN_SRV_KEY.key dh2048.pem ta.key /etc/openvpn/server Edit config file to set parameters for OpenVPN server # Use UDP protocol proto udp dev tun0 # Set server keys and certificates ca /etc/openvpn/server/ca.crt cert /etc/openvpn/server/VPN_SRV_KEY.crt key /etc/openvpn/server/VPN_SRV_KEY. »