octoleo/openvpn-install
1
1
Fork 0
mirror of https://github.com/namibia/openvpn-install.git synced 2024-06-02 11:30:48 +00:00
Code Issues Releases Activity
134 Commits 5 Branches 0 Tags 825 KiB
Shell 100%
0f21c29afa
Go to file
Angristan 0f21c29afa Update README.md
2016-03-21 18:34:09 +01:00
LICENSE Rename LICENSE.txt to LICENSE 2016-01-01 13:53:57 +01:00
openvpn-install.sh Disable compression 2016-03-21 17:43:48 +01:00
README.md Update README.md 2016-03-21 18:34:09 +01:00

README.md

##openvpn-install OpenVPN road warrior installer for Debian, Ubuntu and CentOS.

This script will let you setup your own VPN server in no more than a minute, even if you haven't used OpenVPN before. It isn't bulletproof but has been designed to be as unobtrusive and universal as possible.

##Fork This fork includes :

  • No logs
  • No comp-lzo (compression is a vector for oracle attacks, e.g. CRIME or BREACH)
  • Better encryption (see below)
  • TLS 1.2 only
  • AES-256-CBC and SHA-512 for HMAC (instead of BF-128-CBC and SHA1)
  • FDN's DNS Servers
  • Nearest OpenNIC DNS Servers
  • Up-to-date OpenVPN (2.3.10) thanks to EPEL and swupdate.openvpn.net
  • Every feature of the original script (I check periodically to sync the latest commits from source)

Variants

When you lauch the script you will be asked to choose a mode. Both will work the same way, but slow has higher encryption settings, so it may slow down your connection and take more time to install.

If you're just using your VPN at home, you may choose "fast". But if you're often using public Wi-Fi or traveling a lot, you choose use slow.

FYI, "fast" is still more secured than default OpenVPN settings.

Slow (high encryption)

Features :

  • 4096 bits RSA private key
  • 4096 bits Diffie-Hellman key
  • 256 bits AES-GCM
  • SHA-384 RSA certificate

Fast (lower encryption)

Features :

  • 2048 bits RSA private key
  • 2048 bits Diffie-Hellman key
  • 128 bits AES-GCM
  • SHA-256 RSA certificate

Compatibility

The script is made to work on these OS :

  • Debian 7
  • Debian 8
  • Ubuntu 12.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 15.10
  • CentOS 6
  • CentOS 7

Each one has been test by myself.

##Installation

Run the script and follow the assistant:

wget --no-check-certificate https://raw.githubusercontent.com/Angristan/OpenVPN-install-nyr/master/openvpn-install.sh
chmod +x openvpn-install.sh
./openvpn-install.sh

Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.

You can get a high speed VPS in 14 locations around the world at Vultr. (Sign up for 5$ free credit !)

Licence

Based on the work of Nyr

MIT Licence