如安在linux上实现Openvpn
发布时间:2016-10-31 17:44:00 所属栏目:Linux 来源:站长网
导读:副标题#e# 一,OpenVPN的工作原理 VPN技术通过密钥交换、封装、认证、加密手段在公共网络上建立起私密的隧道,保障传输数据的完整性、私密性和有效性。OpenVPN是近年来新出现的开放源码项目,实现了SSLVPN的一种解决方案。 传统SSL VPN通过端口代理的方法实
|
2.5生成客户端 key 注意在进入 Common Name (eg, your name or your server's hostname) []: 的输入时, 每个证书输入的名字必须不同. [root@test1 2.0]# ./build-key test2.test.com Generating a 1024 bit RSA private key ............................................................................................................................++++++ ......................++++++ writing new private key to 'test2.test.com.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [CN]: State or Province Name (full name) [HB]: Locality Name (eg, city) [WH]: Organization Name (eg, company) [test.com]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) [test2.test.com]: 每个client的hostname都不能一样 Name []: Email Address [root@localhost]: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456 An optional company name []: Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'CN' stateOrProvinceName :PRINTABLE:'HB' localityName :PRINTABLE:'WH' organizationName :PRINTABLE:'test.com' commonName :PRINTABLE:'test2.test.com' emailAddress :IA5STRING:'root@localhost' Certificate is to be certified until Oct 6 03:36:48 2023 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated 2.6生成Diffie Hellman参数,加强安全 [root@test1 2.0]# ./build-dh Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time ..............+...............+..+..............................................+..+..............+.......+............. 查看本栏目更多精彩内容:http://www.bianceng.cn/OS/Linux/ 2.7创建服务端配置文件 (编辑:常州站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
