반응형
openvpn 구성 파일 생성
vpnuser01.ovpn 파일을 만들기 위한 필요한 파일들
- sample.ovpn(/usr/share/doc/openvpn-2.4.9/sample/sample-windows/sample.ovpn)
- ca.crt
- vpnuser01.crt
- vpnuser01.key
vpnuser01.ovpn 파일 생성
vim vpnuser01.ovpn
client
dev tun
persist-tun
persist-key
client
resolv-retry infinite
remote 127.0.0.1 1194 udp
lport 0
cipher AES-256-CBC
keysize 256
auth SHA256
tls-client
<ca>
-----BEGIN CERTIFICATE-----
MIIDNTCCAh2gAwIBAgIJAOKvjhNj+SRjMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
BAMMC0Vhc3ktUlNBIENBMB4XDTIwMDkyMzA3MzAwMFoXDTMwMDkyMTA3MzAwMFow
FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCrHuYJnATCTi8c7LLT25e1DMr5b7BH0k3bd04JOjTpyWD1yJwaAnSd
A2QjT+9SKg5QULx+LALkaazs0da+Oa9NZG7vxzE9fMIoAEXGuq8+MXtnsNiiOKRE
bwLqw8pPyXBz6mRCwz36+foUsL99smP/GlTwYi4ap9Dg6hZKGWHFpclPP4fWQgRY
xg/JMadNfzCgRty7Rr8Ew87hRHX1CMWzDgqpob9wsTrsIwAF4PG/cfcfXdRKi+rd
PfOcG9zqosYtNMX6yi8AvhjAwvYW+asM3887tC25yrJgY30eqxqOx+4BtLKmNlos
miPkUjbKw8ixSh4b38790L+EOeYuOm7HAgMBAAGjgYUwgYIwHQYDVR0OBBYEFI/w
AJc2l/wq7JHa0UmZhwxWJrmCMEYGA1UdIwQ/MD2AFI/wAJc2l/wq7JHa0UmZhwxW
JrmCoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIJAOKvjhNj+SRjMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBNGh+NQBqo
iAfG2PMV+0jOSLeRc+MXjQ2yyV/MTG4jWv2ucXGh8GQmihglPrOte0m0c1p/U8Mr
6uYRyHkAPe6su2Mo1em2bKrdI1VKoTqHOeCWIjxzTQy8owXFprOL+AKARiD1eSWZ
lMc/9XErWc1kwBCu/wtvl6NRpPTpltMBWDj9azUey4rqSWUl0VYkfdfPgV5cyRAj
AH/JpmGew66VFvf8qeVnNOE7BWyFbIvV3/qWXE9Bul5pbEJr93pSk6ddH9ki7TLY
EbMz3WTjRqqjoSkiJySewWnz+5gvUgnH4/DBLZlZg30thQoiRPhPvb9IYmFSSuq1
2TMN4yilXZL1
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9f:dc:69:38:f9:b2:c4:99:d8:a0:36:a3:33:98:57:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Easy-RSA CA
Validity
Not Before: Sep 23 08:14:46 2020 GMT
Not After : Dec 27 08:14:46 2022 GMT
Subject: CN=vpnuser01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:dd:51:52:3b:d0:58:51:e9:ac:4b:9c:93:3f:5c:
a6:fe:02:76:95:0b:cb:6c:ca:41:be:9f:c6:9a:22:
33:3f:f3:00:8a:84:bf:96:b2:0b:db:a9:82:ac:3d:
e1:03:11:d2:29:9b:61:c2:f4:65:42:72:dd:41:3b:
e6:94:c5:23:37:ab:b0:9c:5c:00:3f:5d:bc:0d:f2:
b8:c9:34:f4:b3:76:a1:55:95:88:04:5c:7c:74:97:
8d:95:29:ba:53:54:79:21:4e:4a:a6:92:7f:d0:0d:
11:58:b4:78:75:41:a6:1f:27:b8:62:4c:b0:a8:fa:
51:0c:21:76:9a:c8:e1:db:5f:be:44:87:9b:8f:da:
b3:94:62:ef:7f:b4:c2:99:ca:0c:d1:cb:ee:86:a9:
48:44:9a:2c:52:07:6e:8d:81:37:7d:6e:9b:9f:e7:
ce:f1:32:9d:76:70:8d:d6:8d:02:a2:79:4f:ff:ac:
4e:c6:c3:fa:7c:bf:59:f1:ce:86:73:56:e8:08:d7:
a0:0e:ef:7d:af:a5:c0:ad:67:8c:6a:02:a7:a4:7f:
69:a0:bd:30:07:99:91:43:9e:8a:35:45:d0:5f:9a:
45:54:58:da:5f:db:ed:45:4b:ff:b8:5e:09:17:ac:
db:44:9b:c8:e0:fe:07:85:24:a5:b3:b6:8d:a5:d2:
e2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
6F:BE:1D:9E:E4:DB:8E:61:89:A7:77:2C:33:33:90:7F:43:5B:65:7B
X509v3 Authority Key Identifier:
keyid:8F:F0:00:97:36:97:FC:2A:EC:91:DA:D1:49:99:87:0C:56:26:B9:82
DirName:/CN=Easy-RSA CA
serial:E2:AF:8E:13:63:F9:24:63
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
1f:48:0d:5c:86:8b:53:c3:9e:0e:41:37:5b:a2:9b:6c:50:4b:
78:eb:00:f5:95:21:87:e2:df:b9:da:45:74:3f:40:98:5f:58:
9c:83:05:50:6e:51:8f:b8:f4:ba:2b:48:2d:ce:89:97:3f:5e:
95:10:c9:c8:36:f5:c2:27:93:e4:99:5b:57:7d:07:36:e1:21:
b0:7d:8c:16:8e:04:ff:a8:2a:2f:d5:57:a6:aa:44:74:28:71:
94:06:95:c9:f8:b2:4a:90:b2:8e:6c:f2:fe:96:0e:9c:5f:14:
c9:6e:95:01:5a:d4:c6:67:84:93:5f:ec:ae:bc:67:05:c4:b5:
14:a8:b9:cc:55:50:4f:6a:c4:45:0e:b7:8d:f3:95:5a:67:69:
12:30:f1:1f:2a:19:6d:54:50:28:a6:b8:ba:23:ed:67:10:17:
be:5c:4c:d6:4a:e0:3c:05:83:5d:73:c9:f5:c7:74:49:00:8f:
6a:f2:fd:80:4a:fe:ff:45:5d:a6:7c:f1:57:38:e2:0c:c0:fc:
d6:64:25:64:ec:c2:1b:09:1d:f8:cf:ae:32:78:7f:b4:18:a1:
20:24:f7:49:6a:9b:58:d4:d8:4d:7a:4a:57:e7:72:a9:b1:43:
7f:f6:f9:b0:f4:d8:3d:72:d4:7f:29:de:f7:8d:8b:8a:95:60:
8e:ea:e5:eb
-----BEGIN CERTIFICATE-----
MIIDTTCCAjWgAwIBAgIRAJ/caTj5ssSZ2KA2ozOYV70wDQYJKoZIhvcNAQELBQAw
FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjAwOTIzMDgxNDQ2WhcNMjIxMjI3
MDgxNDQ2WjAUMRIwEAYDVQQDDAl2cG51c2VyMDEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdUVI70FhR6axLnJM/XKb+AnaVC8tsykG+n8aaIjM/8wCK
hL+WsgvbqYKsPeEDEdIpm2HC9GVCct1BO+aUxSM3q7CcXAA/XbwN8rjJNPSzdqFV
lYgEXHx0l42VKbpTVHkhTkqmkn/QDRFYtHh1QaYfJ7hiTLCo+lEMIXaayOHbX75E
h5uP2rOUYu9/tMKZygzRy+6GqUhEmixSB26NgTd9bpuf587xMp12cI3WjQKieU//
rE7Gw/p8v1nxzoZzVugI16AO732vpcCtZ4xqAqekf2mgvTAHmZFDnoo1RdBfmkVU
WNpf2+1FS/+4XgkXrNtEm8jg/geFJKWzto2l0uK3AgMBAAGjgZcwgZQwCQYDVR0T
BAIwADAdBgNVHQ4EFgQUb74dnuTbjmGJp3csMzOQf0NbZXswRgYDVR0jBD8wPYAU
j/AAlzaX/CrskdrRSZmHDFYmuYKhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENB
ggkA4q+OE2P5JGMwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAfSA1chotTw54OQTdboptsUEt46wD1lSGH4t+52kV0
P0CYX1icgwVQblGPuPS6K0gtzomXP16VEMnINvXCJ5PkmVtXfQc24SGwfYwWjgT/
qCov1VemqkR0KHGUBpXJ+LJKkLKObPL+lg6cXxTJbpUBWtTGZ4STX+yuvGcFxLUU
qLnMVVBPasRFDreN85VaZ2kSMPEfKhltVFAopri6I+1nEBe+XEzWSuA8BYNdc8n1
x3RJAI9q8v2ASv7/RV2mfPFXOOIMwPzWZCVk7MIbCR34z64yeH+0GKEgJPdJaptY
1NhNekpX53KpsUN/9vmw9Ng9ctR/Kd73jYuKlWCO6uXr
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIpSohfkeSngYCAggA
MBQGCCqGSIb3DQMHBAg7UwCe/puJXASCBMirrtweQoJiAD82YBs94ezv+QJpBPLf
9Yq5n6xKK9VCW4BfX2WpZvyE9i8A7X7YSiEzky2Jncu+xYFcAHtdL3MYR89SbJIi
KPuE0ZETnOEvHvj+GAlWuhqVCnx8sYb5sXO+9FvzV0Q15md615XoTpGqbJJeJJQf
x4vnpPlExBv/Mmiafa8ekOdq5KtqOdzNMmp7VtHIzVlrs+lAO8cdTi5Wb2vlT0ik
FgTG27M8AAPdlZDvoAx0J8fAI14yo3/Zo0732D2WIHvT9qeeH5HFUbcyM/ns070J
pbDlF5QyFTjoouedlQF++AgofqnTfyd1DvfBltpj1IofRjcZQItQtyaDcrParUar
WCfTS7htlRCeG9FXUbRMPZb/2Eg8SBOLvz49ybBTy96l/CjTPteZtz0jUtHdxENT
YR5CdVNNbuJRBoepHTqY/PCIv6tfmnlt02ePLzxD6Zhu98gSK+9jy32wNVpWUGQM
tId6kqwKmvifRj4HsnKHNl5KlKxKT/veKcbMTRwl1zN1OKs96xPhsw77/51+usfe
ZaoApgBzlPliGmrfriZjJqNuEokBb9cp8FijrKxUuP0BTlsWvvpGUD8nct3jr6zk
LDmbFYdgdDBSKWFjQpgIn0Ls99snX3mOKzJfd0AXaTJomKfvBzhpSpaaxvNRHEp8
s34sFMiQmWGYk4Mp4kaL7roj+dt2ZimOfQCU4bwXyICf4vgqBY8kwaAm3pHkKrHa
woIlaQmKMYreKPcfsJ3J9MypNIRFKoT4+oOyd7xRbHoicveOqRxv5Br81stA/JfE
rnME3CK9GUSDrdEFTmKYm4LSbn2Szr+fdkesO3LYnMz28KOn9oPUZpic/+iBc8UE
3pMHRHKrfFfg1/KzikbgBLQG6nD/EKPnnfexkZcfU+qcEiSIYhsoBpBBKuGvCOlb
ypKMWxsGU5WMLGaK40vC7KZE+8UwpvkZddBs+4zBdpf+sCNMx1oiH3fyax4154FJ
R3mCl519mZNpaWyYOrdUlRvQE6hEh/SIeP9wJpeJRYfQqtF7/i/sS2t4rDtyvHUW
vMU0P/9oUcGlB3hbZcJXGF16r0h2W/95cmxXp2SzVLsIEn5zQQphxBFgqa8Skgk9
0ZRsV7i2D7TuB9Mw6MXdAFPcsmxmYZiHH9clapFw4s94UmkIn8BzKAIiUTsUjJgz
UD0H6CWQE8SA6cgEvqdK87b+ikfvxTmokOhHfkJBnaz03v/g5asoA/u8WUlOYBVA
aPPgLQevqwaQIKN4WwMmjRw+jZ9z3AzGFftax8kuJeywinEwlW64I6/AYC6hrwf1
+edmQVkuIEKHbc1QL8eNCAdDmayqfvoR2+pOWkzSi/MIPMc2RWQTCPYXW+8RFhWl
fTSXuc+68u19ElAx7RHirxzXHMyvTxVcPNgUOp2C/QDBnmeBKKWepbOnu7/H2gUP
d8OAO8uINgPG2DlWvkifOs3kPsdpajchjDjbfMq59tqBRes1g8eRwaNrMmk/2nS9
90m8IYtQLCw0c8IqDj2Azc/sI/H2H0nSbf7OHtQLVqC8DU3TbD/jLy3qOd1oNbXV
g19uJQ0DgY2YNr3ahkkjnVAELIvBtIehd2Z0xMB1vB7WwXjlTkiFUWbejcQPq6zr
/+k=
-----END ENCRYPTED PRIVATE KEY-----
</key>
comp-lzo
728x90
반응형
'리눅스' 카테고리의 다른 글
[VPN] OPENVPN 스크립트로 패키지 설치 (0) | 2020.09.28 |
---|---|
[VPN] openvpn client 설치(리눅스) (0) | 2020.09.25 |
[VPN] openvpn 서버 설치 (0) | 2020.09.25 |
SSH 세션을 유지하는 방법 (0) | 2020.09.14 |
CentOS 7에서 사용하지 않는 오래된 커널 패키지를 정리하는 방법(사용하지 않는 커널 삭제) (0) | 2020.09.08 |