/l3/users/03-04-2012/NT-BSDnet/freebsd1.local/root :1 :2 :3 :4 :5 :6 |
|
#make install
===> Installing for openvpn-2.0.9_2 ===> openvpn-2.0.9_2 depends on file: /usr/local/lib/libcrypto.so.7 - found ===> openvpn-2.0.9_2 depends on shared library: lzo2.2 - found ===> Generating temporary packing list ===> Checking if security/openvpn20 already installed test -z "/usr/local/sbin" || /usr/ports/security/openvpn20/work/openvpn-2.0.9/install-sh -d "/usr/local/sbin" install -s -o root -g wheel -m 555 'openvpn' '/usr/local/sbin/openvpn' test -z "/usr/local/man/man8" || /usr/ports/security/openvpn20/work/openvpn-2.0.9/install-sh -d "/usr/local/man/man8" install -o root -g wheel -m 444 './openvpn.8' '/usr/local/man/man8/openvpn.8' ===> Installing rc.d startup script(s) ... This port has installed the following startup scripts which may cause these network services to be started at boot time. /usr/local/etc/rc.d/openvpn If there are vulnerabilities in these programs there may be a security risk to the system. FreeBSD makes no guarantee about the security of ports included in the Ports Collection. Please type 'make deinstall' to deinstall the port if this is a concern. For more information, and contact details about the security status of this software, see the following webpage: http://openvpn.net/index.php/open-source.html |
#cd /usr/local/etc/openvpn/
|
#ls
easy-rsa keys |
#cd easy-rsa/2.0/
|
#ls
README build-key-server openssl.cnf build-ca build-req pkitool build-dh build-req-pass revoke-full build-inter clean-all sign-req build-key inherit-inter vars build-key-pass list-crl whichopensslcnf build-key-pkcs12 openssl-0.9.6.cnf |
#ee vars
--- /tmp/l3-saved-27061.19506.30941 2012-04-04 14:46:21.000000000 +0300 +++ vars 2012-04-04 14:48:38.000000000 +0300 @@ -36,7 +36,7 @@ # a rm -rf on this directory # so make sure you define # it correctly! -export KEY_DIR="$EASY_RSA/keys" +export KEY_DIR="$EASY_RSA/keys/server" # Issue rm -rf warning echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR @@ -46,7 +46,7 @@ # down TLS negotiation performance # as well as the one-time DH parms # generation process. -export KEY_SIZE=1024 +export KEY_SIZE=2048 # In how many days should the root CA key expire? export CA_EXPIRE=3650 @@ -57,8 +57,8 @@ # These are the default values for fields # which will be placed in the certificate. # Don't leave any of these fields blank. -export KEY_COUNTRY="US" -export KEY_PROVINCE="CA" -export KEY_CITY="SanFrancisco" -export KEY_ORG="Fort-Funston" -export KEY_EMAIL="me@myhost.mydomain" +export KEY_COUNTRY="UA" +export KEY_PROVINCE="UA" +export KEY_CITY="Kiev" +export KEY_ORG="Creolab" +export KEY_EMAIL="v.yaroshenko@creolab.edu" |
#chmod 544 *
|
#ls
README build-key-server openssl.cnf build-ca build-req pkitool build-dh build-req-pass revoke-full build-inter clean-all sign-req build-key inherit-inter vars build-key-pass list-crl whichopensslcnf build-key-pkcs12 openssl-0.9.6.cnf |
#mkdir keys/server
![]() mkdir: keys: No such file or directory |
#mkdir keys
|
#mkdir -p ys/server
|
#ls
README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#. ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server |
#./build-ca
![]() bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory |
#ls
README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#./build-ca
![]() bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory |
#sh
|
#ls
![]() README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#ls
README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#./vars
![]() NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server |
#./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server |
#./build-ca
![]() bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory |
#./build-ca
![]() bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory |
#pwd
![]() /usr/local/etc/openvpn/easy-rsa/2.0 |
#ls
![]() README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#ls
README build-key-server openssl-0.9.6.cnf build-ca build-req openssl.cnf build-dh build-req-pass pkitool build-inter clean-all revoke-full build-key inherit-inter sign-req build-key-pass keys vars build-key-pkcs12 list-crl whichopensslcnf |
#cd /usr/ports/security/openv
![]() openvas-client/ openvas-server/ openvpn-auth-radius/ openvas-libnasl/ openvpn/ openvpn-beta/ openvas-libraries/ openvpn-admin/ openvpn-devel/ openvas-plugins/ openvpn-auth-ldap/ openvpn20/ |
#cd /usr/ports/security/openv
![]() openvas-client/ openvas-server/ openvpn-auth-radius/ openvas-libnasl/ openvpn/ openvpn-beta/ openvas-libraries/ openvpn-admin/ openvpn-devel/ openvas-plugins/ openvpn-auth-ldap/ openvpn20/ |
#make deinstall
![]() ===> Deinstalling for security/openvpn20 ===> Deinstalling openvpn-2.0.9_2 |
#make deinstall
===> Deinstalling for security/openvpn20 ===> Deinstalling openvpn-2.0.9_2 |