Журнал лабораторных работ

Содержание

Журнал

Среда (04/04/12)

/dev/pts/3
13:45:15
#make install
===>  Installing for openvpn-2.0.9_2
===>   openvpn-2.0.9_2 depends on file: /usr/local/lib/libcrypto.so.7 - found
===>   openvpn-2.0.9_2 depends on shared library: lzo2.2 - found
===>   Generating temporary packing list
===>  Checking if security/openvpn20 already installed
test -z "/usr/local/sbin" || /usr/ports/security/openvpn20/work/openvpn-2.0.9/install-sh -d "/usr/local/sbin"
  install  -s -o root -g wheel -m 555 'openvpn' '/usr/local/sbin/openvpn'
test -z "/usr/local/man/man8" || /usr/ports/security/openvpn20/work/openvpn-2.0.9/install-sh -d "/usr/local/man/man8"
 install  -o root -g wheel -m 444 './openvpn.8' '/usr/local/man/man8/openvpn.8'
===> Installing rc.d startup script(s)
...
      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/openvpn
      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.
      For more information, and contact details about the security
      status of this software, see the following webpage:
http://openvpn.net/index.php/open-source.html
13:45:21
#cd /usr/local/etc/openvpn/

13:45:52
#ls
easy-rsa        keys
13:45:53
#cd easy-rsa/2.0/

13:46:08
#ls
README                  build-key-server        openssl.cnf
build-ca                build-req               pkitool
build-dh                build-req-pass          revoke-full
build-inter             clean-all               sign-req
build-key               inherit-inter           vars
build-key-pass          list-crl                whichopensslcnf
build-key-pkcs12        openssl-0.9.6.cnf
13:46:09
#ee vars
--- /tmp/l3-saved-27061.19506.30941	2012-04-04 14:46:21.000000000 +0300
+++ vars	2012-04-04 14:48:38.000000000 +0300
@@ -36,7 +36,7 @@
 # a rm -rf on this directory
 # so make sure you define
 # it correctly!
-export KEY_DIR="$EASY_RSA/keys"
+export KEY_DIR="$EASY_RSA/keys/server"
 
 # Issue rm -rf warning
 echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
@@ -46,7 +46,7 @@
 # down TLS negotiation performance
 # as well as the one-time DH parms
 # generation process.
-export KEY_SIZE=1024
+export KEY_SIZE=2048
 
 # In how many days should the root CA key expire?
 export CA_EXPIRE=3650
@@ -57,8 +57,8 @@
 # These are the default values for fields
 # which will be placed in the certificate.
 # Don't leave any of these fields blank.
-export KEY_COUNTRY="US"
-export KEY_PROVINCE="CA"
-export KEY_CITY="SanFrancisco"
-export KEY_ORG="Fort-Funston"
-export KEY_EMAIL="me@myhost.mydomain"
+export KEY_COUNTRY="UA"
+export KEY_PROVINCE="UA"
+export KEY_CITY="Kiev"
+export KEY_ORG="Creolab"
+export KEY_EMAIL="v.yaroshenko@creolab.edu"
13:48:38
#chmod 544 *

13:48:46
#ls
README                  build-key-server        openssl.cnf
build-ca                build-req               pkitool
build-dh                build-req-pass          revoke-full
build-inter             clean-all               sign-req
build-key               inherit-inter           vars
build-key-pass          list-crl                whichopensslcnf
build-key-pkcs12        openssl-0.9.6.cnf
13:49:10
#mkdir keys/server
mkdir: keys: No such file or directory
13:49:24
#mkdir keys

13:49:48
#mkdir -p ys/server

13:50:01
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
13:50:07
#. ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server
13:50:13
#./build-ca
bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory
13:50:28
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
13:50:35
#./build-ca
bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory
13:50:43
#sh

13:51:20
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
/dev/pts/4
13:51:20
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
/dev/pts/3
13:51:22
#./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server
/dev/pts/4
13:51:22
#./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/local/etc/openvpn/easy-rsa/2.0/keys/server
/dev/pts/3
13:51:44
#chmod +x build-ca

/dev/pts/4
13:51:44
#chmod +x build-ca

13:51:52
#./build-ca
bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory
/dev/pts/3
13:51:52
#./build-ca
bash: ./build-ca: /bin/bash: bad interpreter: No such file or directory
13:51:57
#pwd
/usr/local/etc/openvpn/easy-rsa/2.0
/dev/pts/4
13:51:57
#pwd
/usr/local/etc/openvpn/easy-rsa/2.0
/dev/pts/3
13:52:17
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
/dev/pts/4
13:52:17
#ls
README                  build-key-server        openssl-0.9.6.cnf
build-ca                build-req               openssl.cnf
build-dh                build-req-pass          pkitool
build-inter             clean-all               revoke-full
build-key               inherit-inter           sign-req
build-key-pass          keys                    vars
build-key-pkcs12        list-crl                whichopensslcnf
/dev/pts/3
13:52:19
#build-ca
bash: build-ca: command not found
/dev/pts/4
13:52:19
#build-ca
bash: build-ca: command not found
/dev/pts/3
13:52:27
#whereis openvpn20
openvpn20: /usr/ports/security/openvpn20
/dev/pts/4
13:52:27
#whereis openvpn20
openvpn20: /usr/ports/security/openvpn20
/dev/pts/3
13:52:42
#cd /usr/ports/security/openv
openvas-client/      openvas-server/      openvpn-auth-radius/
openvas-libnasl/     openvpn/             openvpn-beta/
openvas-libraries/   openvpn-admin/       openvpn-devel/
openvas-plugins/     openvpn-auth-ldap/   openvpn20/
/dev/pts/4
13:52:42
#cd /usr/ports/security/openv
openvas-client/      openvas-server/      openvpn-auth-radius/
openvas-libnasl/     openvpn/             openvpn-beta/
openvas-libraries/   openvpn-admin/       openvpn-devel/
openvas-plugins/     openvpn-auth-ldap/   openvpn20/
/dev/pts/3
13:52:42
#cd /usr/ports/security/openvpn20/

/dev/pts/4
13:52:42
#cd /usr/ports/security/openvpn20/

/dev/pts/3
13:53:07
#make deinstall
===>  Deinstalling for security/openvpn20
===>   Deinstalling openvpn-2.0.9_2
/dev/pts/4
13:53:07
#make deinstall
===>  Deinstalling for security/openvpn20
===>   Deinstalling openvpn-2.0.9_2
/dev/pts/3
13:53:15
#rm -r /usr/local/etc/openvpn/

/dev/pts/4
13:53:15
#rm -r /usr/local/etc/openvpn/

/dev/pts/3
13:54:10
#cd /usr/local/etc/openldap/

/dev/pts/4
13:54:10
#cd /usr/local/etc/openldap/

/dev/pts/3
13:54:17