2013-05-14 16:04:19 +04:00
##openvpn-install
2015-02-11 21:51:19 +03:00
OpenVPN [road warrior ](http://en.wikipedia.org/wiki/Road_warrior_%28computing%29 ) installer for Debian, Ubuntu and CentOS.
2013-05-14 16:04:19 +04:00
2015-02-11 21:51:19 +03:00
This script will let you setup your own VPN server in no more than a minute, even if you haven't used OpenVPN before. It isn't bulletproof but has been designed to be as unobtrusive and universal as possible.
2013-05-14 16:04:19 +04:00
2016-03-13 17:41:05 +03:00
##Fork
2016-03-09 01:16:52 +03:00
This fork includes :
- no logs
- TLS 1.2 only
2016-03-10 01:01:25 +03:00
- AES-128-GCM encryption (instead of BF-CBC)
2016-03-13 23:51:50 +03:00
- Legacy version for less hardened encryption
2016-03-09 23:13:12 +03:00
- 4096 bits DH (instead of 2048 bits)
2016-03-09 01:51:02 +03:00
- [FDN's DNS Servers ](http://www.fdn.fr/actions/dns/ )
2016-03-09 18:46:56 +03:00
- Every feature of the [original script ](https://github.com/Nyr/openvpn-install ) (I check periodically to sync the latest commits from source)
2016-03-09 01:16:52 +03:00
2016-03-13 17:41:05 +03:00
##Installation
2016-03-15 23:36:05 +03:00
Run the script and follow the assistant:
```
wget --no-check-certificate https://raw.githubusercontent.com/Angristan/OpenVPN-install-nyr/master/openvpn-install.sh
chmod +x openvpn-install.sh
./openvpn-install.sh
```
Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.
##Variants
When you will launch the script, you will be asked to choose the variant of the script you want to use.
2016-03-13 17:41:05 +03:00
To check your OpenVPN version, use `openvpn --version`
2016-03-13 22:02:32 +03:00
If your server **and** your client have OpenVPN 2.3.3 or higher, use *latest* . If your server **or** your client have OpenVPN 2.3.2 or lower, use *legacy* .
2016-03-13 17:41:05 +03:00
2016-03-13 17:53:09 +03:00
I made two versions to make sure you can get the best encryption possible, but also to support most devices as possible.
2016-03-13 22:02:32 +03:00
###Latest (OpenVPN > 2.3.3)
2016-03-13 17:41:05 +03:00
It will work for :
- Debian 8
- Ubuntu 15.10
2016-03-14 23:20:03 +03:00
- CentOS 6
- CentOS 7
2016-03-15 23:36:05 +03:00
- All recent clients with OpenVPN 2.3.3 or higher
2013-05-14 16:04:19 +04:00
2016-03-13 22:02:32 +03:00
###Legacy (OpenVPN < 2.3.2)
2016-03-13 17:41:05 +03:00
2016-03-13 22:02:32 +03:00
It's the same script as *latest* , but with TLS 1.0 instead of TLS 1.2 and AES-256-CBC instead of AES-128-GCM. (OpenVPN 2.3.2 and lower doesn't support `tls-min` and `tls-cipher` )
2016-03-13 17:53:09 +03:00
Other features are still included.
2016-03-15 23:36:05 +03:00
The following Operating Systems are only supported by the *legacy* variant :
2016-03-13 17:41:05 +03:00
- Debian 7
2016-03-14 23:20:03 +03:00
- Ubuntu 12.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 15.04
2016-03-15 23:36:05 +03:00
- All older clients with OpenVPN 2.3.2 or lower (it *could* be NAS devices, routers, etc)
2016-03-13 17:41:05 +03:00
2016-03-15 23:37:58 +03:00
If your server and/or your client does not support OpenVPN 2.3.3 or higher, you should use *legacy* .
2016-03-13 17:41:05 +03:00
2016-01-01 15:53:28 +03:00
2016-03-13 19:54:12 +03:00
You can get a little VPS for just 1.49€/month at [PulseHeberg ](http://manager.pulseheberg.com/aff.php?aff=1204 ).
2016-01-01 15:53:28 +03:00
## Licence
2016-03-13 17:41:05 +03:00
Based on the work of [Nyr ](https://github.com/Nyr/openvpn-install )
2016-01-01 15:53:46 +03:00
[MIT Licence ](https://raw.githubusercontent.com/Angristan/openvpn-install-nyr/master/LICENSE )