1
0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-27 23:46:07 +03:00

harden script

This commit is contained in:
Kilian von Pflugk 2016-08-31 11:23:10 +02:00 committed by GitHub
parent dab9a210c2
commit 28a242713b

View File

@ -276,7 +276,10 @@ ifconfig-pool-persist ipp.txt" > /etc/openvpn/server.conf
;; ;;
esac esac
echo "keepalive 10 120 echo "keepalive 10 120
cipher AES-128-CBC cipher AES-256-CBC
auth SHA512
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
comp-lzo comp-lzo
user nobody user nobody
group $GROUPNAME group $GROUPNAME
@ -375,8 +378,11 @@ nobind
persist-key persist-key
persist-tun persist-tun
remote-cert-tls server remote-cert-tls server
cipher AES-128-CBC cipher AES-256-CBC
auth SHA512
comp-lzo comp-lzo
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
setenv opt block-outside-dns setenv opt block-outside-dns
key-direction 1 key-direction 1
verb 3" > /etc/openvpn/client-common.txt verb 3" > /etc/openvpn/client-common.txt