<< Membangun Jiwa Tanggung Jawab (بناء روح المسؤولية) | Install Extra Themes Ubuntu 9.10 >>

Install OpenVPN di VPS daxa.net

29 Jan 2010 Author: acul In: Tips

1. Order minimal paket Intro bisa cek list VPS di sini dan bisa daftar di sini

2. Kalu saya pilih OSnya CentOS 5.2

3. Setelah VPS udah ada download file2 berikut ini :

1 2	#wget http://openvpn.net/release/openvpn-2.0.9.tar.gz #wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm

4. Terus install beberapa software berikut ini :

#yum update -y 
#yum install fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils ncftp gcc gcc-c++ 
#yum install rpm-build
#yum install autoconf.noarch
#yum install zlib-devel
#yum install pam-devel
#yum install openssl-devel

5. Terus abis semua ke install kita build semua

#rpmbuild –rebuild lzo-1.08-4.rf.src.rpm
#rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
#rpmbuild -tb openvpn-2.0.9.tar.gz
#rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

6. Terus copy file2 konfigurasinya

1 2	#cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/ #cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/

7. Buat sertifikatnnya

1	cd /etc/openvpn/easy-rsa/

Membuat Certificate dan Key untuk Server

1.cd /etc/openvpn/easy-rsa/

Edit variabel di dalam vars untuk memudahkan kita dalam proses pembuatan SSL certificate;

1.vi vars

Sesuaikan entry berikut (dibagian paling bawah);

export KEY_COUNTRY=ID
export KEY_PROVINCE="DKI Jakarta"
export KEY_CITY="Jakarta Selatan"
export KEY_ORG=”chamceul.ind.ws”
export KEY_EMAIL=”info@chamceul.ind.ws”

Jalankan perintah berikut;

1.. ./vars #Perhatikan, .(spasi).vars
2../clean-all #Akan mengosongkan direktori keys/

Generate SSL Certificate, semua certificate dan key akan berada di dalam direktori /etc/openvpn/easy-rsa/keys;

1../build-ca

Kemudian input data sesuai dengan konfigurasi kita, tekan enter untuk variabel yang sebelumnya sudah kita tentukan di file vars, dan sesuaikan Common Name dengan hostname server kita;

Generating a 1024 bit RSA private key
………………………++++++
…………………….++++++
writing new private key to ‘ca.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [ID]:

State or Province Name (full name) [DKI Jakarta]:
Locality Name (eg, city) [Jakarta Selatan]:
Organization Name (eg, company) [Chamceul VPN]:
Organizational Unit Name (eg, section) []:Personal
Common Name (eg, your name or your server’s hostname) []:vpn.chamceul.ind.ws
Email Address [info@chamceul.ind.ws]:

Kemudian kita akan membuat server key, sesuaikan ovpnserver dengan keinginan kita, juga cukup tekan enter untuk variabel yang sudah kita tentukan sebelumnya;

1../build-key-server ovpnserver

Generating a 1024 bit RSA private key
........................................++++++
.........................++++++
writing new private key to ‘ovpnserver.key'
--
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.', the field will be left blank.
--
State or Province Name (full name) [DKI Jakarta]:
Locality Name (eg, city) [Jakarta Selatan]:
Organization Name (eg, company) [Chamceul VPN]:
Organizational Unit Name (eg, section) []:Personal
Common Name (eg, your name or your server’s hostname) []:vpn.chamceul.ind.ws
Email Address [info@chamceul.ind.ws]:

Please enter the following ‘extra' attributes
to be sent with your certificate request
A challenge password []:<enter your password here>
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName:PRINTABLE:'ID'
stateOrProvinceName:PRINTABLE:'Jakarta Selatan'
localityName:PRINTABLE:'DKI Jakarta'
organizationName:PRINTABLE:'Chamceul Web'
organizationalUnitName:PRINTABLE:'Personal'
commonName:PRINTABLE:'vpn.chamceul.ind.ws'
emailAddress:IA5STRING:'info@chamceul.ind.ws'
Certificate is to be certified until Jan 10 15:15:27 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

Generate Diffie Hellman;

1../build-dh

Tunggu sampai proses selesai, file certificate dan key kemudian kita kopi ke /etc/openvpn dimana file server.conf akan ditempatkan, path untuk key dan certificate tersebut nantinya harus disesuaikan dengan informasi yang kita masukkan di file konfigurasi;

1.cp keys/ca.crt ../
2.keys/dh1024.pem ../
3.keys/ovpnserver.key ../
4.keys/ovpnserver.crt ../

bersambung ... ngantuk :)

sumber : http://www.throx.net/

4 Comments

Block AdserversIf you wanna remove those nasty ads from the pages which waste lot of time and bandwidth then here i...Bermain-Main Dengan DomainBermain-Main Dengan Domain Ketika suatu saat kita hendak mengakses suatu situs web tertentu, bias...Teleskop Antariksa Hubble Normal 0 false false false EN-US X-NONE X-NONE Mic...

Comments

Add comment

Name*
E-mail* (Will show your Gravatar icon)
Website
Country Country flag

b i u quote

Comment
Preview

Notify me when new comments are added

Jadwal Sholat

Include comments in search

Entries (RSS)

My Quotes ...

Each morning when I open my eyes I say to myself: I, not events, have the power to make me happy or unhappy today. I can choose which it shall be. Yesterday is dead, tomorrow hasn’t arrived yet. I have just one day, today, and I’m going to be happy in it