openvpn on openbsd 4.1
Dear all i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys # ./clean-all # ./build-ca Please edit the vars script to reflect your configuration, then source it with source ./vars. Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run ./clean-all. Finally, you can run this tool (pkitool) to build certificates/keys. # where is wrong ? beloow my config # cat vars export EASY_RSA=`pwd` export KEY_CONFIG=$EASY_RSA/openssl.cnf export KEY_DIR=$EASY_RSA/keys echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR export KEY_SIZE=1024 export CA_EXPIRE=3650 export KEY_EXPIRE=3650 export KEY_COUNTRY=CA export KEY_PROVINCE=USA export KEY_CITY=california export KEY_ORG=IT export KEY_EMAIL=[EMAIL PROTECTED] # # cat clean-all #!/bin/sh export KEY_DIR=$EASY_RSA/keys if [ $KEY_DIR ]; then rm -rf $KEY_DIR mkdir $KEY_DIR \ chmod go-rwx $KEY_DIR \ touch $KEY_DIR/index.txt \ echo 01 $KEY_DIR/serial else echo 'Please source the vars script first (i.e. source ./vars)' echo 'Make sure you have edited it to reflect your configuration.' fi # # cat build-ca #!/bin/sh # # Build a root certificate # export EASY_RSA=${EASY_RSA:-.} $EASY_RSA/pkitool --interact --initca $* # -- sonjaya http://sicute.blogspot.com
Re: openvpn on openbsd 4.1
On Mon, Jul 02, 2007 at 07:19:23PM +0700, sonjaya wrote: i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys # ./clean-all # ./build-ca Please edit the vars script to reflect your configuration, then source it with source ./vars. Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run ./clean-all. Finally, you can run this tool (pkitool) to build certificates/keys. # where is wrong ? Try running . ./vars so that the vars get read into your environment. -ME
Re: openvpn on openbsd 4.1
the all script is working when i try input manual env , all in vars . On 7/2/07, Mike Erdely [EMAIL PROTECTED] wrote: On Mon, Jul 02, 2007 at 07:19:23PM +0700, sonjaya wrote: i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys # ./clean-all # ./build-ca Please edit the vars script to reflect your configuration, then source it with source ./vars. Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run ./clean-all. Finally, you can run this tool (pkitool) to build certificates/keys. # where is wrong ? Try running . ./vars so that the vars get read into your environment. -ME -- sonjaya http://sicute.blogspot.com
Re: openvpn on openbsd 4.1
Dear all i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars type source ./vars or . ./vars (note the dot and the space) Regards, -- Cezary Morga czarek(at)morga.net.pl cezarym(at)data.pl GG# 169903 ICQ# 328-700-565 Jabber therek(at)jabber.autocom.pl; therek(at)jabber.therek.net [=- http://www.therek.net/ -=][=- http://freebsd.therek.net/ -=]
Re: openvpn on openbsd 4.1
On Monday 02 July 2007 03:19:23 pm sonjaya wrote: Dear all i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys # ./clean-all # ./build-ca Please edit the vars script to reflect your configuration, then source it with source ./vars. Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run ./clean-all. Finally, you can run this tool (pkitool) to build certificates/keys. # where is wrong ? Did you run: source /etc/openvpn/easy-rsa/vars ? beloow my config # cat vars export EASY_RSA=`pwd` export KEY_CONFIG=$EASY_RSA/openssl.cnf export KEY_DIR=$EASY_RSA/keys echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR export KEY_SIZE=1024 export CA_EXPIRE=3650 export KEY_EXPIRE=3650 export KEY_COUNTRY=CA export KEY_PROVINCE=USA export KEY_CITY=california export KEY_ORG=IT export KEY_EMAIL=[EMAIL PROTECTED] # # cat clean-all #!/bin/sh export KEY_DIR=$EASY_RSA/keys if [ $KEY_DIR ]; then rm -rf $KEY_DIR mkdir $KEY_DIR \ chmod go-rwx $KEY_DIR \ touch $KEY_DIR/index.txt \ echo 01 $KEY_DIR/serial else echo 'Please source the vars script first (i.e. source ./vars)' echo 'Make sure you have edited it to reflect your configuration.' fi # # cat build-ca #!/bin/sh # # Build a root certificate # export EASY_RSA=${EASY_RSA:-.} $EASY_RSA/pkitool --interact --initca $* # -- Dominik Zalewski | System Administrator OpenCraft t- +2 02 336 0003 w- http://www.open-craft.com
Re: openvpn on openbsd 4.1
yes i have ready run it , but i see in my env not show , so i put all manual in vars. On 7/2/07, Cezary Morga [EMAIL PROTECTED] wrote: Dear all i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars type source ./vars or . ./vars (note the dot and the space) Regards, -- Cezary Morga czarek(at)morga.net.pl cezarym(at)data.pl GG# 169903 ICQ# 328-700-565 Jabber therek(at)jabber.autocom.pl; therek(at)jabber.therek.net [=- http://www.therek.net/ -=][=- http://freebsd.therek.net/ -=] -- sonjaya http://sicute.blogspot.com
Re: openvpn on openbsd 4.1
On 2007/07/02 19:54, sonjaya wrote: yes i have ready run it Yes, that's the problem, you should have sourced it (in your shell's environment) not run it (in a new one). Please edit the vars script to reflect your configuration, then source it with source ./vars. Unfortunately the OpenVPN docs use C-shell syntax here, probably because some shell popular with Linux users allows it. For a SUS-compliant shell you want the . ./vars that's been pointed out already.