HI, Thanks a lot! But how to configure it on VPS? And I still cannot understand very much for building up.sh script. thanks a lot for help! 2015-09-22 17:00 GMT+08:00 : > Send Govpn-devel mailing list submissions to > govpn-devel@lists.cypherpunks.ru > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.cypherpunks.ru/mailman/listinfo/govpn-devel > or, via email, send a message with subject or body 'help' to > govpn-devel-request@lists.cypherpunks.ru > > You can reach the person managing the list at > govpn-devel-owner@lists.cypherpunks.ru > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Govpn-devel digest..." > > > Today's Topics: > > 1. Re: How to install and config govpn on server & client? > (stargrave@stargrave.org) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 21 Sep 2015 12:04:28 +0300 > From: stargrave@stargrave.org > To: govpn-devel@lists.cypherpunks.ru > Subject: Re: [Govpn-devel] How to install and config govpn on server & > client? > Message-ID: <20150921090428.GA7282@stargrave.org> > Content-Type: text/plain; charset="us-ascii" > > Greetings! > > >How to install and config govpn on server & client? I need details info > >about that. > > I hope that example here: http://www.cypherpunks.ru/govpn/Example.html > should help. > > Initially you must generate client's identity and password verifier. I > recommend to use trivial script newclient.sh that comes in distribution: > > client% ./utils/newclient.sh Mylove > Enter passphrase:[hello world] > Your id is: 35180231a9532325f24d37352a044dd7 > > Place the following JSON configuration entry on the server's side: > > "35180231a9532325f24d37352a044dd7": { > "name": "Mylove", > "up": "/path/to/up.sh", > "verifier": > "6f7657776fcc7ce0128138ad78b7438cd482ef77abf79df41e1b51568aefc390" > } > > Verifier was generated with: > > ./utils/storekey.sh /tmp/passphrase > govpn-verifier -id 35180231a9532325f24d37352a044dd7 -key > /tmp/passphrase > > Create up.sh script that will output on the first line TAP interface > name that must be used for the peer. For example: > > % umask 077 > % ed /path/to/up.sh > a > #!/bin/sh > echo tap0 > . > wq > 20 > % chmod +x /path/to/up.sh > > Then you must add this JSON entry in peers.json (default filename for > server configuration) on the server side: > > server% cat > peers.json < { > "35180231a9532325f24d37352a044dd7": { > "name": "Mylove", > "up": "/home/stargrave/mylove-up.sh", > "verifier": > "6f7657776fcc7ce0128138ad78b7438cd482ef77abf79df41e1b51568aefc390" > } > } > EOF > > And prepare you network with creating of up-script. For example I assume > that tap2 network interface is dedicated to that peer. Create it with > native operating system utilities. For example (under FreeBSD): > > server# ifconfig tap2 create > server# ifconfig tap2 inet 10.10.10.1/24 mtu 1412 up > server# chown stargrave /dev/tap2 > server% umask 077 > server% cat > /home/stargrave/mylove-up.sh #!/bin/sh -e > echo tap2 > echo "Mylove is connected" | mailx -s "Connection event" > root@stargrave.org > EOF > server% chmod +x /home/stargrave/mylove-up.sh > > up-script must print TAP interface name that on the first line (others > are ignored). You may even create it inside that script. > > Then you can start server up. I use that command: > > % ./govpn-server -bind :1193 -stats '[::1]:5678' -proto all > > My server is already up. If I changed JSON file, then it will once a > minute refresh it and add appeared peers: > > 2015/09/21 11:55:49.134609 identify.go:83: Adding key > 35180231a9532325f24d37352a044dd7 > > Server is ready. You can run your client. At first you have to save you > passphrase in some temporary file: > > client% umask 077 > client% ./utils/storekey.sh /tmp/mypassphrase > Enter passphrase:[hello world] > > create TAP interface on the client's side: > > client# ifconfig tap0 create > server# ifconfig tap0 inet 10.10.10.2/24 mtu 1412 up > server# chown stargrave /dev/tap0 > > For example I call rtsol utility to receive IPv6 address solicitation, > so I will create up-script that will take interface name as a first > argument and run this utility: > > client% cat > /tmp/up.sh < #!/bin/sh > /sbin/rtsol $1 > EOF > clien% chmod +x /tmp/up.sh > > and run client itself: > > client% govpn-client -iface tap0 -id 35180231a9532325f24d37352a044dd7 > -key /tmp/mypassphrase -remote X.X.X.X:1193 -up /tmp/up.sh > 2015/09/21 12:01:49.888625 identify.go:83: Adding key > 35180231a9532325f24d37352a044dd7 > 2015/09/21 12:01:49.888838 main.go:86: GoVPN version 4.0 built with > go1.5.1 > 2015/09/21 12:01:49.889063 main.go:93: Max MTU on TAP interface: 1412 > 2015/09/21 12:01:49.889513 udp.go:39: Connected to UDP:X.X.X.X:1193 > 2015/09/21 12:01:49.900517 udp.go:89: Handshake completed > > -- > Happy hacking, Sergey Matveev > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: application/pgp-signature > Size: 801 bytes > Desc: not available > URL: < > http://lists.cypherpunks.ru/pipermail/govpn-devel/attachments/20150921/293f7ca2/attachment-0001.bin > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Govpn-devel mailing list > Govpn-devel@lists.cypherpunks.ru > http://lists.cypherpunks.ru/mailman/listinfo/govpn-devel > > > ------------------------------ > > End of Govpn-devel Digest, Vol 5, Issue 3 > ***************************************** >