Merge branch 'master' into openvpn-2.4-update
This commit is contained in:
Angristan
GitHub
commit
15512c9625
2 changed files with 17 additions and 8 deletions
12
README.md
12
README.md
|
|
@ -1,4 +1,5 @@
|
|||
# OpenVPN-install
|
||||
|
||||
OpenVPN installer for Debian, Ubuntu, Fedora, CentOS and Arch Linux.
|
||||
|
||||
This script will let you setup your own secure VPN server in just a few minutes.
|
||||
|
|
@ -16,10 +17,11 @@ You can get a cheap VPS to run this script at [Vultr](https://goo.gl/Xyd1Sc), [D
|
|||
|
||||
First, get the script and make it executable :
|
||||
|
||||
```
|
||||
```bash
|
||||
wget https://raw.githubusercontent.com/Angristan/OpenVPN-install/master/openvpn-install.sh
|
||||
chmod +x openvpn-install.sh
|
||||
```
|
||||
|
||||
Then run it :
|
||||
|
||||
`./openvpn-install.sh`
|
||||
|
|
@ -32,9 +34,9 @@ When OpenVPN is installed, you can run the script again, and you will get the ch
|
|||
- Remove a client
|
||||
- Uninstall OpenVPN
|
||||
|
||||
|
||||
|
||||
|
||||
## Why make a fork ?
|
||||
## The fork
|
||||
|
||||
This script is based on the great work of [Nyr and its contributors](https://github.com/Nyr/openvpn-install).
|
||||
|
||||
|
|
@ -73,6 +75,7 @@ On the client-side, it's less problematic, but if you want to use an OpenVPN ser
|
|||
|
||||
- ❌ = tested and not compatible
|
||||
|
||||
|
||||
(It should also work on Debian unstable/testing and Ubuntu beta).
|
||||
|
||||
If your're using an Ubuntu version that is not supported by the script, be aware that it's not supported by Ubuntu either, thus it's insecure.
|
||||
|
|
@ -80,6 +83,7 @@ If your're using an Ubuntu version that is not supported by the script, be aware
|
|||
## Features
|
||||
|
||||
This fork includes the following features :
|
||||
|
||||
- Every feature of the [original script](https://github.com/Nyr/openvpn-install)
|
||||
- Better encryption, see below
|
||||
- Better DNS resolvers, see below
|
||||
|
|
@ -174,11 +178,13 @@ Convinced ?
|
|||
|
||||
The [SWEET32 vulnerability page](https://community.openvpn.net/openvpn/wiki/SWEET32) from OpenVPN's documentation says :
|
||||
>The following ciphers are affected, and should no longer be used:
|
||||
|
||||
- BF-*
|
||||
- DES* (including 3DES variants)
|
||||
- RC2-*
|
||||
|
||||
>The following ciphers are *not* affected:
|
||||
|
||||
- AES-*
|
||||
- CAMELLIA-*
|
||||
- SEED-*
|
||||
|
|
|
|||
|
|
@ -517,6 +517,8 @@ else
|
|||
elif [[ "$VERSION_ID" = 'VERSION_ID="9"' ]]; then
|
||||
echo "deb http://build.openvpn.net/debian/openvpn/stable stretch main" > /etc/apt/sources.list.d/openvpn.list
|
||||
wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add -
|
||||
apt update
|
||||
fi
|
||||
# Ubuntu 14.04
|
||||
elif [[ "$VERSION_ID" = 'VERSION_ID="14.04"' ]]; then
|
||||
echo "deb http://build.openvpn.net/debian/openvpn/stable trusty main" > /etc/apt/sources.list.d/openvpn.list
|
||||
|
|
@ -892,6 +894,7 @@ persist-tun
|
|||
remote-cert-tls server
|
||||
verify-x509-name $SERVER_NAME name
|
||||
auth $HMAC_AUTH
|
||||
auth-nocache
|
||||
$CIPHER
|
||||
tls-client
|
||||
tls-version-min 1.2
|
||||
|
|
|
|||
Loading…
Reference in a new issue