From a7e89ed0dda61005800a1ebd17e38a5c30c1f00a Mon Sep 17 00:00:00 2001 From: Angristan Date: Wed, 9 Mar 2016 21:08:24 +0100 Subject: [PATCH] Add 4096 bits DH --- openvpn-install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/openvpn-install.sh b/openvpn-install.sh index 836465f..c5894df 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -107,6 +107,9 @@ if [[ -e /etc/openvpn/server.conf ]]; then fi CLIENT=$(tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | sed -n "$CLIENTNUMBER"p) cd /etc/openvpn/easy-rsa/ + cp vars.example vars + #Use 4096 bits DH instead of 2048 bits + echo "set_var EASYRSA_KEY_SIZE 4096" >> vars ./easyrsa --batch revoke $CLIENT ./easyrsa gen-crl rm -rf pki/reqs/$CLIENT.req