openvpn-install

mirror of https://github.com/angristan/openvpn-install.git synced 2025-07-12 17:34:22 +02:00

Author	SHA1	Message	Date
Angristan	b205980053	Use best encryption available Does not affect speed significantly, if at all.	2017-03-02 23:42:23 +01:00
Kcchouette	2a6422057e	Remove the last $SYSCTL var This var was indeed removed with the commit `f5ec9f3a17`	2017-02-24 10:33:52 +01:00
Kcchouette	135729d0ab	Remove the archlinux part that @Angristan had forgotten	2017-02-23 22:47:40 +01:00
Angristan	f5ec9f3a17	Remove Arch Linux support Revert PR#2 :https://github.com/Angristan/OpenVPN-install/pull/2/files#diff-cda9722285f1718b319bb88e134e9efe Too much work to do with OpenVPN 2.4 for a distro that is not much used on servers.	2017-02-17 22:54:29 +01:00
Angristan	624774736d	Remove RSA key size input	2017-02-16 22:33:12 +01:00
Angristan	5fe4bf62d6	Replace tls-auth with tls-crypt	2017-02-16 22:32:09 +01:00
Angristan	afa0162c4c	Use ECDSA cert instead of RSA	2017-02-16 20:27:57 +01:00
Angristan	ed779b9b52	Fix cipher	2017-02-16 19:36:24 +01:00
Angristan	547f689f00	Use secp256k1 curve for ECDH (fix) I forgot the curve in `23daeca80a`	2017-02-16 19:35:50 +01:00
Angristan	935896dbc7	Remove cp for dh	2017-02-16 19:33:07 +01:00
Angristan	64433208d6	Remove DH key size input, remove cipher input And use AES-128-GCM as the data channel's cipher	2017-02-16 19:10:53 +01:00
Angristan	da947d8ae3	Update repo for Debian and Ubuntu	2017-02-16 19:07:17 +01:00
Angristan	23daeca80a	Use secp256k1 curve for ECDH cf. https://github.com/Angristan/OpenVPN-install/pull/33#issuecomment-280399196	2017-02-16 18:34:33 +01:00
Angristan	56fad22cad	Disable DH and enable ECDH cf. https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage#lbAK	2017-02-16 18:30:40 +01:00
Angristan	fa6cf4e569	Update tls-cipher to use ECDHE and ECDSA	2017-02-16 17:54:08 +01:00
Angristan	56b755f937	Update AES data channel ciphers	2017-02-06 12:05:01 +01:00
Seeder101	89925cbbe8	Update openvpn-install.sh change sould to should and correct adress to address in line 195	2016-12-11 16:03:40 +03:00
Seeder101	e548a61dcc	Update openvpn-install.sh change sould to should	2016-12-11 15:58:06 +03:00
Angristan	316ecfe7f4	Use SHA-256 instead of SHA-384 Following `693bd13fa7`	2016-12-11 12:11:11 +01:00
Angristan	7a5bb93cbe	AES-256 is not necessarily the most secure cipher Indeed, it it most vulnerable to Timing Attacks : https://en.wikipedia.org/wiki/Length_extension_attack Also, AES 128 is secure enough for every one, so it's still the recommended cipher.	2016-12-04 17:21:41 +01:00
Angristan	56477bba34	The crypto update 🔐 - Removed "fast" and "slow" mode (not a good idea, I prefer to give the choice for the parameters directly) - Corrected some confusion between the cipher for the data channel and the control channel, my bad. - using TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 by default for the control channel - using SHA384 by default for HMAC auth and RSA certificate - giving the choice for the cipher of the data channel, the size of the DH key and the RSA Key I will explain all my choices here : https://github.com/Angristan/OpenVPN-install#encryption (likely tomorrow)	2016-11-28 22:13:32 +01:00
Angristan	c03a55f11f	Making sure a correct DNS option is selected	2016-11-27 14:31:25 +01:00
TheKinrar	f76db9f589	Merge branch 'master' of https://github.com/TheKinrar/OpenVPN-install into TheKinrar-master	2016-11-26 16:13:02 +01:00
TheKinrar	f3ff29d6c7	rc.local fix	2016-11-25 18:25:37 +01:00
Angristan	17a9d76ae9	Remove ufw and MASQUERADE support Not useful, badly implemented.	2016-11-25 00:59:03 +01:00
Angristan	218e474f85	Add logs Can be useful.	2016-11-24 23:34:15 +01:00
Angristan	98ca79a9de	Move rc.local and sysctl installation after the confirmation	2016-11-24 20:28:49 +01:00
TheKinrar	358e80b5a6	sysctl fix, again.	2016-11-24 19:37:45 +01:00
TheKinrar	cc657fa459	Fixed rc.local and sysctl.conf files on ArchLinux	2016-11-24 18:07:23 +01:00
TheKinrar	9b261809eb	Automatically enable and start iptables on ArchLinux.	2016-11-22 19:55:17 +01:00
TheKinrar	6e2b5cb439	Added ArchLinux support.	2016-11-21 20:59:00 +01:00
Angristan	80dbca6e63	Add TCP support There is now the choice to use TCP or UDP for OpenVPN protocol. You should always use UDP, but TCP can be useful sometimes : on lossy networks or to bypass some blockage	2016-11-21 19:57:52 +01:00
Angristan	662fe26f5b	I don't know why it wasn't like this from the beginning	2016-11-20 23:09:42 +01:00
Angristan	552709059e	Fix my previous commit My bad.	2016-11-20 22:50:51 +01:00
Angristan	a09ef4868a	The user can choose to continue the installer even if its OS is not supported At its own risk of course. But usefull if using Ubuntu beta or Debian unstable/testing	2016-11-20 22:47:23 +01:00
Angristan	903270be4b	Remove OpenNIC servers Not consistant and can't really be trusted	2016-11-20 15:01:42 +01:00
Angristan	b0f271bc5f	Specify the location of the DNS servers	2016-11-20 14:52:47 +01:00
Angristan	3f58eb781c	Some cleanup	2016-11-20 14:22:08 +01:00
Angristan	7295627e67	Removing support for Ubuntu 15.10 Ubuntu 15.10 is not supported anymore since july 2016 : not safe to use it now	2016-10-20 14:33:16 +02:00
Angristan	fce638b552	Add support for Ubuntu 16.10 Yakketi Yak	2016-10-13 22:55:04 +02:00
Angristan	2c9701d477	Better way to enable IP forwarding `791c54786c`	2016-10-04 17:34:11 +02:00
Angristan	aefb516958	Changed iptables to not lookup hosts `56f079289e`	2016-10-04 17:31:35 +02:00
Kcchouette	87a191f8a1	Update openvpn-install.sh	2016-09-07 17:41:57 +02:00
Angristan	c8eed87ebd	Fix UFW error	2016-08-18 18:52:58 +02:00
Super-Baleine	a14809e7c3	delete read	2016-07-12 11:07:08 +02:00
Super-Baleine	72ca23e880	let the choice because it's more clean enhancement	2016-07-12 00:09:39 +02:00
Kcchouette	8550d3474c	fix the dns case error	2016-07-07 13:45:14 +02:00
Angristan	52f4e471bb	Add DNS.WATCH DNS resolvers	2016-06-11 00:32:08 +02:00
jtbr	52cae76873	fix typo	2016-06-10 14:36:22 +02:00
jtbr	b93a3369fb	Avoid inline comments in /etc/default/ufw; place pre-openvpn settings on new line	2016-06-10 14:33:26 +02:00

1 2 3

150 Commits