Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2025-10-31 14:07:36 +01:00
Code Issues Projects Releases Wiki Activity
664 Commits 5 Branches 0 Tags
ee862414cdadf09d96372f214ce71e5f1e30a88d
Commit Graph

664 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jtbr
b910dbb9ec clarify that the external address can be either an IP or a domain name 2016-05-10 22:50:58 +00:00
jtbr
3c8a6a0469 Merge branch 'master' of https://github.com/jtbr/OpenVPN-install 
Conflicts:
	README.md
	openvpn-install.sh
 2016-05-10 22:34:51 +00:00
jtbr
ecf2a3ed81 Undo TLS-CIPHER changes in f376ce91 in deference to harvester57's pull request 2016-05-10 22:30:38 +00:00
jtbr
2d39183284 Revert "my personal preferences, and limit 3 simultaneous clients" 
This reverts commit 804c7aa9ed.
 2016-05-10 22:30:38 +00:00
jtbr
de648aaa83 my personal preferences, and limit 3 simultaneous clients 2016-05-10 22:30:38 +00:00
jtbr
73eb665b82 merging readme changes 2016-05-10 22:29:43 +00:00
jtbr
868eea3477 Support ios openvpn connect using CBC, SHA128 tls-cipher. Update readme. 2016-05-10 22:21:52 +00:00
jtbr
30958ac55e this time actually fix the quoting issue for ip option 3 2016-05-10 22:21:52 +00:00
jtbr
3e913ea286 enable tls-auth and perfect forwarding secrecy 2016-05-10 22:21:52 +00:00
jtbr
891951fec8 run openvpn unprivileged 2016-05-10 22:21:52 +00:00
jtbr
950e307fbf fix dns option 3 with single quotes 2016-05-10 22:21:52 +00:00
Angristan
47a0b8177e OpenVPN 2.3.10 -> 2.3.11 2016-05-10 22:56:34 +02:00
jtbr
5824365ebc support either nogroup or nobody for permissionless group 2016-05-07 22:58:18 +02:00
Angristan
9ce557a4d7 Ubuntu 16.04 compatibility 2016-05-06 20:32:53 +02:00
Angristan
2f541b5399 Ubuntu 16.04 compatibility 2016-05-06 20:32:34 +02:00
jtbr
4baf845e36 Undo TLS-CIPHER changes in f376ce91 in deference to harvester57's pull request 2016-04-29 20:00:09 +00:00
jtbr
d87e87036f Revert "my personal preferences, and limit 3 simultaneous clients" 
This reverts commit 804c7aa9ed.
 2016-04-20 22:55:25 +00:00
jtbr
804c7aa9ed my personal preferences, and limit 3 simultaneous clients 2016-04-12 10:16:58 +00:00
jtbr
2fe0fa2062 Allow forwarding using either SNAT or MASQUERADE (as required by some setups) 2016-04-12 10:05:28 +00:00
jtbr
f376ce912f Support ios openvpn connect using CBC, SHA128 tls-cipher. Update readme. 2016-04-12 09:38:14 +00:00
jtbr
a65523eb1c this time actually fix the quoting issue for ip option 3 2016-04-10 19:45:33 +02:00
jtbr
b3fb14bcb4 enable tls-auth and perfect forwarding secrecy 2016-04-10 18:53:29 +02:00
jtbr
d844154a45 run openvpn unprivileged 2016-04-10 18:36:15 +02:00
jtbr
01003c88f8 fix dns option 3 with single quotes 2016-04-10 18:26:49 +02:00
Angristan
a3519c6fa3 update link 2016-04-03 18:55:58 +02:00
Angristan
b94597fdcc Update README.md 2016-03-27 01:27:47 +01:00
Angristan
6480c8fbf3 Merge pull request #2 from Harvester57/master 
Remove old fix about buffers
 2016-03-22 18:14:10 +01:00
Florian STOSSE
9aeb5b7c47 Remove old fix 
This fix was intended to overcome hardcoded buffers values in old OpenVPN revisions (see https://www.lowendtalk.com/discussion/40099/why-openvpn-is-so-slow-cool-story). This is not needed anymore, as OpenVPN now use OS buffers (see https://community.openvpn.net/openvpn/ticket/461 and https://community.openvpn.net/openvpn/changeset/c72dbb8b470ab7b25fc74e41aed4212db48a9d2f/). It should lead to better performances over fast networks.

Signed-off-by: Florian STOSSE <contact@harvester.fr>
 2016-03-22 11:47:24 +01:00
Angristan
6b4c00c394 Clarification for NAT 2016-03-21 21:43:34 +01:00
Angristan
a44539c571 Update README.md 2016-03-21 18:36:08 +01:00
Angristan
0f21c29afa Update README.md 2016-03-21 18:34:09 +01:00
Angristan
21d8f78f4f Disable compression 2016-03-21 17:43:48 +01:00
Angristan
651b7c29d9 Merge pull request #1 from Harvester57/patch-1 
Disable compression
 2016-03-21 17:42:08 +01:00
Harvester
bf97d67f26 Revert ciphers 
My bad !
 2016-03-21 17:13:36 +01:00
Harvester
787784058a Disable compression client-side too 2016-03-21 16:18:18 +01:00
Florian Stosse
064c5bfe4a Typo 
OpenVPN doesn't really like the way it was written
 2016-03-21 13:30:17 +01:00
Florian Stosse
1a73a20240 Also change tls-cipher for clients 2016-03-21 13:26:37 +01:00
Florian Stosse
b15cd6cf81 Add more than one cipogers to tls-cipher 
Just in case we need to fallback or downgrade
 2016-03-21 13:20:35 +01:00
Florian Stosse
8b89b1743c Disable compression 
For a hardened OpenVPN configuration, compression should be disabled : https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/91#issuecomment-75388575
 2016-03-21 13:13:57 +01:00
Angristan
faaa48d372 Fix ca-certificates errors 2016-03-19 22:51:00 +01:00
Angristan
1bf105e809 The BIG update 
Deleted latest and legacy mode
Use OpenVPN 2.3.10 with custom repo
Add a check at start for Debian/Ubuntu
Fast mode with 2048 bits RSA and DH, 128 bits AES, SHA-256 certificate
Slow mode with 4096 bits RSA and DH, 256 bits AES, SHA-384 certificate
AES-256-CBC and SHA512 for HMAC auth
Add OpenNIC as a DNS option + GeoIP API
Delete NTT and Huricane Electric DNS
Other improvements
 2016-03-19 17:41:18 +01:00
Angristan
25448611c2 The BIG update 2016-03-19 17:38:34 +01:00
Angristan
0667668937 Update README.md 2016-03-16 16:21:11 +01:00
Angristan
3897bc32ff Update README.md 2016-03-15 21:37:58 +01:00
Angristan
e5ce2da2ee Update README.md 2016-03-15 21:36:05 +01:00
Angristan
f94a2a736d Delete openvpn-install-legacy.sh 
157c27512a
 2016-03-15 20:19:18 +01:00
Angristan
157c27512a Combine latest and legacy version 2016-03-15 19:11:35 +01:00
Angristan
f5ebe9d01d Fix which bug on CentOS 7 minimal 
7fb12dc5cb
 2016-03-14 21:38:40 +01:00
Angristan
4fef7869d9 Fix which bug on CentOS 7 minimal 
7fb12dc5cb
 2016-03-14 21:37:14 +01:00
Angristan
7694be3672 TAP is not needed 2016-03-14 21:27:18 +01:00