Closed LeVeloute closed 6 years ago
Hello ,
It seems the script is failing to generate the keys when you use user/pass authentication.I have tested the script on a fresh instance from compute engine but i was able to do install successfully.
client dev tun proto tcp #for obfsproxy, otherwise udp remote SERVERIP 21194 resolv-retry infinite nobind persist-key persist-tun cert client.crt key client.key tls-client remote-cert-tls server cipher AES-256-GCM compress lz4
Uncomment if you use user/pass authentication
auth-user-pass block-outside-dns verb 3 auth SHA512 script-security 2 socks-proxy 127.0.0.1 1050
-----BEGIN CERTIFICATE----- MIICJjCCAYigAwIBAgIJAKEtahZCs3LzMAoGCCqGSM49BAMEMBMxETAPBgNVBAMM CENoYW5nZU1lMB4XDTE3MTIyMTE3MDA0MloXDTI3MTIxOTE3MDA0MlowEzERMA8G A1UEAwwIQ2hhbmdlTWUwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABAGx66PISOkr OzQ1d6PiagEcHv7TeyqZGKVDeQ/9XzRS/o3N/eo1wxBMN1SbOU0yN8NFoHpgJd5d pYovVr6rjpI8/gGr1UHX+Kl9hy/ONiPUyhX34hQDxvAdY07eR07evN3I9sYOS4Am fHB1zD4PwOQsVfSBO+nlmy1ZjY97Rl63CNnqYKOBgTB/MB0GA1UdDgQWBBSyRwZq z9QrE/aEswpdjMf4HWNZ8zBDBgNVHSMEPDA6gBSyRwZqz9QrE/aEswpdjMf4HWNZ 86EXpBUwEzERMA8GA1UEAwwIQ2hhbmdlTWWCCQChLWoWQrNy8zAMBgNVHRMEBTAD AQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDBAOBiwAwgYcCQgCso5gMKfVueuTa bhJvVdijuB17UBU9UY5XzTSfgn8F9MunOZiy3+8CM/LidRzRyh1shh07JFlpWhAw lcWOaaIJJgJBTOTP8IcBMh7i2GxhOXGTCTePEc1zVS4GtEBvmgzdqI69WEspRUYY DdmvjZdzB0ZrRi+Lgp/u2M/eBcRG657l/2w= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIICMjCCAZOgAwIBAgIBAjAKBggqhkjOPQQDBDATMREwDwYDVQQDDAhDaGFuZ2VN ZTAeFw0xNzEyMjExNzAwNDJaFw0yNzEyMTkxNzAwNDJaMBMxETAPBgNVBAMMCGto YXZ0ZXN0MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAlVxRQDiVTWnp4nWfpeFs tPDdqCvASfk8Px28Ma/hEu6e/saKSYEPJvGiHdxzduXwOTnRKsXNwLuPfVNr8TC8 P70ABx0F0cnu4oZHdj6PWWCEloMvYvXk6IgA/jGfxC3yMveMY5fSDmkjJZCgHtwE 9Sx/5WgK66r+UJvTdVfpX/mu5ACjgZQwgZEwCQYDVR0TBAIwADAdBgNVHQ4EFgQU PZPy0AY+6CP0d4W6r13rsLncM5AwQwYDVR0jBDwwOoAUskcGas/UKxP2hLMKXYzH +B1jWfOhF6QVMBMxETAPBgNVBAMMCENoYW5nZU1lggkAoS1qFkKzcvMwEwYDVR0l BAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMAoGCCqGSM49BAMEA4GMADCBiAJC AfgKL2kVZfE7M2drsDgEU3lkCfzN0ApZ661g1H5y0ZP34/dlFtKPt66zHjqxHQtk pOdEQ2nYjfVktwdKY0OYV48xAkIBYqGJ2sQzvvJQ/MxR1BoFotwPeZaKFcinEgTd TX32A5/EXhFQN05sLX/O/H0Nr2y86d7Jsua7QYQxq+354SOZjeY= -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAP3g/DGtf3ITp/lzV 044+evlVetD1/RoGBmmXRr34t/WQDwOeFLGI2Z3VqeFMpHVAUYa4hNyOWvONcFAR GPZFzCChgYkDgYYABACVXFFAOJVNaenidZ+l4Wy08N2oK8BJ+Tw/Hbwxr+ES7p7+ xopJgQ8m8aId3HN25fA5OdEqxc3Au499U2vxMLw/vQAHHQXRye7ihkd2Po9ZYISW gy9i9eToiAD+MZ/ELfIy94xjl9IOaSMlkKAe3AT1LH/laArrqv5Qm9N1V+lf+a7k AA== -----END PRIVATE KEY----- -----BEGIN OpenVPN Static key V1----- a807039920072cd183e9e5a821f7f824 6c72b868eff908bedd3b9d5050d8c4e2 6ca789d95190d516500e2e5478f54d39 8e8960e52f50f844de4febdb533ad076 bebd091ca41a241b7957d3697d159f00 c77b8d705f9af6a30c8b517767fb1dc8 90b9f530df9b5e712c04a98bbc42f541 11db72b4d34fcb556028056a438d0d9b 59d074729c56d452f629ced7fccffc98 3a50ba9d952dd852bf39938afe45d794 9c0abef271162c0c6bc37db83c97ae74 cfd886d4de03286ca1e9f6a9694e7936 5dff755d171695a307be4d3a9bdc2871 fa1d744a8473e3d29197e03a80adde24 8719f7712fc93c415f1807fc11d5422a c1590795790ff1850545ecb477501075 -----END OpenVPN Static key V1-----
What files do you have in this directory
$HOME/client-files/$USERNAME/
Replace $USERNAME by the desired username you input during setup
Okay, i will try a fresh install of CENTOS7 and run the script with no user/pass auth.
It's strange.. the keys generation seens to be skipped. No delay between this two prompt :
Setting Up Keys and Certificates(This might take a while)
Configuring OpenVPN with obfsproxy
In the client folder i have the /scrambled-client.ovpn and ta.key
Line 187 : rsync -av ./EasyRSA-3.0.1/ /etc/openvpn/easy-rsa/
No Yum rsync in the script.. maybe the problem is here ?
rsync
is installed by default on centos 7 as far as i can tell.
Package rsync-3.0.9-18.el7.x86_64 already installed and latest version
Comment line 184 and 226 and rerun the script on a fresh centos 7 You can use user/pass. Also try using default certificates during the setup , just to try to locate the problem
[root@vps476906 ~]# rsync
-bash: rsync: command not found
Here what i get about rsync with a fresh install.
So i install rsync ( with yum install rsync ) And just run the script. Now i've got a normal certificate !! Let's try to run it on the client side.
Everything is working now. I think you should add the yum install rsync at the begenning of your script ( just in case ) Thanks a lot for your work and have a good day.
Hi, I follow the tutorial exactly like you. I got this error in OpenVPN :
Here is my client-scrambled :
Do you know how to fix it ? Best regards,
LeVeloute