From 33b36ed255b31260cf38872c08c5babe39d7e22f Mon Sep 17 00:00:00 2001 From: "Dylan M. Taylor" Date: Thu, 30 Apr 2015 16:07:11 -0400 Subject: [PATCH 1/4] Update README.md --- README.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/README.md b/README.md index 758af66..07d28d4 100644 --- a/README.md +++ b/README.md @@ -10,11 +10,4 @@ Run the script and follow the assistant: Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN. -###I want to run my own VPN but don't have a server for that -You can get a little VPS for just $6/year at [Bandwagon Host](https://bandwagonhost.com/aff.php?aff=575&pid=21). - -If you don't care about sharing an IP address with more people, check out the awesome [LowEndSpirit](http://lowendspirit.com/) project too. They are providing IPv6 VPS with NATed IPv4 for only 3€/year. - -###Donations - -If you want to show your appreciation, you can donate via [PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=VBAYDL34Z7J6L) or [Bitcoin](https://www.coinbase.com/Nyr). Thanks! \ No newline at end of file +This is forked from nyr's openvpn-install script, with a couple changes I find useful From 515d9428911d7420c7d95c0288583517a000c54f Mon Sep 17 00:00:00 2001 From: "Dylan M. Taylor" Date: Thu, 30 Apr 2015 16:10:05 -0400 Subject: [PATCH 2/4] Significantly increase the number of bits to increase cryptography strength --- openvpn-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index f384ddc..b1f0bad 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -210,7 +210,7 @@ else # Let's fix one thing first... cp -u -p openssl-1.0.0.cnf openssl.cnf # Fuck you NSA - 1024 bits was the default for Debian Wheezy and older - sed -i 's|export KEY_SIZE=1024|export KEY_SIZE=2048|' /etc/openvpn/easy-rsa/2.0/vars + sed -i 's|export KEY_SIZE=1024|export KEY_SIZE=4096|' /etc/openvpn/easy-rsa/2.0/vars # Create the PKI . /etc/openvpn/easy-rsa/2.0/vars . /etc/openvpn/easy-rsa/2.0/clean-all @@ -235,10 +235,10 @@ else fi cp server.conf /etc/openvpn/ cd /etc/openvpn/easy-rsa/2.0/keys - cp ca.crt ca.key dh2048.pem server.crt server.key /etc/openvpn + cp ca.crt ca.key dh4096.pem server.crt server.key /etc/openvpn cd /etc/openvpn/ # Set the server configuration - sed -i 's|dh dh1024.pem|dh dh2048.pem|' server.conf + sed -i 's|dh dh1024.pem|dh dh4096.pem|' server.conf sed -i 's|;push "redirect-gateway def1 bypass-dhcp"|push "redirect-gateway def1 bypass-dhcp"|' server.conf sed -i "s|port 1194|port $PORT|" server.conf # DNS From 8f0104491e27c4c5b7c16cf8925ce57f3c458116 Mon Sep 17 00:00:00 2001 From: "Dylan M. Taylor" Date: Thu, 30 Apr 2015 16:34:18 -0400 Subject: [PATCH 3/4] This makes the previous change work on newer versions of openvpn New versions use 2048 by default --- openvpn-install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/openvpn-install.sh b/openvpn-install.sh index b1f0bad..d28f5c5 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -211,6 +211,7 @@ else cp -u -p openssl-1.0.0.cnf openssl.cnf # Fuck you NSA - 1024 bits was the default for Debian Wheezy and older sed -i 's|export KEY_SIZE=1024|export KEY_SIZE=4096|' /etc/openvpn/easy-rsa/2.0/vars + sed -i 's|export KEY_SIZE=2048|export KEY_SIZE=4096|' /etc/openvpn/easy-rsa/2.0/vars # Create the PKI . /etc/openvpn/easy-rsa/2.0/vars . /etc/openvpn/easy-rsa/2.0/clean-all @@ -239,6 +240,7 @@ else cd /etc/openvpn/ # Set the server configuration sed -i 's|dh dh1024.pem|dh dh4096.pem|' server.conf + sed -i 's|dh dh2048.pem|dh dh4096.pem|' server.conf sed -i 's|;push "redirect-gateway def1 bypass-dhcp"|push "redirect-gateway def1 bypass-dhcp"|' server.conf sed -i "s|port 1194|port $PORT|" server.conf # DNS From 14cafd5bcd4f377803dbe2d97e4b507f90f17b9e Mon Sep 17 00:00:00 2001 From: "Dylan M. Taylor" Date: Sun, 3 May 2015 01:38:47 -0400 Subject: [PATCH 4/4] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 07d28d4..b92db6c 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ This script will let you setup your own VPN server in no more than a minute, eve ###Installation Run the script and follow the assistant: -`wget git.io/vpn --no-check-certificate -O openvpn-install.sh; bash openvpn-install.sh` +`wget https://raw.githubusercontent.com/dylanmtaylor/openvpn-install/master/openvpn-install.sh --no-check-certificate -O openvpn-install.sh; bash openvpn-install.sh` Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.