一键安装openvpn并配置使用账号密码登陆

2403_82545517

已于 2024-02-04 16:12:33 修改

阅读量4.9k

点赞数 28

文章标签： linux 运维服务器

于 2024-02-04 16:10:31 首次发布

本文链接：https://blog.csdn.net/2403_82545517/article/details/136027826

版权

wget https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh

下载脚本：

sh openvpn-install.sh

安装

soul 用户的客户端配置文件路径：/root/soul.ovpn，将此文件导入到 openvpn 中，连接即可。

配置使用账号密码验证

创建脚本:


vim /etc/openvpn/checkpsw.sh


#!/bin/sh
###########################################################
# checkpsw.sh (C) 2004 Mathias Sundman <mathias@openvpn.se>
#
# This script will authenticate OpenVPN users against
# a plain text file. The passfile should simply contain
# one row per user with the username first followed by
# one or more space(s) or tab(s) and then the password.

PASSFILE="/etc/openvpn/psw-file"
LOG_FILE="/etc/openvpn/openvpn-password.log"
TIME_STAMP=`date "+%Y-%m-%d %T"`

###########################################################

if [ ! -r "${PASSFILE}" ]; then
  echo "${TIME_STAMP}: Could not open password file \"${PASSFILE}\" for reading." >> ${LOG_FILE}
  exit 1
fi

CORRECT_PASSWORD=`awk '!/^;/&&!/^#/&&$1=="'${username}'"{print $2;exit}' ${PASSFILE}`

if [ "${CORRECT_PASSWORD}" = "" ]; then 
  echo "${TIME_STAMP}: User does not exist: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE}
  exit 1
fi

if [ "${password}" = "${CORRECT_PASSWORD}" ]; then 
  echo "${TIME_STAMP}: Successful authentication: username=\"${username}\"." >> ${LOG_FILE}
  exit 0
fi

echo "${TIME_STAMP}: Incorrect password: username=\"${username}\", password=\"${password}\"." >> ${LOG_FILE}
exit 1

添加权限

chmod 755 /etc/openvpn/checkpsw.sh

添加账户

echo 'username1 password1' >> /etc/openvpn/psw-file

修改 server.conf

# 追加以下内容
script-security 3
auth-user-pass-verify /etc/openvpn/checkpsw.sh via-env
username-as-common-name
verify-client-cert none

重启服务


systemctl restart openvpn-server@server

修改客户端文件 soul.ovpn



# 追加以下内容,<cert>和<key>部分可以删掉
auth-user-pass

客户端填写用户名密码