Replies: 10 comments 2 replies
-
|
With only the smallest effort on your part, you can use TLS-Crypt-V2 right now. And with even less effort than that, you can use: https://github.com/TinCanTech/easy-tls |
Beta Was this translation helpful? Give feedback.
-
|
what command should i enter? I just don't really understand ? |
Beta Was this translation helpful? Give feedback.
-
|
If you need help with Easy-TLS then please open an issue here |
Beta Was this translation helpful? Give feedback.
-
|
Yes, it would be great to support tls-cryptv2 for those of us who do not know much, it does not seem so easy to incorporate it, or at least perhaps a small step-by-step tutorial would be of great help. |
Beta Was this translation helpful? Give feedback.
-
|
Simple steps: Download https://github.com/TinCanTech/easy-tls/ ... er/easytls Then run: CODE: SELECT ALL ./easytls # Read the instructions ./easytls init-tls # Read the output ./easytls help build-tls-crypt-v2-server # Read the instructions ./easytls build-tls-crypt-v2-server server-name # Read the output ./easytls help build-tls-crypt-v2-client # Read the instructions ./easytls build-tls-crypt-v2-client server-name client-name # Read the output That will create TLS-Crypt-V2 keys. Now you can try: CODE: SELECT ALL ./easytls inline-tls-crypt-v2 server-name ./easytls inline-tls-crypt-v2 client-name ls -l pki/easytls |
Beta Was this translation helpful? Give feedback.
-
|
I have written a quick start guide for Easy-TLS: Note: Easy-TLS also comes with inter-active menus, which means you don't even need to know the specific commands to use it. The only command required then is |
Beta Was this translation helpful? Give feedback.
-
Thanks. I have followed all of this to update my existing config with tls-crypt v1, my question is: after all this should any change be made in the client part? |
Beta Was this translation helpful? Give feedback.
-
|
Questions regarding Easy-TLS should go here: I'll add these details here for convenience, regarding the use of TLS-Crypt-V2 keys:
I have added these details to the Easy-TLS Wiki |
Beta Was this translation helpful? Give feedback.
-
|
I still do not see clearly how I add the file. inline to my client's .ovpn
El lun., 23 ago. 2021 19:09, TinCanTech ***@***.***> escribió:
… Questions regarding Easy-TLS should go here:
https://github.com/TinCanTech/easy-tls/issues
I'll add these details here for convenience, regarding the use of
TLS-Crypt-V2 keys:
- OpenVPN allows the server to use both TLS-Auth or TLS-Crypt and
TLS-Crypt-v2 together.
That means: (TLS-Auth OR TLS-Crypt) AND TLS-Crypt-V2.
- This means that, if you continue to use the original TLS-Auth/Crypt
key in your server config
then the server can support all the original clients and clients which
you migrate to TLS-Crypt-V2,
on one server instance. This helps you migrate your clients to new
keys, if you choose to do so.
- In order to migrate your clients to use TLS-Crypt-V2, simply
generate the required keys.
Use ./easytls build inter-active menu. i. A Server TLS-Crypt-V2 key
ii. multiple client TLS-Crypt-V2 keys.
- Next, generate inlinepackages for your server and clients. Use ./easytls
inline inter-active menu.
- Reference your server inline file in the server config with an
option like so:
config /etc/opevpn/easyrsa/pki/easytls/server.inline - This loads all
the required keys and certificates of your server. Restart your server and
correct any errors.
- With regard to your clients, you must send them their inline
packages over a secure method, eg: scp
Have the clients reference their inline package in the same way as the
server.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#889 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AGGSCCWLJMM7AT6Y5REORN3T6J6F7ANCNFSM5CD7N4MA>
.
|
Beta Was this translation helpful? Give feedback.
-
|
Please open an issue in the correct repository. |
Beta Was this translation helpful? Give feedback.
-
|
Hey TInaCanTech please, can you teach me how to set up TLS-Crypt-V2 with angristan openvpn script? |
Beta Was this translation helpful? Give feedback.
-
|
I am really new here |
Beta Was this translation helpful? Give feedback.
-
Tell me there will be support for tls-crypt-v2 ???
Beta Was this translation helpful? Give feedback.
All reactions