VPN HOWTO

From das_wiki
Jump to: navigation, search

VPN Setup HOWTO

This document describes how to set up Old Pueblo VPN.

Note: We don't use the OpenVPN packages, since these are often out of date, and important security updates have recently been added.

In the instructions below the file name 'openvpn-x.x.x.tar.gz' is used. The x's in that name will be replaced by numbers indicating the most recent version of openvpn. For example, it might be 'openvpn-2.4.3.tar.gz.'

LINUX / BSD

Download and verify the archive

  1. Download the latest OpenVPN tarball here (choose the gunzip version, ending in 'gz')
  2. Verify the signature. This takes several steps:
    1. Get the keys of the openvpn maintainers. Go here, and download all the keys listed there.
    2. Import the keys to your gpg keyring. For each key name, replace {key_name} in the following
      $ gpg --import {key_name}.asc
    3. Download the signature file here, saving it to the same place as you saved the openvpn-x.x.x.tar.gz file. The signature is given by the link that says 'GnuPG Signature' in the row that has the link to the openvpn-x.x.x.tar.gz link)
    4. Verify the signature for the file you downloaded
      $ gpg --verify openvpn-x.x.x.tar.gz.asc
    5. Make sure you see something like
      gpg: Good signature from "James Yonan <email@email.com>"
      You will also see a warning saying that you are not using a trusted signature. This is expected. To further verify the key, you may compare the fingerprint listed in the message with the one included on the openvpn mailing list, [here http://article.gmane.org/gmane.network.openvpn.announce/9], (or you can verify the key in person, and sign the key. Searching for 'web of trust PGP' will bring up relevant links explaining how this works in PGP).

Expand and Install OpenVPN

  1. Decompress the tarball
    $ tar xzvf /path/to/download/location/openvpn-x.x.x.tar.gz
  2. Change to the directory that was just created:
    $ cd openvpn-x.x.x
  3. Do the usual incantations for building:
    $ ./configure 
    Ensure that the configuration completes without error (review the output).
    $ make
    Make sure that the make worked (review
    $ make install</pre>
    Make sure that the install worked.
  4. Next we add the openvpn connection. This will depend on your desktop environment.
GNOME
  1. Go to Network Settings
  2. Hit the '+' in the left panel
  3. Click 'import from file'
  4. Navigate to the 'old_pueblo.ovpn' file you received when you registered with Old Pueblo VPN. (NOTE: this file is specific to you; do not share it with others).
  5. You should now see a new VPN listed in the left pane. To activate it, click on it and click the slider to 'on.' Wait for the status to say 'Connected.'
  6. Congratulations! You're on Old Pueblo VPN.

MAC OS

WINDOWS