Been using OpenVPN for a little while now mostly for myself and some family members. I have always had easy access to they machines, so it was fairly easy to generate the key pairs / configs on the server, then sneakernet them over to the clients.
I am now trying to add a client account that I have no physical access to. I assumed that I could have the client generate a keypair, send me the public key, and I would import that pub key onto the server and associate that with his account (ala SSH and keys.allowed files). Alas, so far I have not been able to figure out how that is accomplished. Is this possible with OpenVPN, or do I need to take additional steps? Is there any documentation or guides out there of securely adding a new user without having to transport private keys over the internet?
Thanks so much!
Scripts to manage certificates or generate config files
1 post • Page 1 of 1