Hi All,
This is my first post, so go easy on me.
My setup:
Raspberry PI2 #1 - Setup as a VPN Server. I setup the server using this script:
https://github.com/StarshipEngineer/OpenVPN-Setup.git
Raspberry PI2 #2 - Setup as a dedicated Media Center using OSMC
I am able to access from my MediaCenter, login, and I can see traffic pass across tun0 and traffic passing on the physical vpn eth0 while it is running, so I know it is working in that respect.
My isssue, is that I can only login via CLI from the mediacenter, and when I do I am presented with a request for a "Private Password":
root@osmc:~# openvpn /home/osmc/vpn-config/osmc.ovpn
Fri Feb 5 09:57:22 2016 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Nov 19 2015
Fri Feb 5 09:57:22 2016 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Enter Private Key Password:
Same applies using the Kodi "openvpn" addon (https://github.com/brianhornsby/script.openvpn). I try to initiate the VPN connection with the addon, and with the debug mode on a prompt for a private key flashes.
I want to be able to automate the entering "Private Key Password". Is this possible with a script? Or can I build a key that does not require a private key password? Or is a better method for accessing through a media center?
My ovpn:
client
dev tun
proto udp
remote 192.168.2.20 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
#auth-user-pass /home/osmc/vpn-config/pass.txt
management localhost 1337
cipher AES-128-CBC
comp-lzo
verb 1
mute 20
-----BEGIN CERTIFICATE-----
<MY Certs>
-----------------------------
Accessing OpenVPN Server via CLI?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Feb 05, 2016 2:44 pm
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Feb 05, 2016 2:44 pm
Re: Accessing OpenVPN Server via CLI?
I am using EasyRSA.
- Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: Accessing OpenVPN Server via CLI?
Yes - When you build your server or client key do so like so:kgoerbig wrote:can I build a key that does not require a private key password?
Code: Select all
./easyrsa build-server-full <filename-base> [ cmd-opts ]
Code: Select all
./easyrsa build-server-full server01 nopass
Start from scratch ..
-
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Feb 05, 2016 2:44 pm
Re: Accessing OpenVPN Server via CLI?
Alright, I think I have this working. Testing connection from:
client (PI media Center) - to - server (PI VPN server):
traceroute to http://www.google.com (216.58.216.196), 30 hops max, 60 byte packets
1 10.8.0.1 (10.8.0.1) 6.491 ms 6.466 ms 6.486 ms
2 OpenWrt.lan (192.168.2.1) 6.643 ms 6.622 ms 6.717 ms
3 96.120.40.241 (96.120.40.241) 12.166 ms 18.453 ms 19.028 ms
...[remaining hops excluded]....
I am also able to connect to the vpn server from the client without a private key password prompt. So, if I were to say stream video via a torrent session with my Media Center PI while connected to my VPN server, would that be sufficient enough to encrypt the traffic so not to get picked off for any type of copyright violation?
client (PI media Center) - to - server (PI VPN server):
traceroute to http://www.google.com (216.58.216.196), 30 hops max, 60 byte packets
1 10.8.0.1 (10.8.0.1) 6.491 ms 6.466 ms 6.486 ms
2 OpenWrt.lan (192.168.2.1) 6.643 ms 6.622 ms 6.717 ms
3 96.120.40.241 (96.120.40.241) 12.166 ms 18.453 ms 19.028 ms
...[remaining hops excluded]....
I am also able to connect to the vpn server from the client without a private key password prompt. So, if I were to say stream video via a torrent session with my Media Center PI while connected to my VPN server, would that be sufficient enough to encrypt the traffic so not to get picked off for any type of copyright violation?