Linux-Help
/
ovpngen
mirror of
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add usage and incorporate port protocol; fixes #1 

update readme

update readme

remove redundant comments
This commit is contained in:
graysky 2016-07-31 16:14:11 -04:00
parent 1feba246fd
commit 6cb5098296
2 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -8,6 +8,8 @@ Invoke the script with 5 tokens and the profile is outputted to stdout.
3. Full path to the client cert.
4. Full path to the client private key.
5. Full path to the server TLS shared secret key.
6. Optionally define a port number (defaults to 1194 if left blank).
7. Optionally define a protocol (defaults to udp if left blank).
### Example
```

28
ovpngen
View File

@ -1,27 +1,39 @@
#!/bin/sh
##
## Usage: ovpngen SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET > client.ovpn
##
## Example invocation (note it must be run as root since key and cert files are protected
## ovpngen titty.nipples.org /etc/easy-rsa/pki/ca.crt /etc/easy-rsa/pki/issued/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn
##
## Tested and works with OpenVPN Connect 1.0.7 build 199 (iOS 64-bit) on iOS 9.3.3
##
## Majority of the credit goes to the script's original author, trovao
## Link to original script: https://gist.github.com/trovao/18e428b5a758df24455b
##
if [[ -z ${1} ]]; then
echo "Usage: $0 SERVER CA_CERT CLIENT_CERT CLIENT_KEY SHARED_SECRET PORT PROTO"
echo
echo "The first 5 tokens are required while the last are optional"
echo " SERVER = Fully qualified domain name"
echo " CA_CERT = Full path to the CA cert"
echo " CLIENT_CERT = Full path to the client cert"
echo " CLIENT_KEY = Full path to the client private key"
echo " SHARED_SECRET = Full path to the server TLS shared secret key"
echo " PORT = Port number (defaults to 1194 if left blank)"
echo " PROTO = Protocol (defaults to udp if left blank)"
echo
echo "For example:"
echo "ovpngen titty.nipples.org /etc/easy-rsa/pki/ca.crt /etc/easy-rsa/pki/issued/client.crt /etc/easy-rsa/pki/private/client.key /etc/openvpn/ta.key > iphone.ovpn"
exit 0
fi
server=${1?"The server address is required"}
cacert=${2?"The path to the ca certificate file is required"}
client_cert=${3?"The path to the client certificate file is required"}
client_key=${4?"The path to the client private key file is required"}
tls_key=${5?"The path to the TLS shared secret file is required"}
[[ -z "$6" ]] && port=1194 || port="$6"
[[ -z "$7" ]] && proto='udp' || proto="$7"
cat << EOF
client
dev tun
remote ${server} 1194 udp
remote ${server} ${port} ${proto}
resolv-retry infinite
nobind
persist-key