Orazio
241e06f970
Miscellaeous fixes
2019-07-13 10:45:44 +02:00
4s3ti
7aa803720c
Merge pull request #777 from orazioedoardo/debug-privacy
...
Hide client IPs inside the debug log
2019-07-02 13:10:43 +01:00
Orazio
b823737b5a
Hide client IPs in the debug log
2019-07-01 15:44:00 +02:00
Orazio
bcc780546c
Get variable value before the file is deleted
2019-07-01 11:39:42 +02:00
Orazio
7a34dd3704
Improve iptables detection
2019-07-01 11:12:46 +02:00
IcedComputer
1d7ebd9d2f
added support to remove .ovpn12 files
...
the makeOVPN.sh now generates .ovpn12 files in the /home/${INSTALL_USER}/ovpns/ directory.
The remove script was updated to remove both the .ovpn and .ovpn12 files
2019-06-27 14:53:23 -07:00
IcedComputer
97bb319795
Updated .ovpn12 configuration
...
Incorporated feedback on how to properly implement .ovpn12 files.
2019-06-27 14:43:30 -07:00
IcedComputer
dae6276d37
Made updates based on comments
...
added changes related to chown and chmod of .ovpn12 file. Also removed sudo.
2019-06-27 11:47:24 -07:00
IcedComputer
bda0d58b81
.ovpn12 files
...
Added new step to create an .ovpn12 file that can be stored on iOS keychain
This step is more secure method and does not require the end-user to keep entering passwords, or storing the client private cert where it can be easily tampered based on documentation located:
https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-ios-keychain/
Someone can improve upon this by adding a parameter (possibly -i|--iOS) and then generating the original .ovpn file to not contain the client private certificate.
2019-06-20 16:53:29 -07:00
TheDen
0cf7f21d3d
ensure -n check retuned value
2019-05-30 22:09:23 +10:00
Orazio
e70cb32caa
Fixed logic
2019-05-10 12:53:52 +02:00
Orazio
e26cef1863
Custom certificate duration and more flexible names
2019-05-08 13:01:56 +02:00
Orazio
63d3335f33
Resolved merge conflict
2019-05-03 10:26:56 +02:00
Orazio
e3f729f260
General fixes and improvements
2019-03-03 10:18:45 +01:00
LMS235
996c5469f3
Telekom Hybrid Check
...
Small check whether Telekom Hybrid will be used to give helpful tips.
2018-12-24 15:49:44 +01:00
LMS235
d0f85e3429
right adjustment
...
-read for "other" withdrawn from .ovpn files
- delete also /etc/openvpn/easy-rsa/pki/${CERTS_TO_REVOKE[ii]}.ovpn after remove certificate
2018-12-24 14:24:20 +01:00
redfast00
0b4464b3ee
Merge branch 'master' into test
2018-10-19 22:10:37 +01:00
Orazio
e2cde58cc8
Update makeOVPN.sh
2018-10-19 22:04:30 +01:00
Giraffe1966
f2f248e6ce
Add '--' to prevent 'send' from interpreting passwords beginning with '-' as options.
...
See #624 .
2018-10-11 17:58:29 -04:00
redfast00
b7c28af844
Merge pull request #541 from pivpn/test
...
Merge test branch into master
2018-05-29 22:38:46 +02:00
redfast00
09a73f9d3f
Merge pull request #514 from orazioedoardo/master
...
Several changes and some fixes
2018-05-29 22:33:42 +02:00
Zeik0s
fc3691406e
Merge pull request #1 from pivpn/master
...
Merge commits
2018-05-29 14:47:31 +02:00
johanfagerstroem
23cc58ce3a
Changing name validation regex to allow dashes
...
Great for readable naming conventions.
2018-05-01 16:38:38 +02:00
Piero
33e7ef0c91
Several changes
2018-04-02 12:07:58 +02:00
Zeik0s
b8e5f318b6
makeOVPN.sh change 3DES to AES-128
2018-03-14 21:55:05 +01:00
Piero
4b47b5aa61
2.4
2018-02-15 10:14:03 +01:00
Tuan M. Dang
455b754c41
Issue-171: Error using iOS OpenVPN
...
As @fyellin There is some chatter on other groups that some
OpenVPN implementations cannot handle client keys that are
encrypted with RSA.
If the client key is encrypted, we might re-encrypting the
current client key using 3DES.
This commit will convert user client key to 3DES in command
`pivpn -a`
P/S: All credits to @fyellin. Many thanks to him.
2017-11-19 21:36:21 +07:00
Carlos Colaço
053c0d9d21
Fix Clients only in one line ( #384 )
...
* fixed pivpn clients text display
* #Oops
* clients in only 1 line fixed
2017-10-18 20:58:20 +02:00
redfast00
1a67b505f6
Merge pull request #375 from azlux/master
...
Add human readable values for bytes received/sent
2017-10-11 17:49:44 +02:00
azlux
b0d2085996
make the humain-readable a function
...
I forgot the function !
2017-10-10 01:15:03 +02:00
azlux
862cb41d60
Add humain readable values
2017-10-09 16:45:32 +02:00
redfast00
003b27362f
Merge pull request #361 from jellemdekker/feature/generate-crl-during-installation
...
Generate and activate CRL during installation
2017-09-24 01:12:05 +02:00
Jelle Dekker
077996cfb4
Removed an obsolete variable.
2017-09-23 11:21:26 -05:00
Jelle Dekker
7b6a358779
Modified the messages when PiVPN installation completes and client profiles are generated, so the user knows to generate a client profile per each device he/she wants to connect to the VPN with.
2017-09-22 14:11:23 -05:00
Jelle Dekker
30920115b3
Implemented that a Certificate Revocation List is generated during installation after generation of other Public Key Infrastructure. Enabled this CRL in the server config. The added benefit of this is that whenever the user now revokes a client, the change is instant. Whereas before, the first time a client was revoked, the OpenVPN server had to be restarted to enabled the then-newly-generated CRL. This change also makes the file /etc/pivpn/REVOKE_STATUS obsolete.
...
Documentation: https://openvpn.net/index.php/open-source/documentation/howto.html#revoke
2017-09-22 02:46:52 -05:00
EWouters
cb482d6697
added fi to if-statement
2017-03-16 22:28:50 +13:00
EWouters
cd4d13691d
fixed check for when both nopass and a password argument are passed to the script
2017-03-16 22:25:17 +13:00
EWouters
56f24aa372
added command line option to (batch) remove certs
...
::: Revoke a client ovpn profile
:::
::: Usage: pivpn <-r|revoke> [-h|--help] [<client-1>] ... [<client-n>]
...
:::
::: Commands:
::: [none] Interactive mode
::: <client> Client(s) to to revoke
::: -h,--help Show this help dialog
2017-03-15 02:36:12 +13:00
EWouters
7a65f083c4
added -n and -p options to pivpn add
...
::: Create a client ovpn profile, optional nopass
:::
::: Usage: pivpn <-a|add> [-n|--name <arg>] [-p|--password
<arg>]|[nopass] [-h|--help]
:::
::: Commands:
::: nopass Create a client without a password
::: -n,--name Name for the Client (default: 'raspberrypi')
::: -p,--password Password for the Client (no default)
::: -h,--help Show this help dialog
2017-03-15 00:49:25 +13:00
Kaladin Light
752d0cc3af
Leave the loop once we match
2017-02-05 14:30:31 -05:00
Kaladin Light
bfd2c43570
Allow reuse of cert name once revoked.
2017-01-27 20:36:53 -05:00
Kaladin Light
d1ad3ec057
Fix new additions
2016-12-24 16:17:16 -05:00
Kaladin Light
8a0f31b7ca
Try some iptables fix. (2/2). Needs unit testing.
2016-12-11 22:04:17 -05:00
Kaladin Light
22b5bfef68
Add fix iptables help to debug script (1/2)
2016-12-11 13:36:14 -05:00
Kaladin Light
601ce87df0
Get iptables output, formatting
2016-12-10 23:17:47 -05:00
Kaladin Light
da5facecbc
Add 'pivpn clients' command to show list of connected clients
2016-12-08 11:43:30 -05:00
Kaladin Light
43a8a706e2
Fix revoke, Fixes Issue #164
2016-12-08 09:59:19 -05:00
Kaladin Light
9b937d0e6b
Fix pivpnDebug after easy-rsa3 changes
2016-12-08 09:53:23 -05:00
Kaladin Light
596e6c8277
Phase 3 (of 3?): pivpn modifications for easy-rsa3
...
This updates pivpn revoke
2016-12-06 11:44:07 -05:00
Kaladin Light
9b8a883119
pivpn add for easyrsa3, updates to pivpn list for easyrsa3
2016-12-06 10:56:51 -05:00
Kaladin Light
2468c69d9a
Fix escaping stuff in for password of client key
...
Was overzealously escaping... oops
2016-11-11 21:55:47 -05:00
Kaladin Light
7d34c0cae6
Fixes Issue #148
2016-11-11 17:45:48 -05:00
Kaladin Light
67722ca7f4
Once again pi-hole had a more robust stty setup so lets borrow that :)
2016-11-08 12:03:42 -05:00
Kaladin Light
7c64afdc92
Get rows/cols with stty instead of tput
2016-11-07 22:49:00 -05:00
redfast00
1cdd5d1494
Cleanup ( #111 )
...
* Tab completion for nopass, no further completion after one argument
* Cleaned up install.sh
2016-10-25 20:11:32 +02:00
redfast00
516b93ee43
Added ISSUE_TEMPLATE.md, wrote debug script ( #115 )
2016-10-24 19:28:08 +02:00
0-kaladin
4bde296a14
Merge pull request #102 from redfast00/fix-28
...
fixes expect timeout
2016-10-09 10:44:06 -04:00
0-kaladin
f3a2b3afbe
Merge pull request #91 from StephenKinger/feature/add_tcp_option
...
Feature/add tcp option
2016-10-09 10:43:05 -04:00
redfast00
147192c79b
fixes expect timeout
2016-10-09 13:34:17 +02:00
redfast00
a68435e6c3
cleaned up removeOVPN.sh
2016-10-04 21:02:02 +02:00
redfast00
d8d89c758b
Prevent overwriting files
2016-10-04 20:54:09 +02:00
redfast00
4e0f9ac0ff
Cleaned up listOVPN.sh
2016-10-04 20:22:04 +02:00
redfast00
caee0858cf
Sanitization 'n input validation
2016-10-04 19:46:14 +02:00
Stephen KINGER
e541fd39ac
Update the unisntall script, OK.
2016-09-28 17:09:04 +02:00
Kaladin Light
8f09ee9afd
Fixes for Debian support
2016-05-25 17:58:08 -04:00
Kaladin Light
3c0d0cb176
Ensure debian and ubuntu get openvpn from the openvpn repo so they don't get an old server version
2016-05-25 17:41:42 -04:00
Kaladin Light
0fbc99e0b7
Fixes for UFW
2016-05-15 23:36:40 -04:00
Kaladin Light
3916acf665
Support reverting UFW changes on uninstall
2016-05-15 16:57:42 -04:00
Kaladin Light
a432e187b9
Don't get CN list by counting columns as it is wholly unreliable.
...
If user had space in some cert fields, like city was "Fort Worth"
the current way would have fell apart.
This fixes these issues in 'pivpn list' and hence 'pivpn revoke'
2016-05-15 13:20:36 -04:00
Kaladin Light
2f3540b898
Robustize OS Detection.
...
This is framework needed to support Ubuntu 16.04 which
is coming in a future commit.
2016-05-10 11:49:29 -04:00
Kaladin Light
67e537b7fa
Fix revoke, seems i missed some merges from my recent rework
2016-05-07 13:20:09 -04:00
Kaladin Light
0277054de1
Ubuntu uses openvpn repo to get newer version and...
...
clients get two more security parameters to harden connection further and...
hopefully fix use of testing branch and...
why is there no modern Road Rash game, that was the best.
2016-05-07 12:33:52 -04:00
Kaladin Light
b8e736e94b
Fix little '\n' issue when say [n] to uninstall
2016-05-05 21:14:46 -04:00
Kaladin Light
dea112f50f
Fixes #23 , enhance 'pivpn add', minor bug fixes & other enhancements
2016-05-05 21:04:57 -04:00
Kaladin Light
bf81405d6c
Resolves #19 - Implement unattended-upgrade option for users
2016-05-03 10:32:17 -04:00
Kaladin Light
6956fcb99b
Implement the "planetahuevo enhancement", IE the ability to
...
generate a client cert with no password. Run 'pivpn add nopass'
2016-04-30 23:37:27 -04:00
Kaladin Light
2ee04c6c9b
Missed dependency for new 'pivpn add' requirements
2016-04-30 14:40:43 -04:00
Kaladin Light
af19eeb55b
'pivpn add' functionality greatly improved!
...
Now with 2 scoops of raisins!
2016-04-30 13:28:01 -04:00
Kaladin Light
0649c5da66
Closes #17
...
Cause people cared more than I thought they would.
(and that's a good thing)
2016-04-29 13:18:28 -04:00
Kaladin Light
f3c1072975
Cover unknown in pivpn list.
...
I believe there is an expired status but can't get it to show up in the index.txt
2016-04-24 11:29:29 -04:00
Kaladin Light
fa60d29aa3
Get install working on ubuntu
2016-04-22 15:16:48 -04:00
Kaladin Light
e364d6d34b
Use correct install URL (we are out of beta)
2016-04-19 21:06:12 -04:00
Kaladin Light
192abb1de5
Consistent formatting
2016-04-19 21:03:50 -04:00
Kaladin Light
53565dd4fe
First commit of reworked installer
2016-04-19 14:01:55 -04:00