From 39ed9586d27eb1223bacdf7a71d56b2f2c0180a7 Mon Sep 17 00:00:00 2001 From: Orazio Date: Mon, 14 Sep 2020 16:36:52 +0200 Subject: [PATCH] Updated OpenVPN (markdown) --- OpenVPN.md | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/OpenVPN.md b/OpenVPN.md index 0e751aa..3eb8614 100644 --- a/OpenVPN.md +++ b/OpenVPN.md @@ -1,3 +1,59 @@ +# Managing the PiVPN + +## `pivpn add` +You will be prompted to enter a name for your client. Pick anything you like and hit 'enter'. +You will be asked to enter a pass phrase for the client key; make sure it's one you'll remember. +The script will assemble the client .ovpn file and place it in the directory 'ovpns' within your +home directory. + +If you need to create a client certificate that is not password protected (IE for use on a router), +then you can use the 'pivpn add nopass' option to generate that. + +## `pivpn revoke` +Asks you for the name of the client to revoke. Once you revoke a client, it will no longer allow you to use +the given client certificate (ovpn config) to connect. This is useful for many reasons but some ex: +You have a profile on a mobile phone and it was lost or stolen. Revoke its cert and generate a new +one for your new phone. Or even if you suspect that a cert may have been compromised in any way, +just revoke it and generate a new one. + +## `pivpn list` +If you add more than a few clients, this gives you a nice list of their names and whether their certificate +is still valid or has been revoked. Great way to keep track of what you did with 'pivpn add' and 'pivpn revoke'. + +# Connecting to the PiVPN + +## Windows + +Download the [OpenVPN GUI](https://openvpn.net/community-downloads/), install it, and place the profile in the 'config' folder of your OpenVPN directory, i.e., in 'C:\Program Files\OpenVPN\config'. After importing, connect to the VPN server on Windows by running the OpenVPN GUI with administrator permissions, right-clicking on the icon in the system tray, and clicking 'Connect'. + +## Linux + +Install OpenVPN using your package manager (APT in this example). Now, as root user, create the /etc/openvpn/client folder and prevent anyone but root to enter it (you only need to do this the first time): +``` +apt install openvpn +mkdir -p /etc/openvpn/client +chown root:root /etc/openvpn/client +chmod 700 /etc/openvpn/client +``` +Move the config and connect (input the pass phrase if you set one): +``` +mv whatever.ovpn /etc/openvpn/client/ +openvpn /etc/openvpn/client/whatever.ovpn +``` +Press CTRL-C to disconnect. + +## Mac + +You can use an OpenVPN client like [Tunnelblick](https://tunnelblick.net/downloads.html). Here's a [guide](https://tunnelblick.net/czUsing.html) to import the configuration. + +## Android + +Install the [OpenVPN Connect app](https://play.google.com/store/apps/details?id=net.openvpn.openvpn), select 'Import' from the drop-down menu in the upper right corner of the main screen, choose the directory on your device where you stored the .ovpn file, and select the file. Connect by selecting the profile under 'OpenVPN Profile' and pressing 'Connect'. + +## iOS + +Install the [OpenVPN Connect app](https://apps.apple.com/it/app/openvpn-connect/id590379981). Then go to the app where you copied the .ovpn file to, select the file, find an icon or button to 'Share' or 'Open with', and choose to open with the OpenVPN app. + # FAQ (Frequently Asked Questions) ## How do I use Pi-hole with PiVPN?