Difference between revisions of "OpenVPN"
Jump to navigation
Jump to search
(Stubbed this out, saving before i forget.) |
(As usual, an OS X open source project is better executed. Hooray NetworkManager) |
||
Line 15: | Line 15: | ||
Transport Protocol: UDP (also the default in OpenVPN) | Transport Protocol: UDP (also the default in OpenVPN) | ||
Authentication type: Username/Password (PKI disabled) | Authentication type: Username/Password (PKI disabled) | ||
+ | Compression: LZO | ||
= Connection Instructions = | = Connection Instructions = | ||
== Mac OS X == | == Mac OS X == | ||
+ | * Install Tunnelblick (https://code.google.com/p/tunnelblick/) | ||
+ | * Get the SSH-Chicago.tblk config package from another member | ||
+ | * Double-click it. | ||
+ | * Log in with your SSH:Chicago (wiki) username and password | ||
− | == Linux (Tested on Fedora Core 20 == | + | == Linux (Tested on Fedora Core 20) == |
+ | * Grab the HMAC key and store it in ~/.certs/ | ||
+ | * Download a copy of the [[SSHCHICAGO.ORG Certificate Authority (CA)]] and store that in ~/.certs/ as well. (These two steps are required to comply with default SELinux regulations in Fedora) | ||
+ | * Launch your Network Manager UI | ||
+ | * Add a VPN connection. Set stuff up like this: | ||
+ | ** Name: ssh-c | ||
+ | ** Gateway: space.sshchicago.org | ||
+ | ** Authentication: | ||
+ | *** Type: Password | ||
+ | *** User name: Your SSH:Chicago username. | ||
+ | *** Password: Your SSH:Chicago password. | ||
+ | *** CA Certificate: Choose the certificate you put in ~/.certs/ | ||
+ | ** Click Advanced. | ||
+ | *** General: | ||
+ | **** Check the "Use LZO data compression" box. | ||
+ | *** TLS Authentication: | ||
+ | **** Check "Use additional TLS authentication". | ||
+ | **** For Key File, chose the HMAC key you stored in ~/.certs/ | ||
+ | **** Key direction: "1" | ||
+ | * Click OK, and Apply | ||
+ | * Connect. | ||
== Windows == | == Windows == |
Revision as of 19:14, 14 June 2014
Contents
VPN Access
We use OpenVPN (http://openvpn) as our VPN solution.
Gaining Access
Your FreeIPA account needs to be a member of the openvpn_users group.
Requirements
- You must have a copy of our HMAC key, please contact tech@sshchicago.org to get it.
- You'll also need a copy of our SSHCHICAGO.ORG Certificate Authority (CA) certicate.
Connection Information
Gateway: space.sshchicago.org Port: 1194 (this is the default in OpenVPN) Transport Protocol: UDP (also the default in OpenVPN) Authentication type: Username/Password (PKI disabled) Compression: LZO
Connection Instructions
Mac OS X
- Install Tunnelblick (https://code.google.com/p/tunnelblick/)
- Get the SSH-Chicago.tblk config package from another member
- Double-click it.
- Log in with your SSH:Chicago (wiki) username and password
Linux (Tested on Fedora Core 20)
- Grab the HMAC key and store it in ~/.certs/
- Download a copy of the SSHCHICAGO.ORG Certificate Authority (CA) and store that in ~/.certs/ as well. (These two steps are required to comply with default SELinux regulations in Fedora)
- Launch your Network Manager UI
- Add a VPN connection. Set stuff up like this:
- Name: ssh-c
- Gateway: space.sshchicago.org
- Authentication:
- Type: Password
- User name: Your SSH:Chicago username.
- Password: Your SSH:Chicago password.
- CA Certificate: Choose the certificate you put in ~/.certs/
- Click Advanced.
- General:
- Check the "Use LZO data compression" box.
- TLS Authentication:
- Check "Use additional TLS authentication".
- For Key File, chose the HMAC key you stored in ~/.certs/
- Key direction: "1"
- General:
- Click OK, and Apply
- Connect.