{"id":1456,"date":"2019-06-10T11:14:16","date_gmt":"2019-06-10T09:14:16","guid":{"rendered":"https:\/\/nsix.pl\/kb\/?p=1456"},"modified":"2019-12-17T14:18:18","modified_gmt":"2019-12-17T13:18:18","slug":"instalacja-openvpn-w-formie-uslugi-debian-ubuntu","status":"publish","type":"post","link":"https:\/\/nsix.pl\/kb\/instalacja-openvpn-w-formie-uslugi-debian-ubuntu\/","title":{"rendered":"Instalacja OpenVPN w formie us\u0142ugi &#8211; Debian\/Ubuntu"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1456\" class=\"elementor elementor-1456\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f77413c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f77413c\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-c150296\" data-id=\"c150296\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6f4688b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6f4688b1\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-74a38bee\" data-id=\"74a38bee\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5368ed20 elementor-widget elementor-widget-text-editor\" data-id=\"5368ed20\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p>Poni\u017cej przedstawiamy instrukcj\u0119 instalacji oraz konfiguracji klienta\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>w formie us\u0142ugi w systemie Linux Debian\/Ubuntu.<\/p>\n<p><\/p>\n<p>Aplikacj\u0119\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>mo\u017cna zainstalowa\u0107 m.in. poleceniem:<\/p>\n<p><\/p>\n<pre class=\"wp-block-preformatted\">#  apt-get install openvpn<\/pre>\n<p><\/p>\n<p>Plik konfiguracji client.conf powinien znajdowa\u0107 si\u0119 w folderze \/etc\/openvpn<\/p>\n<p><\/p>\n<p>Aby przej\u015b\u0107 do jego edycji nale\u017cy skorzysta\u0107 z edytora tekstu vi lub nano:<\/p>\n<p><\/p>\n<pre class=\"wp-block-preformatted\"># nano \/etc\/openvpn\/client.conf\n\n  client\n  dev tun\n  proto tcp\n  remote XXX.XXX.XXX.XXX 1194\n  resolv-retry infinite\n  nobind\n  persist-key\n  persist-tun\n  ca \/etc\/openvpn\/keys\/ca.crt\n  cert \/etc\/openvpn\/keys\/MyClient.crt\n  key \/etc\/openvpn\/keys\/MyClient.key\n  ns-cert-type server\n  verb 0\n  cipher AES-256-CBC\n  auth SHA1<\/pre>\n<p><\/p>\n<p>Jak mo\u017cna zauwa\u017cy\u0107 plik konfiguracyjny wymaga mi\u0119dzy innymi okre\u015blenia opcji takich jak:<\/p>\n<p><\/p>\n<ul class=\"wp-block-list\">\n<li>remote &#8211; podania adresu IP lub nazwy hosta serwera\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN<\/a>, do kt\u00f3rego klient b\u0119dzie si\u0119 \u0142\u0105czy\u0142.<\/li>\n<li>1194 &#8211; okre\u015blenie portu serwera\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN<\/a>, do kt\u00f3rego klient b\u0119dzie si\u0119 \u0142\u0105czy\u0142.<\/li>\n<li>ca \/etc\/openvpn\/keys\/ca.crt &#8211; \u015bcie\u017ck\u0119, w kt\u00f3rej znajduje si\u0119 certyfikat ca.<\/li>\n<li>cert \/etc\/openvpn\/keys\/MyClient.crt &#8211; \u015bcie\u017ck\u0119, w kt\u00f3rej znajduje si\u0119 certyfikat klienta.<\/li>\n<li>key \/etc\/openvpn\/keys\/MyClient.key &#8211; \u015bcie\u017ck\u0119, w kt\u00f3rej znajduje si\u0119 klucz klienta.<\/li>\n<\/ul>\n<p><\/p>\n<p>W miejsce XXX.XXX.XXX.XXX nale\u017cy wpisa\u0107 adres IP lub nazw\u0119 hosta serwera\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN<\/a>. Niezb\u0119dne jest tak\u017ce wpisanie numeru portu.<\/p>\n<p><\/p>\n<p>Mo\u017cna teraz uruchomi\u0107 skonfigurowan\u0105 aplikacj\u0119 klienta\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>poleceniem:<\/p>\n<p><\/p>\n<pre class=\"wp-block-preformatted\"> # openvpn --config \/etc\/openvpn\/client.conf\n\nZostanie wy\u015bwietlony output aplikacji OpenVPN:\n\n# OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 27 2017\n library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08\n Socket Buffers: R=[163840-&gt;131072] S=[163840-&gt;131072]\n NOTE: UID\/GID downgrade will be delayed because of --client, --pull, or --up-delay\n UDPv4 link local: [undef]\n UDPv4 link remote: [AF_INET]XXX.XXX.XXX.XXX:1194\n TLS: Initial packet from [AF_INET]XXX.XXX.XXX.XXX:1194, sid=2fc176a5 4d3fbbfd\n VERIFY OK: depth=1, C=XX, ST=XXXXXXXX, L=XXXXXXXX, O=XXXXXXXX, OU=XX, CN=XXXXXXXX, name=EasyRSA, emailAddress=XXXXXXXX\n VERIFY OK: nsCertType=SERVER\n VERIFY OK: depth=0, C=XX, ST=XXXXXXXX, L=XXXXXXXX, O=XXXXXXXX, OU=XXXXXXXX, CN=XXXXXXXX, name=EasyRSA, emailAddress=XXXXXXXX\n Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key\n Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication\n Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key\n Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication\n Control Channel: TLSv1, cipher TLSv1\/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA\n [server] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:1194\n SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)\n PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.10 10.8.0.1'\n OPTIONS IMPORT: timers and\/or timeouts modified\n OPTIONS IMPORT: --ifconfig\/up options modified\n OPTIONS IMPORT: route options modified\n ROUTE_GATEWAY 192.168.1.1\/255.255.255.0 IFACE=eth0 HWADDR=XXXXXXXXXXXXXXXXXX\n TUN\/TAP device tun0 opened\n TUN\/TAP TX queue length set to 100\n do_ifconfig, tt-&gt;ipv6=0, tt-&gt;did_ifconfig_ipv6_setup=0\n \/sbin\/ip link set dev tun0 up mtu 1500\n \/sbin\/ip addr add dev tun0 local 10.8.0.10 peer 10.8.0.1\n Fri Sep  8 09:08:44 2017 \/sbin\/ip route add 10.8.0.1\/32 via 10.8.0.1\n GID set to nogroup\n UID set to nobody\n Initialization Sequence Completed<\/pre>\n<p><\/p>\n<p>Aby pozwoli\u0107 na automatyczne uruchamianie aplikacji\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>na przyk\u0142ad w przypadku restartu maszyny wirtualnej, nale\u017cy w\u0142\u0105czy\u0107\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>w formie us\u0142ugi w Systemd. Systemd odpowiada w g\u0142\u00f3wnej mierze za sterownie procesami rozruchowymi oraz us\u0142ugami.<\/p>\n<p><\/p>\n<p>Do zarz\u0105dzania g\u0142\u00f3wnie wykorzystuje si\u0119 polecenie systemctl. Polecenie systemctl wydane bez \u017cadnych opcji wy\u015bwietli wszystkie aktywne (uruchomione) us\u0142ugi.<\/p>\n<p><\/p>\n<p>Zatem, aby w\u0142\u0105czy\u0107\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>w formie us\u0142ugi, nale\u017cy wyda\u0107 polecenie:<\/p>\n<p><\/p>\n<pre class=\"wp-block-preformatted\"># systemctl start openvpn@client.service<\/pre>\n<p><\/p>\n<p>gdzie &#8222;client&#8221; jest nazw\u0105 utworzonego przez nas pliku konfiguracyjnego client.conf<\/p>\n<p><\/p>\n<p>oraz doda\u0107 us\u0142ug\u0119\u00a0<a href=\"https:\/\/nsix.pl\/panel\/sklep\/104\/85c8b6b7a13d4f9ab7b0134c8908aafa\" target=\"_blank\" rel=\"noopener\">OpenVPN\u00a0<\/a>w opcj\u0119 autostartu:<\/p>\n<p><\/p>\n<pre class=\"wp-block-preformatted\">#  systemctl enable openvpn@client.service<\/pre>\n<p><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a63b336 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a63b336\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2de0f36\" data-id=\"2de0f36\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Poni\u017cej przedstawiamy instrukcj\u0119 instalacji oraz konfiguracji klienta\u00a0OpenVPN\u00a0w formie us\u0142ugi w systemie Linux Debian\/Ubuntu. Aplikacj\u0119\u00a0OpenVPN\u00a0mo\u017cna zainstalowa\u0107 m.in. poleceniem: # apt-get install openvpn Plik konfiguracji client.conf powinien znajdowa\u0107 si\u0119 w folderze \/etc\/openvpn Aby przej\u015b\u0107 do jego edycji nale\u017cy skorzysta\u0107 z edytora tekstu vi lub nano: # nano \/etc\/openvpn\/client.conf client dev tun proto tcp remote XXX.XXX.XXX.XXX 1194 resolv-retry [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[28],"tags":[35,58,67,33,21,34,36,97,112],"class_list":["post-1456","post","type-post","status-publish","format-standard","hentry","category-openvpn","tag-debian","tag-instalacja","tag-konfiguracja","tag-linux","tag-openvpn","tag-ssh","tag-ubuntu","tag-ustawienia","tag-vpn"],"_links":{"self":[{"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/posts\/1456","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/comments?post=1456"}],"version-history":[{"count":21,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/posts\/1456\/revisions"}],"predecessor-version":[{"id":3365,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/posts\/1456\/revisions\/3365"}],"wp:attachment":[{"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/media?parent=1456"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/categories?post=1456"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsix.pl\/kb\/wp-json\/wp\/v2\/tags?post=1456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}