Solved

where and how to put keys and crts in openVPN Fedora 14

Posted on 2011-03-12
12
802 Views
Last Modified: 2012-05-11
Greetings,

I am running Fedora 14 on a Dell E5410 laptop.  OpenVPN is installed and I"m trying to configure it for a connection BUT since I'm clueless about finding my way around Fedora, I can't.

Problem 1) I have my key files and config file sitting on my desktop.  Problem is I have no idea how to copy them to the appropriate folders or even where those folders are.  

Problem 2) Once the files are in their proper place, I need to understand how to set up the connection ... good news is, I should have all the information necessary to do this.

I cannot emphasis enough that Linux is an entirely new world to me so assume I know nothing ... except that I know how to enter the shell prompt in root so if someone could tell me the commands to place these files where they need to go.

Thanks!
0
Comment
Question by:max7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 35117284
Are you configuring it for establishing a connection to an external server or is your fedora will be the openvpn server.

http://openvpn.net/index.php/open-source/documentation/howto.html
0
 
LVL 1

Author Comment

by:max7
ID: 35117397
I am trying to connect to a remote server so I would be the client ... I have scoured the internet for a clear tutorial on how to setup the client but I have found nothing that fits the bill for someone at my level.

On top of that, when I try to drop files inside the openvpn folder, it says I do not have permission because (I guess) I am logged in as a regular user and not as root.   I tried to log out and log back in as root but I can't see way to do that.  I see no user "root" offered at the login prompt.

Furthermore, SELinux is getting in on the act; it seems to prevent openvpn from reading one of my certs.  I find a command line that put SELinux in passive mode which allowed the VPN to try and connect but it eventually timed out.

The whole situation is a convoluted, frustrating mess.
0
 
LVL 78

Expert Comment

by:arnold
ID: 35117462
On the server they need to generate and provide you the privae/public keys while keeping the public key and adding it in the cert directory.
You would have to reference the key and the certificate within the client configuration.
You would also need to have the CA certificate from the server to which you will be connecting to avoid errors due to trust issues.
usually once you login, you would run sudo bash to get a shell with elevated rights.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 1

Author Comment

by:max7
ID: 35117484
>>>On the server they need to generate and provide you the privae/public keys while keeping the public key and adding it in the cert directory.

Originally, I was setup on a windows 7 machine and they sent me keys and certs then.  Would the keys and certs they sent me when I was windows work for linux or must they generate completely new keys and certs?
0
 
LVL 78

Expert Comment

by:arnold
ID: 35118177
Yes they might not if the computer name changed.
But you can try.
0
 
LVL 1

Author Comment

by:max7
ID: 35119164
ok ... so the question is: how do I do this?

>>>You would have to reference the key and the certificate within the client configuration.

How?  For instance, what are the commands I would type in a terminal so the necessary files are in the proper folders?

>>>usually once you login, you would run sudo bash to get a shell with elevated rights.

I have no idea what this is or how the command looks

If you can point me to a decent tutorial on the web that would be fantastic, but all that I have seen are written a) mostly for server side and b) assuming you know linux command line i.e. it does not speak to a novice.
0
 
LVL 78

Expert Comment

by:arnold
ID: 35121953
you would need to edit the files which are likely in /etc/openvpn
Here the issue depends on which editor is best for you:
vi emacs etc
rpm -qa | grep -i vpn
rpm -ql <packageNameForOpenVPN>
The above line will list where all the files from the package are.
You would need to look where the file for the client configuration is.
0
 
LVL 78

Expert Comment

by:arnold
ID: 35121975
http://zhaoke.com/blog/436.html
You can use the example provided at http://www.zeroshell.net/eng/openvpn-client/ to configure your own.
0
 
LVL 8

Assisted Solution

by:jimmyray7
jimmyray7 earned 100 total points
ID: 35151306
Have you tried just copying the config and certificate files to /etc/openvpn and connecting?   Since you're a client that should be all you need to do.
0
 
LVL 1

Author Comment

by:max7
ID: 35154033
>>>Have you tried just copying the config and certificate files to /etc/openvpn and connecting?

I tried this but Linux tells me my user does not have permission to move the files to this folder ... how would get around this?
0
 
LVL 78

Accepted Solution

by:
arnold earned 400 total points
ID: 35157049
sudo is the means by which you can elevate your rights.
sudo bash
once you provide your password, you should have root rights on the system.
0
 
LVL 1

Author Closing Comment

by:max7
ID: 35162473
Thanks for the help ... Linux isn't the easiest OS to jump into I guess.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question