{"id":8548,"date":"2024-09-14T09:12:16","date_gmt":"2024-09-14T01:12:16","guid":{"rendered":"http:\/\/999.zuizhuai.cn\/?p=8548"},"modified":"2024-09-14T09:12:16","modified_gmt":"2024-09-14T01:12:16","slug":"%e6%96%b0%e6%89%8b%e5%90%91%e5%af%bc%ef%bc%9a%e8%bd%bb%e6%9d%be%e7%a6%bb%e7%ba%bf%e6%90%ad%e5%bb%ba%e6%9c%80%e6%96%b0%e7%89%88openvpn%e5%90%ab%e4%b8%80%e9%94%ae%e5%ae%89%e8%a3%85%e8%84%9a%e6%9c%ac","status":"publish","type":"post","link":"http:\/\/puo.cn\/?p=8548","title":{"rendered":"\u65b0\u624b\u5411\u5bfc\uff1a\u8f7b\u677e\u79bb\u7ebf\u642d\u5efa\u6700\u65b0\u7248OpenVPN(\u542b\u4e00\u952e\u5b89\u88c5\u811a\u672c)"},"content":{"rendered":"<p>[alert title=&#8221;\u6587\u5b57\u5757\u6807\u9898&#8221;][\/alert]<\/p>\n<p>[alert title=&#8221;\u6587\u5b57\u5757\u6807\u9898&#8221;][\/alert]<\/p>\n<ul>\n<li data-pid=\"bjE9SYmy\">\u6700\u5e38\u89c1\u7684openvpn\u642d\u5efa\u65b9\u5f0f\u5c31\u662f\u901a\u8fc7docker\uff0c\u975e\u5e38\u7684\u7b80\u5355\u3001\u65b9\u4fbf\u3002\u5982\u679c\u662f\u642d\u5efa\u8fc7openvpn\u5e94\u8be5\u4f1a\u77e5\u9053\u8fd9\u4e2a\u955c\u50cfkylemanna\/openvpn\uff0c\u4f46\u662f\u5b83\u4e00\u76f4\u6ca1\u6709\u66f4\u65b0\u4e86\uff0c\u4e5f\u5c31\u662f\u4e09\u5e74\u524d\u66f4\u65b0\u8fc7\u7136\u540e\u5c31\u518d\u4e5f\u6ca1\u66f4\u65b0\u8fc7\u4e86\uff0c\u7248\u672c\u505c\u7559\u5728openvpn2.4\u7684\u7248\u672c\u3002<\/li>\n<\/ul>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9120\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152729836.jpg\" width=\"1080\" height=\"238\" alt=\"20240914152729836\" title=\"20240914152729836\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"QaMPTZTl\">\u90a3\u4e48\u5982\u4f55\u5347\u7ea7openvpn\u5230\u6700\u65b0\u7248\u672c\u5462\uff1f\u53ef\u4ee5\u5230\u5b98\u65b9\u7684\u5f00\u6e90\u793e\u533a\u627e\u5230\u6700\u65b0\u7684\u5b89\u88c5\u7248\u672c\uff0c\u53ef\u4ee5\u770b\u5230\u6700\u8fd1\u4e00\u6b21\u66f4\u65b0\u662f\u57282024\u5e742\u6708\u4efdopenvpn v2.6.9\u3002\u53ef\u4ee5\u770b\u52302.6.7 2.6.8 2.6.9 \u5b98\u65b9\u7684\u5f00\u6e90\u793e\u533a\u66f4\u65b0\u8fd8\u662f\u5f88\u9891\u7e41\u7684\u3002<\/p>\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9121\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152731705.jpg\" width=\"720\" height=\"369\" alt=\"20240914152731705\" title=\"20240914152731705\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"v0AwMaMd\">\u4ee5\u4e0b\u662f\u8be6\u7ec6\u7684\u5b89\u88c5\u6b65\u9aa4\uff1a<\/p>\n<h2 style=\"font-style: inherit;font-variant: inherit;font-weight: 600;font-size: 1.2em;line-height: 1.5;font-family: inherit;margin-top: calc(2.33333em);margin-bottom: calc(1.16667em);clear: left\">\u4e00\u3001\u79bb\u7ebf\u5305\u5b89\u88c5\u6b65\u9aa4<\/h2>\n<h3 style=\"font-style: inherit;font-variant: inherit;font-weight: 600;font-size: 1.1em;line-height: 1.5;font-family: inherit;margin-top: calc(1.90909em);margin-bottom: calc(1.27273em);clear: left\">1\u3001openvpn\u5b89\u88c5<\/h3>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u5b98\u65b9\u4e0b\u8f7d\u6700\u65b0\u7248\u672copenvpn<\/li>\n<li style=\"width: 690px\">\u5b89\u88c5\u524d\u5148\u5b89\u88c5\u4ee5\u4e0b\u4f9d\u8d56\uff0c\u4e0d\u7136\u4f1a\u62a5\u9519<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">apt install -y gcc libnl-genl-3-dev  libcap-ng-dev pkg-config liblzo2-dev libssl-dev libpam0g-dev\n.\/configure<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u5b89\u88c5openssl<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">checking additionally if OpenSSL is available and version &gt;= 1.0.2... configure: error: OpenSSL version too old<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u4e0b\u8f7d\u7f16\u8bd1\u5b89\u88c5\uff0copensslv1.1.1\u6700\u65b0\u7684\u4e00\u4e2a\u7248\u672c\u662f1.1.1w\u3002\u5982\u679c\u4f60\u7684\u7248\u672c\u662f3.x\u597d\u50cf\u4e5f\u4e0d\u884c\uff0c\u53ea\u80fd\u662f1.1.1x\u7684\u7248\u672c\u3002<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">wget https:\/\/www.openssl.org\/source\/old\/1.1.1\/openssl-1.1.1w.tar.gz\ntar -zxvf openssl-1.1.1w.tar.gz\ncd openssl-1.1.1w\napt install -y gcc make zlib1g-dev\n.\/config --prefix=\/usr\/local\/openssl shared zlib\nmake -j32  (j32\u4f7f\u7528\u591a\u7ebf\u7a0b\uff0c\u6bd4make\u4f1a\u5feb\u4e00\u4e9b)\nmake install<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u5907\u4efd\u65e7\u7248\u672copenssl\uff0c\u8bbe\u7f6e\u65b0\u7248\u672c<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">mv \/usr\/bin\/openssl \/usr\/bin\/openssl.bak\nln -sv \/usr\/local\/openssl\/bin\/openssl \/usr\/bin\/openssl\n\n#\u66f4\u65b0\u52a8\u6001\u94fe\u63a5\u5e93\u6570\u636e\necho \"\/usr\/local\/openssl\/lib\" &gt;&gt;sudo \/etc\/ld.so.conf\nldconfig -v\nopenssl version<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"dWZkL3lt\">\u5982\u679copenssl version\u62a5\u4ee5\u4e0b\u9519<\/p>\n<blockquote style=\"margin-top: 1.4em;margin-bottom: 1.4em;padding-left: 1em\" data-pid=\"fTEL87Gh\"><p>openssl: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory<\/p><\/blockquote>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"bQxIx4CW\">\u7ee7\u7eed\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">sudo ln -sv \/usr\/local\/openssl\/lib\/libssl.so.1.1 \/usr\/lib\/\nsudo ln -sv \/usr\/local\/openssl\/lib\/libcrypto.so.1.1 \/usr\/lib\/\nopenssl version<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"W2LhAXyw\">\u5982\u679copenssl version\u5df2\u7ecf\u662f\u6700\u65b0\u7248\u672c\uff0c\u4f46\u8fd8\u662f\u63d0\u793atoo old\u53ef\u4ee5\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">apt install libssl-dev<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"gctVIT1L\">\u6267\u884c\u5c31\u53ef\u4ee5\u4e86\uff0c\u6700\u540e\uff0c\u786e\u8ba4\u4e00\u4e0b\u7248\u672c\uff1a<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\"># openssl version\nOpenSSL 1.1.1w  11 Sep 2023<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"Y4xqJjg-\">\u7ee7\u7eed.\/configure<\/p>\n<blockquote style=\"margin-top: 1.4em;margin-bottom: 1.4em;padding-left: 1em\" data-pid=\"Nht9itrI\"><p>configure: error: No compatible LZ4 compression library found. Consider &#8211;disable-lz4<\/p><\/blockquote>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"kLEv8V3A\">\u5982\u679c\u62a5\u4ee5\u4e0a\u9519\u8bef\u7684\u8bdd\u5c31\u6267\u884c\uff1a<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/configure --disable-lz4<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"xMGGDMRj\">\u5982\u679c\u6b63\u5e38\u5c31\u6210\u529f\u4e86\uff0c\u5982\u679c\u62a5\u4ee5\u4e0b\u9519\u8bef\uff1a<\/p>\n<blockquote style=\"margin-top: 1.4em;margin-bottom: 1.4em;padding-left: 1em\" data-pid=\"ddLAaN98\"><p>configure: error: libpam required but missing<\/p><\/blockquote>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">apt install libpam0g-dev<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"h_ZHf6oO\">\u6267\u884c\u540e\u5e94\u8be5\u5c31\u6ca1\u9519\u4e86<\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"mxHUST1d\">\u63a5\u7740\u5c31\u662f\u6267\u884c<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">make -j32\nmake install<\/code><\/pre>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9122\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152731216.jpg\" width=\"720\" height=\"382\" alt=\"20240914152731216\" title=\"20240914152731216\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"jGQhkpHm\">\u770b\u5230\u4ee5\u4e0a\u7ed3\u679c\u5c31\u5b8c\u6210\u5b89\u88c5\u4e86\uff0c\u4e5f\u53ef\u4ee5\u770b\u770bopenvpn\u7684\u7248\u672c\u4fe1\u606f\u3002<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">openvpn --version<\/code><\/pre>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9123\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152733577.jpg\" width=\"720\" height=\"215\" alt=\"20240914152733577\" title=\"20240914152733577\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<h3 style=\"font-style: inherit;font-variant: inherit;font-weight: 600;font-size: 1.1em;line-height: 1.5;font-family: inherit;margin-top: calc(1.90909em);margin-bottom: calc(1.27273em);clear: left\">2\u3001\u8bc1\u4e66\u751f\u6210<\/h3>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u521d\u59cb\u5316\u5bc6\u94a5<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">cd  \/usr\/share\/easy-rsa\n.\/easyrsa init-pki<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"B_MVT9ZT\">\u521d\u59cb\u5316\uff0c\u7a0b\u5e8f\u5c06\u81ea\u52a8\u521b\u5efapki\u5e76\u751f\u6210\u76f8\u5e94\u7684\u5bc6\u94a5\u6587\u4ef6<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9124\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152734412.jpg\" width=\"720\" height=\"232\" alt=\"20240914152734412\" title=\"20240914152734412\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"nB8n8FFu\">\u5b8c\u6210\u540e\u4f1a\u751f\u6210pki\u76ee\u5f55<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9125\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152734512.jpg\" width=\"720\" height=\"230\" alt=\"20240914152734512\" title=\"20240914152734512\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9126\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152735489.jpg\" width=\"720\" height=\"248\" alt=\"20240914152735489\" title=\"20240914152735489\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u7f16\u8f91easyrsa\u7684\u914d\u7f6e\u6587\u4ef6 vars:<\/li>\n<\/ul>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9127\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152736695.jpg\" width=\"720\" height=\"244\" alt=\"20240914152736695\" title=\"20240914152736695\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">set_var EASYRSA_REQ_COUNTRY     \"hanko\"\nset_var EASYRSA_REQ_PROVINCE    \"hanko\"\nset_var EASYRSA_REQ_CITY        \"hanko\"\nset_var EASYRSA_REQ_ORG         \"hanko\"\nset_var EASYRSA_REQ_EMAIL       \"hanko@hanko.com\"\nset_var EASYRSA_REQ_OU          \"hanko\"\nset_var EASYRSA_KEY_SIZE        2048\nset_var EASYRSA_ALGO            \"rsa\"\nset_var EASYRSA_DIGEST          \"sha256\"\nset_var EASYRSA_CA_EXPIRE       365000\nset_var EASYRSA_CERT_EXPIRE     365000\nset_var EASYRSA_CERT_RENEW      18000\nset_var EASYRSA_CRL_DAYS        6000<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u8f93\u5165\u4ee5\u4e0b\u547d\u4ee4\uff0c\u751f\u6210\u6839\u8bc1\u4e66\uff1a<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/easyrsa build-ca<\/code><\/pre>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9128\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152738180.jpg\" width=\"720\" height=\"355\" alt=\"20240914152738180\" title=\"20240914152738180\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"H4-NyWtk\">PEM pass phrase\uff0c\u8fd9\u4e2a\u5c31\u662f\u6839\u8bc1\u4e66\u5bc6\u7801\uff0c\u540e\u9762\u597d\u51e0\u4e2a\u6b65\u9aa4\u9700\u8981\u7528\u5230\u5b83\uff0c\u51fa\u73b0 \u201cCommon Name\u201d \u7684\u65f6\u5019\u76f4\u63a5\u6572\u56de\u8f66\u9ed8\u8ba4\u5373\u53ef\u3002<\/p>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u670d\u52a1\u5668\u8bc1\u4e66\u751f\u6210\uff1a<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/easyrsa gen-req server nopass<\/code><\/pre>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9129\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152739956.jpg\" width=\"720\" height=\"320\" alt=\"20240914152739956\" title=\"20240914152739956\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"PMWpwseD\">Common Name\u76f4\u63a5\u56de\u8f66\u4f7f\u7528\u9ed8\u8ba4\u540d\u79f0\uff1aserver<\/p>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u7b7e\u53d1\u670d\u52a1\u5668\u8bc1\u4e66\uff1a<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/easyrsa sign-req server server<\/code><\/pre>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9130\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152740970.jpg\" width=\"720\" height=\"365\" alt=\"20240914152740970\" title=\"20240914152740970\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"icJ-6lP_\">\u51fa\u73b0 \u201cType the word \u2018yes\u2019 to continue\u201d \u7684\u65f6\u5019\u8f93\u5165\uff1a yes<\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"wN73BrVJ\">\u7136\u540e\u8f93\u5165\u521a\u624d\u5728\u4e0a\u4e00\u6b65\u8bbe\u7f6e\u7684\u6839\u8bc1\u4e66\u5bc6\u7801\u3002<\/p>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u751f\u6210Diffie-Hellman<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/easyrsa gen-dh<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"BlikPJdY\">\u81f3\u6b64\uff0c\u6211\u4eec\u5c31\u5b8c\u6210\u4e86\u5168\u90e8\u6240\u9700\u8bc1\u4e66\u6587\u4ef6\u7684\u751f\u6210\uff0c\u4e0b\u9762\u5c06\u8fd9\u4e9b\u96f6\u6563\u7684\u6587\u4ef6\u96c6\u4e2d\u805a\u5408\u5230 keys \u76ee\u5f55\u4e2d\u53bb\uff1a<\/p>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u628a\u6587\u4ef6\u590d\u5236\u5230 \/etc\/openvpn<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">mkdir -p \/etc\/openvpn\ncp \/usr\/share\/easy-rsa\/pki\/ca.crt  \/etc\/openvpn\/\ncp \/usr\/share\/easy-rsa\/pki\/private\/server.key  \/etc\/openvpn\/\ncp \/usr\/share\/easy-rsa\/pki\/issued\/server.crt  \/etc\/openvpn\/\ncp \/usr\/share\/easy-rsa\/pki\/dh.pem  \/etc\/openvpn\/dh2048.pem\n\n\ncp \/usr\/share\/easy-rsa\/pki\/issued\/y-client.crt  \/etc\/openvpn\/\ncp \/usr\/share\/easy-rsa\/pki\/private\/y-client.key  \/etc\/openvpn\/<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">tls\u5bc6\u94a5\u751f\u6210ta.key<\/li>\n<\/ul>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"tsgzWBlf\">tls\u5bc6\u94a5\u751f\u6210\uff1aopenvpn &#8211;genkey secret ta.key\u8fd9\u4e2a\u5bc6\u94a5\u7531openvpn\u4e3b\u7a0b\u5e8f\u751f\u6210\uff0c\u8d77\u4f5c\u7528\u662f\u7528\u5bc6\u94a5\u53d6\u4ee3\u5bc6\u7801\u8f93\u5165<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">openvpn --genkey secret ta.key<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u590d\u5236server.conf\u914d\u7f6e\u6587\u4ef6<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">cp \/usr\/local\/src\/openvpn-2.6.8\/sample\/sample-config-files\/server.conf \/etc\/openvpn\/\nport 1194\nproto udp\ndev tun\nca ca.crt\ncert server.crt\nkey server.key\ndh dh2048.pem\nserver 10.8.0.0 255.255.255.0\nifconfig-pool-persist ipp.txt\nkeepalive 10 120\ntls-auth ta.key 0\ncipher AES-256-CBC\npersist-key\npersist-tun\nstatus openvpn-status.log\nverb 3\nexplicit-exit-notify 1<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u542f\u52a8openvpn<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">openvpn --config \/etc\/openvpn\/server.conf<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u751f\u6210client\u8bc1\u4e66<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">.\/easyrsa gen-req client nopass\n.\/easyrsa sign-req client client\n\ncp \/usr\/share\/easy-rsa\/pki\/private\/client.key  \/etc\/openvpn\/\ncp \/usr\/share\/easy-rsa\/pki\/issued\/client.crt  \/etc\/openvpn\/<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">client.ovpn<\/li>\n<\/ul>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">client\ndev tun\nproto udp\nremote 10.9.2.79 1194\nresolv-retry infinite\nnobind\npersist-key\npersist-tun\nca ca.crt\ncert client.crt\nkey client.key\nremote-cert-tls server\ntls-auth ta.key 1\ncipher AES-256-CBC\nverb 3<\/code><\/pre>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u5b89\u88c5windows\u6216linux\u7248\u672c\u5ba2\u6237\u7aef\uff0c\u4f7f\u7528client.ovpn\u6587\u4ef6\u751f\u6210\u7684client.crt\u3001client.key\u3001ta.key\u8fde\u63a5openvpn\u670d\u52a1\u7aef<\/li>\n<\/ul>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9131\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152741524.jpg\" width=\"441\" height=\"576\" alt=\"20240914152741524\" title=\"20240914152741524\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"RUuiC77e\">\u81f3\u6b64\u5b89\u88c5\u5c31\u5b8c\u6210\u4e86\u3002<\/p>\n<h2 style=\"font-style: inherit;font-variant: inherit;font-weight: 600;font-size: 1.2em;line-height: 1.5;font-family: inherit;margin-top: calc(2.33333em);margin-bottom: calc(1.16667em);clear: left\">\u4e8c\u3001\u4e00\u952e\u5b89\u88c5\u811a\u672c<\/h2>\n<hr style=\"border-right: none;border-bottom: none;border-left: none;border-top-style: solid;margin: 4em auto;width: 240px\" \/>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"My2Y3dGF\">\u2b50\u2b50\u2b50\u2b50\u2b50<\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"vjIkbFpA\"><span style=\"font-weight: 600\">\u91cd\u70b9\u6765\u4e86\u2193\u2193\u2193<\/span><\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"fa6m2CSd\"><span style=\"font-weight: 600\">\u4e00\u952e\u5b89\u88c5\uff0c\u6765\u4e86\uff01\uff01\uff01<\/span><\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"f6ZG3LwN\"><span style=\"font-weight: 600\">\u5982\u679c\u611f\u5230\u4e0a\u9762\u7684\u547d\u4ee4\u592a\u591a\u3001\u592a\u9ebb\u70e6\u3002\u90a3\u4e48\u53ef\u4ee5\u770b\u770b\u8fd9\u4e2agithub\u4e0a\u7684\u5927\u725b\u4eec\u505a\u6210\u4e86\u4e00\u952e\u5b89\u88c5\u7684\u547d\u4ee4openvpn-install.sh\uff0c\u4e00\u952e\u5b89\u88c5\u3002<\/span><\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9132\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152741801.jpg\" width=\"720\" height=\"547\" alt=\"20240914152741801\" title=\"20240914152741801\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\">\n<p>&nbsp;<\/p>\n<figure style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-size=\"normal\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-9133\" src=\"http:\/\/loc-wp-cdnimg.jiyun.net\/blogtest\/2024\/09\/20240914152742223.jpg\" width=\"702\" height=\"357\" alt=\"20240914152742223\" title=\"20240914152742223\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"tcJAGXsE\">\u5b89\u88c5\u5b8c\u5ba2\u6237\u7aef\u6587\u4ef6\u4e5f\u4f1a\u81ea\u52a8\u751f\u6210\uff0c\u76f4\u63a5\u4e0b\u8f7d\u4f7f\u7528\u5c31\u53ef\u4ee5\u4e86\u3002<\/p>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"dW57Ab5w\"><em>p.s.\u4e00\u952e\u5b89\u88c5\u6bd4\u8f83\u7b80\u5355\uff0c\u4f46\u4e5f\u5b58\u5728\u4e00\u4e2a\u95ee\u9898\u5c31\u662f\u7248\u672c\u4e0d\u662f\u6700\u65b0\u7684\uff0c\u811a\u672c\u4f7f\u7528\u7684\u662fapt install\u65b9\u5f0f\u5b89\u88c5openvpn\uff0capt install\u6e90\u6700\u65b0\u7248\u672c\u662f2.5.x\u3002\u622a\u6b622024\u5e743\u6708\u6700\u65b0\u7248\u672c\u5e94\u8be5\u662fv2.6.9\u3002<\/em><\/p>\n<p style=\"margin-top: -0.8em;margin-bottom: -0.8em\">\n<h2 style=\"font-style: inherit;font-variant: inherit;font-weight: 600;font-size: 1.2em;line-height: 1.5;font-family: inherit;margin-top: calc(2.33333em);margin-bottom: calc(1.16667em);clear: left\">\u4e09\u3001\u76f8\u5173\u95ee\u9898<\/h2>\n<ul class=\"list-paddingleft-1\" style=\"margin-top: 1.4em;margin-bottom: 1.4em;width: 690px\">\n<li style=\"width: 690px\">\u5b89\u88c5\u597d\u540e\uff0c\u5ba2\u6237\u7aef\u6b63\u5e38\u8fde\u63a5\u81f3\u670d\u52a1\u5668\uff0c\u4f46\u65e0\u6cd5\u4f7f\u7528\u4ee3\u7406\u7f51\u7edc\u3002<\/li>\n<\/ul>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\" data-pid=\"1XhDdHfq\">\u589e\u52a0\u4ee5\u4e0b\u914d\u7f6e\uff1a<\/p>\n<pre style=\"border-radius: 4px;font-size: 0.9em;overflow: auto;padding: calc(0.888889em)\"><code style=\"background-color: inherit;border-radius: 0px;, monospace;font-size: inherit\">iptables -t nat -A POSTROUTING -s 10.8.0.0\/16 -o eth0 -j MASQUERADE<\/code><\/pre>\n<p style=\"margin-top: 1.4em;margin-bottom: 1.4em\">\n<p style=\"margin-top: 1.4em\">\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[alert title=&#8221;\u6587\u5b57\u5757\u6807\u9898&#8221;][\/alert] [alert title=&#8221;\u6587\u5b57\u5757\u6807\u9898&#8221;][\/alert] \u6700\u5e38\u89c1\u7684openvpn\u642d\u5efa\u65b9\u5f0f\u5c31\u662f\u901a\u8fc7docker\uff0c\u975e\u5e38\u7684\u7b80\u5355\u3001\u65b9\u4fbf\u3002\u5982&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[141],"tags":[186,83],"topic":[],"class_list":["post-8548","post","type-post","status-publish","format-standard","hentry","category-tools-soft","tag-vpn","tag-83"],"_links":{"self":[{"href":"http:\/\/puo.cn\/index.php?rest_route=\/wp\/v2\/posts\/8548","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/puo.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/puo.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/puo.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/puo.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8548"}],"version-history":[{"count":0,"href":"http:\/\/puo.cn\/index.php?rest_route=\/wp\/v2\/posts\/8548\/revisions"}],"wp:attachment":[{"href":"http:\/\/puo.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/puo.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8548"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/puo.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8548"},{"taxonomy":"topic","embeddable":true,"href":"http:\/\/puo.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftopic&post=8548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}