-
Notifications
You must be signed in to change notification settings - Fork 1
/
ovpnkey
executable file
·126 lines (104 loc) · 2.26 KB
/
ovpnkey
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/bin/bash
#
# Creates openvpn key files for the given user / email
# Please see the content of the script to change (even)
# some hardcoded values that does not fit your info
#
# For usage info run the script with no args
#
AUTHOR="Bulent Vural - bulentv@gmail.com"
VERSION="v0.0.1 - 05.10.2015"
#while true; do ssh -ND5555 root@bvpn.bvnet.net -p 9922; sleep 2; done &
DEVICE="tun"
PROTO="tcp"
HOST="bvpn.bvnet.net"
PORT="1194"
EXT="ovpn"
EASY_RSA_DIR="/etc/openvpn/easy-rsa/"
TEMPLATE="
client
dev $DEVICE
proto $PROTO
socks-proxy localhost 5555
remote $HOST $PORT
resolv-retry infinite
nobind
#redirect-gateway
persist-key
persist-tun
comp-lzo
verb 3
"
#---- DO NOT TOUCH BELOW THIS LINE
NAME=$2
EMAIL=$3
function do_create () {
cwd=$(pwd)
cd $EASY_RSA_DIR
source ./vars > /dev/null
expect <<- DONE
set timeout -1
spawn ./build-key $NAME
expect "*?ountry" {send "TR\r"}
expect "*?tate" {send "TR\r"}
expect "*?ocality" {send "Istanbul\r"}
expect "*?rganization Name" {send "bvnet\r"}
expect "*?rganizational Unit" {send "remote\r"}
expect "*?ommon Name" {send "\r"}
expect "*?ame " {send "$NAME\r"}
expect "*?mail" {send "$EMAIL\r"}
expect "*? challenge" {send "\r"}
expect "*?n optional company" {send "\r"}
expect "*?certificate\?" {send "y\r"}
expect "*?commit\?" {send "y\r"}
expect eof
DONE
ca="$(cat keys/ca.crt | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p')"
crt="$(cat keys/${NAME}.crt | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p')"
key="$(cat keys/${NAME}.key | sed -n '/BEGIN PRIVATE KEY/,/END PRIVATE KEY/p')"
rm -f keys/${NAME}.crt
rm -f keys/${NAME}.csr
rm -f keys/${NAME}.key
cd $cwd
out="$NAME.$EXT"
echo "$TEMPLATE" > $out
echo "<ca>" >> $out
echo "$ca" >> $out
echo "</ca>" >> $out
echo "<cert>" >> $out
echo "$crt" >> $out
echo "</cert>" >> $out
echo "<key>" >> $out
echo "$key" >> $out
echo "</key>" >> $out
echo "$out created"
}
function do_revoke () {
cwd=$(pwd)
cd $EASY_RSA_DIR
source ./vars
./revoke-full $NAME
cd $cwd
}
function do_list () {
cwd=$(pwd)
cd $EASY_RSA_DIR
cat keys/index.txt
cd $cwd
}
case "$1" in
--create|-c)
do_create
;;
--revoke|-r)
do_revoke
;;
--list|-l)
do_list
;;
*)
echo "ovpnkey $VERSION -- $AUTHOR"
echo "Usage: $0 --create (-c) | --revoke (-r) name [email]" >&2
exit 3
;;
esac