-
Notifications
You must be signed in to change notification settings - Fork 0
/
OpenVPNClientsKeysGenerator.sh
90 lines (77 loc) · 2.58 KB
/
OpenVPNClientsKeysGenerator.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/bin/bash
#Setting constants
path_to_rsa="/usr/share/easy-rsa/3.0.6" #Make sure the version of easy-rsa is correct
path_to_root_document="/root/Documents"
server_static_ip_address="X.X.X.X" #Host Server IP Address
server_openvpn_port="1194"
server_openvpn_protocol="udp"
opvn_data="
client\n
proto $server_openvpn_protocol\n
remote $server_static_ip_address\n
port $server_openvpn_port\n
dev tun\n
nobind\n
persist-key\n
persist-tun\n
resolv-retry infinite\n
remote-cert-tls server\n
cipher AES-256-CBC\n
route-metric 1\n
redirect-gateway def1\n
\n
";
# Done in 2019 August
sudo mkdir /root 2> /dev/null
sudo mkdir /root/Documents 2> /dev/null
echo ""
echo "---------------------------------"
echo ""
echo "Welcome to OpenVPN Clients Keys Generator (By Tarik Seyceri)"
echo ""
echo "Enter client device name (Must be Unique)"
read client_device_name
echo ""
#escape spaces
printf -v client_device_name '%s' $client_device_name
crtFile="$path_to_rsa/pki/issued/$client_device_name.crt"
keyFile="$path_to_rsa/pki/private/$client_device_name.key"
if [ -f $crtFile -a -f $keyFile ]; then
echo "This Client $client_device_name Key files already exist!"
else
cd $path_to_rsa
if [ -d $path_to_rsa ]; then
echo -en "\n" | ./easyrsa gen-req $client_device_name nopass
echo -en "yes" |./easyrsa sign-req client $client_device_name nopass
caFile="$path_to_rsa/pki/ca.crt"
if [ -f $caFile -a -f $crtFile -a -f $keyFile ]; then
if [ -d $path_to_root_document ]; then
mkdir /root/Documents/$client_device_name
mkdir /root/Documents/$client_device_name/keys
ovpn_config_file=$path_to_root_document/$client_device_name/$client_device_name.ovpn
echo -e $opvn_data >> $ovpn_config_file
echo -e "<ca>" >> $ovpn_config_file
cat "$caFile" >> $ovpn_config_file
echo -e "</ca>" >> $ovpn_config_file
echo -e "<cert>" >> $ovpn_config_file
cat "$crtFile" >> $ovpn_config_file
echo -e "</cert>" >> $ovpn_config_file
echo -e "<key>" >> $ovpn_config_file
cat "$keyFile" >> $ovpn_config_file
echo -e "</key>" >> $ovpn_config_file
cp $path_to_rsa/pki/ca.crt /root/Documents/$client_device_name/keys/
mv $path_to_rsa/pki/issued/$client_device_name.crt /root/Documents/$client_device_name/keys/$client_device_name.crt
mv $path_to_rsa/pki/private/$client_device_name.key /root/Documents/$client_device_name/keys/$client_device_name.key
else
echo "$path_to_root_document does not exist"
fi
else
echo "Error happened, files not generated!"
fi
fi
fi
echo "---------------------------------"
echo "Done!"
echo ""
echo "Check $path_to_root_document for the keys"
echo ""