| Current Path : /home/cgabriel/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //home/cgabriel/rpi01.ovpn |
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tap
;dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 85.214.96.57 1194
;remote my-server-2 1194
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
# ca ca.crt
# cert client.crt
# key client.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
tls-auth ta.key 1
key-direction 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-128-CBC
auth SHA256
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
route-method exe
route-delay 2
pull
<ca>
-----BEGIN CERTIFICATE-----
MIIDYzCCAkugAwIBAgIUBaYZCtmNyHge5j1LIHK7IxYot68wDQYJKoZIhvcNAQEL
BQAwHjEcMBoGA1UEAwwTSWZUX09wZW5WUE5fQ0FfMjAyMTAeFw0yMTAzMjcyMDA4
NDZaFw0zNjA0MTcyMDA4NDZaMB4xHDAaBgNVBAMME0lmVF9PcGVuVlBOX0NBXzIw
MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP9rPDRmh/bW8563ey
ABi6XNPX+PGThVLxsN/nFmPc0nxDoozynRkXtTdEcbpHg4srHwxoSxJKbA1xtxma
R2PrjqfgD+ncrmiGViyF3RqrM8arCJGHmq9mOln+yATatoPtWrrgzwRjpvFzezGS
hlvVaWsB5t7hvHSsC5rigQ0HzfNrwVhkTF3dyWDPfTYFnrTaPXj2b/MwmO7RUQvx
njc+OXO/7hk+lfpSBwWg7sPWe+U9A/shMeIDrGVyQB7P80FT9XD9hb/5/4fbLnZm
fYA/NB97qCRNNQtRTo7Ot5E/F/2+XRqEYHE79LA4dtgx7aZ58jb9N+40diOgfIot
9eHpAgMBAAGjgZgwgZUwHQYDVR0OBBYEFG+7PJC7ftHEYiM3+Q+0l4qH5YvvMFkG
A1UdIwRSMFCAFG+7PJC7ftHEYiM3+Q+0l4qH5YvvoSKkIDAeMRwwGgYDVQQDDBNJ
ZlRfT3BlblZQTl9DQV8yMDIxghQFphkK2Y3IeB7mPUsgcrsjFii3rzAMBgNVHRME
BTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARcwLk/c72Ssp
Tom8I2iSiD4ejGo7VhvEvlzBr/gw1XyNeJ7Tr7k3R6ftyyxf75BVaniKP/yFsbpB
QbdtmHIdMUwK6LCVFSlpBhtPlv2OeOGX+YjtIQKkXGbRH0kWZ5+BI+2lxaJO8RrX
1sixmDOPTzzmsVfglASPchTGCt5vdcqcBpBa8f66N0aqilqUPot+vNLD4own2o6v
HsQSVv7ykH41njYO1STakL5P5i9vLGVZA/SW0S+Tknv3AUXWa6j4fUZR2INxLKrN
ghrxWFGz1wFWjVw0o0aZBQ9ztQjIcEOdeN6LQmdF5kHD5ewtj9xWTq5EQzvxaGXH
2/J7bGsF3Q==
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c1:53:84:d8:0f:2a:4f:a3:8a:d5:de:60:57:58:69:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=IfT_OpenVPN_CA_2021
Validity
Not Before: Nov 30 21:48:40 2025 GMT
Not After : Dec 21 21:48:40 2040 GMT
Subject: CN=rpi01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:7e:3b:fe:12:e2:c6:12:19:94:76:0f:76:
8f:90:00:66:b7:8d:cd:3f:33:23:c1:78:d6:c8:e6:
74:c0:29:e0:da:90:d0:5a:c8:8c:cf:fa:8c:17:b6:
d4:25:fc:69:f1:85:47:d6:7f:f1:a8:24:f3:07:52:
f1:ec:c9:02:4f:a1:f0:f9:79:fd:df:6b:34:54:d8:
29:dc:d5:80:8b:aa:5b:cf:00:1e:3b:11:ba:c0:b0:
5f:b1:fc:31:b8:c2:1a:11:36:74:3d:9c:04:a2:c9:
cb:f3:11:c3:f2:91:53:09:16:3e:85:ce:9a:2d:4c:
e4:93:cb:3d:63:a2:08:c6:ba:9c:4c:78:02:1c:90:
89:d2:99:60:44:60:0e:81:a4:04:60:ff:b0:f9:83:
63:3e:cf:b1:d4:41:63:98:06:a6:e5:85:93:4f:28:
af:6c:3e:82:72:9e:15:eb:c4:cd:11:77:1c:c3:f2:
70:38:a8:db:d2:3a:57:53:ed:ec:0c:f5:ce:db:64:
39:73:e2:07:b7:11:13:02:45:52:c6:c9:b4:92:76:
cd:9f:2b:ec:d1:da:97:39:67:64:0e:bd:11:fa:bd:
02:f7:88:d1:ab:ad:87:46:d4:47:c0:1b:a7:82:9f:
3b:d8:28:2b:77:8e:b7:d5:f8:ef:a0:83:10:62:fc:
b2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
04:60:E7:C5:89:AA:6E:DF:46:90:14:40:34:A5:D9:74:5D:78:98:7C
X509v3 Authority Key Identifier:
keyid:6F:BB:3C:90:BB:7E:D1:C4:62:23:37:F9:0F:B4:97:8A:87:E5:8B:EF
DirName:/CN=IfT_OpenVPN_CA_2021
serial:05:A6:19:0A:D9:8D:C8:78:1E:E6:3D:4B:20:72:BB:23:16:28:B7:AF
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
ab:96:b2:90:b9:9f:39:ba:bf:c7:b2:e4:fe:45:f3:e3:85:3b:
6b:ce:1a:d0:5f:b3:1c:f0:67:6f:ee:10:55:09:3b:24:18:20:
84:b7:dd:f4:82:c4:00:e0:ec:bc:b8:46:70:3b:20:db:70:78:
f9:3b:4f:e8:c1:dc:d1:c2:71:0f:ad:ec:fe:3a:a8:64:3e:44:
12:eb:fd:89:dc:4f:15:39:ee:2e:cc:07:b1:94:2e:7f:dc:da:
80:04:51:7f:96:ab:da:bc:23:a8:84:fb:42:85:cd:41:1a:0b:
19:41:cd:3a:4a:af:22:00:5a:59:3c:fc:3b:aa:54:ef:0e:8e:
c6:be:f7:bf:c3:e4:88:b6:1c:a7:16:0f:7c:50:1a:5f:0c:44:
d3:ac:d1:23:33:aa:ec:f6:ec:5b:91:78:b4:ac:d6:82:6d:a1:
3f:93:aa:a7:e4:a9:12:a8:b0:35:c8:69:b4:a3:fe:48:cf:90:
7b:14:b4:ce:a7:41:0b:a0:48:42:76:e7:f6:93:a1:fc:7f:b8:
7d:b9:35:c3:d5:ff:31:d9:71:95:6e:86:84:f0:42:ed:a7:e8:
71:42:60:cc:ec:a0:45:51:3f:63:5f:99:f1:f9:e7:03:65:35:
5c:d5:d8:b0:0d:42:e6:c9:b0:bf:ac:cb:cb:a9:24:96:70:2e:
0d:33:c8:d0
-----BEGIN CERTIFICATE-----
MIIDZDCCAkygAwIBAgIRAMFThNgPKk+jitXeYFdYaf8wDQYJKoZIhvcNAQELBQAw
HjEcMBoGA1UEAwwTSWZUX09wZW5WUE5fQ0FfMjAyMTAeFw0yNTExMzAyMTQ4NDBa
Fw00MDEyMjEyMTQ4NDBaMBAxDjAMBgNVBAMMBXJwaTAxMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAqXx+O/4S4sYSGZR2D3aPkABmt43NPzMjwXjWyOZ0
wCng2pDQWsiMz/qMF7bUJfxp8YVH1n/xqCTzB1Lx7MkCT6Hw+Xn932s0VNgp3NWA
i6pbzwAeOxG6wLBfsfwxuMIaETZ0PZwEosnL8xHD8pFTCRY+hc6aLUzkk8s9Y6II
xrqcTHgCHJCJ0plgRGAOgaQEYP+w+YNjPs+x1EFjmAam5YWTTyivbD6Ccp4V68TN
EXccw/JwOKjb0jpXU+3sDPXO22Q5c+IHtxETAkVSxsm0knbNnyvs0dqXOWdkDr0R
+r0C94jRq62HRtRHwBungp872Cgrd4631fjvoIMQYvyyIwIDAQABo4GqMIGnMAkG
A1UdEwQCMAAwHQYDVR0OBBYEFARg58WJqm7fRpAUQDSl2XRdeJh8MFkGA1UdIwRS
MFCAFG+7PJC7ftHEYiM3+Q+0l4qH5YvvoSKkIDAeMRwwGgYDVQQDDBNJZlRfT3Bl
blZQTl9DQV8yMDIxghQFphkK2Y3IeB7mPUsgcrsjFii3rzATBgNVHSUEDDAKBggr
BgEFBQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAKuWspC5nzm6
v8ey5P5F8+OFO2vOGtBfsxzwZ2/uEFUJOyQYIIS33fSCxADg7Ly4RnA7INtwePk7
T+jB3NHCcQ+t7P46qGQ+RBLr/YncTxU57i7MB7GULn/c2oAEUX+Wq9q8I6iE+0KF
zUEaCxlBzTpKryIAWlk8/DuqVO8Ojsa+97/D5Ii2HKcWD3xQGl8MRNOs0SMzquz2
7FuReLSs1oJtoT+TqqfkqRKosDXIabSj/kjPkHsUtM6nQQugSEJ25/aTofx/uH25
NcPV/zHZcZVuhoTwQu2n6HFCYMzsoEVRP2NfmfH55wNlNVzV2LANQubJsL+sy8up
JJZwLg0zyNA=
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqXx+O/4S4sYSGZR2D3aPkABmt43NPzMjwXjWyOZ0wCng2pDQ
WsiMz/qMF7bUJfxp8YVH1n/xqCTzB1Lx7MkCT6Hw+Xn932s0VNgp3NWAi6pbzwAe
OxG6wLBfsfwxuMIaETZ0PZwEosnL8xHD8pFTCRY+hc6aLUzkk8s9Y6IIxrqcTHgC
HJCJ0plgRGAOgaQEYP+w+YNjPs+x1EFjmAam5YWTTyivbD6Ccp4V68TNEXccw/Jw
OKjb0jpXU+3sDPXO22Q5c+IHtxETAkVSxsm0knbNnyvs0dqXOWdkDr0R+r0C94jR
q62HRtRHwBungp872Cgrd4631fjvoIMQYvyyIwIDAQABAoIBAQCZvp7cWPxUzox4
u93k5Q4R+Os0suNu4zsaND3SfIuIDfU1D4yR7b8eow8WK/mCg9ivCNJD2Egk2W/E
Qw/GVglMp4BrLqiHVT5hgL1o4Bv9lgo2WssRlmGsjdIhKL8J9Lmkx5rmkHL8IMZr
tr/jeMS0R4Nr6iCd21S2ZPVJPiFr8z3rzfOMAJXeHLKm/4if/6C4HeUNA24UYJlR
uVFuRcE226NTWqBnWcY6BAiYUAAmZGwaxAzX58prtUIzV/sOxi2sj22aX/gCqpW8
n62rU/L2C6hOdZXf84E2cRLGlndPdSWjFMioADnYn2G7BDJBOOOumv4s2XplLqr3
5uvKqm2hAoGBANYaCknHkwTXLOs3mrStOwWKukllwgFcG/EqMf5W5GRCUPwlWMx2
WSS/bQWrEWlLiAAetlFLgnGrUhQMG7W/LOsv2vP/hBaWGptcNS+AhOSiCte+80U5
vVbCZ7wcBj6MxHXQwWNCV4/PgIokw4TEAv3bFm5WWrWEmYuAnQjDgFppAoGBAMqn
VQx0+cp4utn8sxgwXve5bz8je9D3sitTc8rhjuo/P2Xp/spCt3tK6/KDVwnMi7lb
pGrM/TQYSPY9ug2OT6tpVmXa1D9D5nSWC/WmohubTcx55AMBxbqUHZQW8wR+eopX
x/UwtM5FGocbSeKykvRHOgp3+S6MNQbTSMDvaB6rAoGBAMMJQ7gEMxyku8mmhKr0
Z6DbyGmWZg4BD3841gQAudvPQaEAkIzpfrloHHOea6UE5mZdk+4ooDLWQ1X51cBR
4CR7GrVNXdGJecFvVQ/pvqXcK45v54J3X9DKFd+Zk+KlL064FYNLayKZf1nYtbeb
K7J/Q0bOKaHTomAfkG3sUl+JAoGAFBo3OI4d/TSurFMB3QNnWEF/xI6biKYZeWzE
zrpDN/9gJZbpnFyz4LoU37ChoKo2rgNmMuX0tAc4rZx/6TpVstY3KNFlPoVYxfXg
Z9TIvd5RAFiTAq1ZVOG+cWM5Zhe5xiFhB3R2awO11vMhCCjYpPyvyDwQbsqfs/af
f+v/sxMCgYBUaMDpe945jRiLxT1uhEhBY1xzB1jj3fJWwIugjgz0lKambUl/cpZH
tQZYIM0G36pAhP8xyY8hattlnSZ4i9ljU5DDC6zLNeCXk4EAu4aLiMePMwhq2e3S
qAh3ra9J4mAgrbPtVfqucf1WOSBn8iC9q2gLv1sU51elV+pIWL3L1g==
-----END RSA PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
18fb8f4d5ed7f36d2bdb20cbdf3fbf6a
16f3ab1230f5090a78430196cc7319da
540aa59ef5fbd6ec0bba8fc3135c5916
eb2297da53111bca7b70802e97a0e21b
31e2afc4687b62c8bd65e14f38627eb5
7598ef6c2d4c285dff176c753575fc89
12b6838b85f4f3708c3509f95f8ee05e
fedabd67f15493f64847cfd79dbac018
8ea2a3a0c4dd7334d7f6c29bd0b366ba
42ad7202a68756b2c39acec1b5cac7a4
51a2551dbe4cf22affde87291075443a
bbe008015b4afd3d894bebb25e1247b0
1dab8a4f1a7f38c7f987779098612c16
2c26d71be1dabf288cd71e530dcc465c
7ced7226e3a179c92aab253c00fda59e
d2aa87b70c2dd040810d148dac81bb32
-----END OpenVPN Static key V1-----
</tls-auth>