DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th April 2013
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Thanked 9 Times in 8 Posts
Default openvpn for iPhone/Andriod - ovpn file technique

openvpn is available on openbsd and is now available natively on iPhone and Android without the need to jailbreak or other hacks.

If you are using anything other than pre-shared secretes, like rsa keys or certificates, then you need to incorporate the keys and certs INTO THE client's .OVPN FILE ITSELF and then pass the key-cert-incorporated .ovpn file to the device.

The "trick" to this incorporated .ovpn file is to use xml-style open-close tag syntax as show in the following.

Code:
#
# myiphone.ovpn 2013v1
#
tls-client
client
proto udp
dev tun0
nobind
persist-key
persist-tun
verb 3
pull
comp-lzo
reneg-sec 3600
remote myvpn.myserver.ca 1194

ns-cert-type server
key-direction 1
<key>
-----BEGIN PRIVATE KEY-----
<your key stuff here>
-----END PRIVATE KEY-----
</key>

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
<your tls-key stuff here>
-----END OpenVPN Static key V1-----
</tls-auth>

<ca>
-----BEGIN CERTIFICATE-----
<your ca-cert (that signed client cert that follow) stuff>
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
<this cleint's specific cert stuff>
-----END CERTIFICATE-----
</cert>
Works great!

Good luck all.
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 11th April 2013 at 08:30 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Dennis Ritchie: the other man inside your iPhone J65nko News 2 16th October 2011 09:56 PM
Cannot set up OpenVPN guitarscn OpenBSD Security 8 5th October 2009 05:19 PM


All times are GMT. The time now is 01:52 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick