adding openvpn scripts

openssl/autocreate_openssl_server_cert.py

@@ -0,0 +1,53 @@
+#!/usr/bin/python 
+"""
+This program automatically  generates SSL Certificates which could 
+be used on a web server to encrypt and serve SSL traffic. This is 
+ideally suited to be packages with a software appliance with admin 
+interface uses SSL and manual generation of SSL certs is not the 
+ideal option. 
+
+Requires: Python, Pexpect
+
+Author: Gourav Shah ([email protected])
+http://www.initcron.org | http://www.initcron.com
+Version: 1.0 
+Date: 22 Feb 2012
+
+"""
+
+import pexpect 
+import os
+child = pexpect.spawn ('openssl genrsa -des3 -out server.key 1024')
+child.expect ('Enter pass phrase for server.key:')
+child.sendline ('12345678')
+child.expect ('Verifying - Enter pass phrase for server.key:')
+child.sendline ('12345678')
+child = pexpect.spawn ('openssl req -new -key server.key -out server.csr')
+child.expect ('Enter pass phrase for server.key:')
+child.sendline ('12345678')
+child.expect ('Country Name .*')
+child.sendline ('')
+child.expect ('State or Province Name')
+child.sendline ('')
+child.expect ('Locality Name')
+child.sendline ('')
+child.expect ('Organization Name')
+child.sendline ('')
+child.expect ('Organizational Unit')
+child.sendline ('')
+child.expect ('Common Name')
+child.sendline ('')
+child.expect ('Email Address')
+child.sendline ('')
+child.expect ('A challenge password')
+child.sendline ('')
+child.expect ('An optional company name')
+child.sendline ('')
+child = pexpect.spawn ('openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt')
+child.expect ('Enter pass phrase for server.key:')
+child.sendline ('12345678')
+os.system ('cp server.key server.key.secure')
+child = pexpect.spawn ('openssl rsa -in server.key.secure -out server.key')
+child.expect ('Enter pass phrase for .*:')
+child.sendline ('12345678')
+

openvpn/generate_client_keys.sh

@@ -0,0 +1,41 @@
+#!/bin/bash 
+#This scripts automates process of creating OpenVPN client keys and emails
+#the keys with windows appliacation and instructions. 
+#run from /etc/openvpn/easy-rsa after creating server cert etc. 
+
+user=
+mailto=
+while getopts 'u:m:' OPTION
+do
+  case $OPTION in
+      u)user="$OPTARG"
+;;
+      m)mailto="$OPTARG"
+;;
+      ?)printf "Usage: %s: [-u username] [-m mailto] args\n" $(basename $0) >&2
+exit 2
+;;
+  esac
+done
+shift $(($OPTIND - 1))
+
+
+  printf 'Username = "%s" specified\n' "$user"
+
+# Create OpenVPN Client Certificates
+#echo "Generating client certificates for the user"
+
+source vars
+./build-key $user
+
+#create zip file to be sent to the user with certificates and configs
+
+mkdir client_keys/openvpn_keys_$user
+cp keys/$user.crt keys/$user.key keys/ca.crt client_keys/openvpn_keys_$user
+cp client.ovpn.template client_keys/openvpn_keys_$user/client.ovpn
+sed -i 's/USERNAME/'$user'/g' client_keys/openvpn_keys_$user/client.ovpn
+cd client_keys && zip -r  openvpn_keys_$useropenvpn_keys_$user.zip openvpn_keys_$user  && cd ..
+
+#send an email to the user with certs, configs and instructions
+echo "Sending autogenerated email to $user"
+mutt -s "Autogenerated: OpenVPN Setup" -a client_keys/openvpn_keys_$useropenvpn_keys_$user.zip -a openvpn-2.0.9-gui-1.0.3-install.exe -- $mailto < howto_setup_openvpn_on_windows.txt

openvpn/howto_setup_openvpn_on_windows.txt

@@ -0,0 +1,15 @@
+1. Install openvpn gui for windows from http://openvpn.se/download.html
+(Installation Package) if not already attached with this email. 
+
+2. Go to Start => All Programs => OpenVPN => OpenVPN Configuration File
+Directory
+Copy all the attached files ( ca.crt,  <NAME>.key, <NAME>.crt,
+client.ovpn) in this directory.
+
+3. Launch  Start => All Programs => OpenVPN => OpenVPN GUI
+
+4. In the taskbar (down right corner), right click on  OpenVPN GUI and
+choose "connect" option.
+
+Thanks
+India Operations