Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:services:vpn:pppossh:server [2023/03/15 01:45] – [1. Preparation] vgaeteradocs:guide-user:services:vpn:pppossh:server [2023/03/16 12:52] – consolidate variable naming vgaetera
Line 11: Line 11:
 ===== Command-line instructions ===== ===== Command-line instructions =====
 ==== 1. Preparation ==== ==== 1. Preparation ====
-Specify the VPN server configuration parameters+Specify configuration parameters for VPN server.
-Generate client [[docs:guide-user:services:vpn:pppossh:extras#public_key|public key]].+
  
 <code bash> <code bash>
 # Configuration parameters # Configuration parameters
 VPN_PORT="22" VPN_PORT="22"
 +</code>
 +
 +==== 2. Key management ====
 +Generate and exchange [[docs:guide-user:services:vpn:pppossh:start#key_management|keys]] between client and server.
 +Set up key-based authentication.
 +
 +<code bash>
 +# Server private key
 +VPN_KEY="/etc/dropbear/dropbear_ed25519_host_key"
 +
 +# Generate server public key
 +dropbearkey -y -f ${VPN_KEY} \
 +| sed -n -e "/^ssh-\S*\s/p" > sshserver.pub
 +
 +# Client public key
 VPN_PUB="$(cat sshclient.pub)" VPN_PUB="$(cat sshclient.pub)"
  
Line 25: Line 39:
 </code> </code>
  
-==== 2. Firewall ====+==== 3. Firewall ====
 Consider VPN network as private. Consider VPN network as private.
 Assign VPN interface to LAN zone to minimize firewall setup. Assign VPN interface to LAN zone to minimize firewall setup.
Line 47: Line 61:
 </code> </code>
  
-==== 3. VPN service ====+==== 4. VPN service ====
 Configure VPN service. Configure VPN service.
 +Disable password authentication.
  
 <code bash> <code bash>
  • Last modified: 2023/10/29 02:26
  • by vgaetera