Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:services:vpn:tinc:client [2023/10/29 02:24] – [2. Key management] vgaeteradocs:guide-user:services:vpn:tinc:client [2023/11/03 05:07] – [4. VPN service] vgaetera
Line 32: Line 32:
 <code bash> <code bash>
 # Generate keys # Generate keys
-mkdir -p /etc/tinc/${VPN_IF}/hosts+mkdir -p /etc/tinc/${VPN_IF}
 tinc -n ${VPN_IF} generate-rsa-keys < /dev/null tinc -n ${VPN_IF} generate-rsa-keys < /dev/null
 tinc -n ${VPN_IF} generate-ed25519-keys < /dev/null tinc -n ${VPN_IF} generate-ed25519-keys < /dev/null
-ln -/etc/tinc/${VPN_IF}/ed25519_key.pub \ +VPN_SPUB="$(sed -e "s/^.*\s//" server.pub)" 
-/etc/tinc/${VPN_IF}/hosts/client+VPN_CPUB="$(sed -e "s/^.*\s//" /etc/tinc/${VPN_IF}/ed25519_key.pub)"
 </code> </code>
  
Line 52: Line 52:
 uci set tinc.${VPN_IF}.Interface="${VPN_IF}" uci set tinc.${VPN_IF}.Interface="${VPN_IF}"
 uci set tinc.${VPN_IF}.Name="client" uci set tinc.${VPN_IF}.Name="client"
 +uci set tinc.${VPN_IF}.ConnectTo="server"
 uci -q delete tinc.server uci -q delete tinc.server
 uci set tinc.server="tinc-host" uci set tinc.server="tinc-host"
Line 57: Line 58:
 uci set tinc.server.net="${VPN_IF}" uci set tinc.server.net="${VPN_IF}"
 uci set tinc.server.Name="server" uci set tinc.server.Name="server"
 +uci set tinc.server.PublicKey="1"
 +uci set tinc.server.Ed25519PublicKey="${VPN_SPUB}"
 uci set tinc.server.Address="${VPN_SERV}" uci set tinc.server.Address="${VPN_SERV}"
 uci set tinc.server.Port="${VPN_PORT}" uci set tinc.server.Port="${VPN_PORT}"
Line 66: Line 69:
 uci set tinc.client.net="${VPN_IF}" uci set tinc.client.net="${VPN_IF}"
 uci set tinc.client.Name="client" uci set tinc.client.Name="client"
 +uci set tinc.client.PublicKey="1"
 +uci set tinc.client.Ed25519PublicKey="${VPN_CPUB}"
 uci add_list tinc.client.Subnet="${VPN_ADDR%.*}.2/32" uci add_list tinc.client.Subnet="${VPN_ADDR%.*}.2/32"
 uci add_list tinc.client.Subnet="${VPN_ADDR6%:*}:2/128" uci add_list tinc.client.Subnet="${VPN_ADDR6%:*}:2/128"
  • Last modified: 2023/11/17 09:13
  • by vgaetera