o.open/Office_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Christoph
2018-05-08 03:01:03 +02:00
commit 1c4c595cd6
3256 changed files with 417972 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
CKUBU/openvpn/client-confs/123comics/ca.crt Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIJAOCmM/+DK/WPMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
VlBOLTEyM0NvbWljcy1jYTEWMBQGA1UEKRMNVlBOIDEyM0NvbWljczEhMB8GCSqG
SIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDMxMTAyMTYyOFoXDTQ5
MDMxMTAyMTYyOFowgbExCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN
BgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3Jr
IFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tMTIzQ29taWNzLWNhMRYwFAYDVQQpEw1W
UE4gMTIzQ29taWNzMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGUw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI6ZDkXY0diPbLB91BnCq6
yzxnCn/zp6jHE1D/pHWSRFcitbne4z4n7uHg9rVo+ytwS32KOSqDKUw7nV1SdoGT
29R6Hoy6RV5aub7UD6CeF7ksZ2xd7359PIYedeyBKB/R3TlLo/2w+sW1womyEdpl
USvG3nVYGBL/KFKxIaKUXxzTAPagzBUfzgI0AfVCzOJlRmw7Oin/xmrf7Bp0FQnx
labMu0FVWuKrwvNL0IeQkRvm4zVICFsajjzaWribwKxVZe88iDVCCkizgv9HI7yk
G+YrnZJbYxYvWisv5Gf6yDBfixgRES1itkGHEco4qBjTNfXxc1TvxBQZdHVkes3L
AgMBAAGjggEaMIIBFjAdBgNVHQ4EFgQUYHIe6kctqrNxGDLhMBx3CLHUJBEwgeYG
A1UdIwSB3jCB24AUYHIe6kctqrNxGDLhMBx3CLHUJBGhgbekgbQwgbExCzAJBgNV
BAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE
ChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBW
UE4tMTIzQ29taWNzLWNhMRYwFAYDVQQpEw1WUE4gMTIzQ29taWNzMSEwHwYJKoZI
hvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQDgpjP/gyv1jzAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBqSNHim3BDVX4ptcnhYaw1RNEHq2sWkL6O
m6MLJpwk1BW0ZhKG45/lA8x+FB1npsL9ck/GcTG41UOwCJU3jIKyS5rug7hHAz7t
GShvWEOLnk0Y9veMOM0Iwsqs4d4qeDQZH2RZCnQqjVt5bXRFDGE0X0Lqa04nVXVU
8JThZvjNq19jzEulZwg/x356J/VbNX/gtqddqRHw1j5uvsiAnTjQeDZTLjP3SDOS
vYVjJGF35QyarN0iJpH8TQGeA89EOJyLaQjfd+MG05cDYHo44brJgc26rJRp5QCa
cp2h9ajosKcIhk1lrY+kLf/XiwYDZ3TyhYhqoM998XggUuinF1r9
-----END CERTIFICATE-----

138
CKUBU/openvpn/client-confs/123comics/client.conf Normal file
View File

@ -0,0 +1,138 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 123.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/123comics/ca.crt
cert /etc/openvpn/client-confs/123comics/gw-ckubu.crt
key /etc/openvpn/client-confs/123comics/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/123comics/ta.key 1
status /var/log/openvpn/status-123comics.log
log /var/log/openvpn/123comics.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

98
CKUBU/openvpn/client-confs/123comics/gw-ckubu.crt Normal file
View File

@ -0,0 +1,98 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-123Comics-ca/name=VPN 123Comics/emailAddress=ckubu-adm@oopen.de
Validity
Not Before: Mar 27 01:22:52 2017 GMT
Not After : Mar 27 01:22:52 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-123Comics-gw-ckubu/name=VPN 123Comics/emailAddress=ckubu-adm@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d6:4a:11:c9:92:5d:41:10:43:41:f9:d0:31:82:
47:6f:9c:10:dd:f2:2d:c1:14:0a:56:6a:82:54:01:
7c:7c:aa:ec:13:c9:26:c1:38:cb:f5:ae:3c:c2:1f:
f0:88:ba:7b:84:e1:ce:bf:40:54:a2:87:40:49:e7:
4e:e0:5c:1a:e5:cb:a5:37:73:99:5f:f2:ed:38:c1:
a5:10:72:8a:10:3d:d6:41:dc:a5:e3:28:f1:2b:b0:
6b:0a:f2:4a:9a:be:15:07:e1:0d:40:69:e2:53:b4:
1e:1e:32:fe:1c:65:4f:38:d5:e8:a1:38:eb:fa:8a:
46:2e:e3:2d:ed:be:1e:e9:5a:c9:62:e3:59:f2:28:
fc:28:c0:9e:ee:8a:12:73:d2:a2:be:6d:41:eb:f1:
85:29:2e:3e:cd:73:ba:37:a0:eb:cf:a3:04:29:db:
79:5f:9b:a8:80:e9:ec:80:94:6a:8e:83:5f:bd:9d:
02:20:27:0b:00:1d:17:3d:50:71:a2:b8:fd:92:c8:
f8:db:a1:1d:98:43:3a:d9:b0:66:0d:ce:62:26:a6:
e2:cb:92:04:de:9d:1c:ea:5a:3b:53:10:a8:36:4c:
b7:07:37:da:aa:01:9a:a9:98:37:b1:23:b2:19:a7:
e7:40:20:09:0b:e8:b1:5c:87:66:05:27:90:a8:a1:
fd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
88:EE:C2:37:75:7A:6F:00:9C:EF:11:64:CD:08:96:0A:45:18:63:1B
X509v3 Authority Key Identifier:
keyid:60:72:1E:EA:47:2D:AA:B3:71:18:32:E1:30:1C:77:08:B1:D4:24:11
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-123Comics-ca/name=VPN 123Comics/emailAddress=ckubu-adm@oopen.de
serial:E0:A6:33:FF:83:2B:F5:8F
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:gw-ckubu
Signature Algorithm: sha256WithRSAEncryption
66:20:ee:15:bf:c7:8e:47:40:4c:1b:6e:b6:c9:82:53:a9:67:
52:51:f1:38:c0:b8:19:90:c2:40:49:2e:b4:27:d3:b8:0f:4a:
a2:cc:0b:5b:5a:34:07:aa:32:3e:7f:bf:1d:75:5a:69:19:7f:
37:a7:89:dd:6d:c5:8c:6a:68:c7:c7:e3:96:83:cc:26:b1:86:
a9:02:07:6c:f1:52:9a:0a:00:b2:39:9b:b2:6b:3b:01:97:9e:
02:53:28:07:0f:3d:77:24:3e:69:98:aa:28:99:ac:fa:18:06:
a2:ae:c5:ca:b5:3f:4b:ab:30:db:65:99:95:55:52:1e:a4:b4:
c6:94:eb:b5:66:ef:2c:7e:5d:cd:0c:0d:be:9d:8e:79:46:90:
50:5e:29:99:36:c8:9d:83:5f:d9:da:3d:e9:56:17:2e:0c:8c:
57:84:2c:75:92:5f:ac:69:58:59:db:2d:d8:e6:c8:e8:b4:74:
c7:b5:33:a5:95:cc:8f:0f:f6:c1:73:4e:40:4b:a3:a1:60:40:
d8:2a:2d:87:84:d5:77:35:37:d0:b7:8e:e7:31:01:8e:cf:03:
9e:80:3c:25:0e:83:63:34:e7:5e:4e:1f:c6:d6:6f:da:96:b8:
c0:9d:fd:d5:57:84:98:9d:28:f7:ca:9d:c5:1b:87:03:4a:46:
60:94:02:18
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi0xMjND
b21pY3MtY2ExFjAUBgNVBCkTDVZQTiAxMjNDb21pY3MxITAfBgkqhkiG9w0BCQEW
EmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xNzAzMjcwMTIyNTJaFw0zNzAzMjcwMTIy
NTJaMIG3MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZC
ZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNl
czEfMB0GA1UEAxMWVlBOLTEyM0NvbWljcy1ndy1ja3VidTEWMBQGA1UEKRMNVlBO
IDEyM0NvbWljczEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1koRyZJdQRBDQfnQMYJHb5wQ
3fItwRQKVmqCVAF8fKrsE8kmwTjL9a48wh/wiLp7hOHOv0BUoodASedO4Fwa5cul
N3OZX/LtOMGlEHKKED3WQdyl4yjxK7BrCvJKmr4VB+ENQGniU7QeHjL+HGVPONXo
oTjr+opGLuMt7b4e6VrJYuNZ8ij8KMCe7ooSc9Kivm1B6/GFKS4+zXO6N6Drz6ME
Kdt5X5uogOnsgJRqjoNfvZ0CICcLAB0XPVBxorj9ksj426EdmEM62bBmDc5iJqbi
y5IE3p0c6lo7UxCoNky3BzfaqgGaqZg3sSOyGafnQCAJC+ixXIdmBSeQqKH9PQID
AQABo4IBfTCCAXkwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0Eg
R2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSI7sI3dXpvAJzvEWTNCJYK
RRhjGzCB5gYDVR0jBIHeMIHbgBRgch7qRy2qs3EYMuEwHHcIsdQkEaGBt6SBtDCB
sTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGlu
MQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAX
BgNVBAMTEFZQTi0xMjNDb21pY3MtY2ExFjAUBgNVBCkTDVZQTiAxMjNDb21pY3Mx
ITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJAOCmM/+DK/WPMBMG
A1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNVHREEDDAKgghndy1j
a3VidTANBgkqhkiG9w0BAQsFAAOCAQEAZiDuFb/HjkdATBtutsmCU6lnUlHxOMC4
GZDCQEkutCfTuA9KoswLW1o0B6oyPn+/HXVaaRl/N6eJ3W3FjGpox8fjloPMJrGG
qQIHbPFSmgoAsjmbsms7AZeeAlMoBw89dyQ+aZiqKJms+hgGoq7FyrU/S6sw22WZ
lVVSHqS0xpTrtWbvLH5dzQwNvp2OeUaQUF4pmTbInYNf2do96VYXLgyMV4QsdZJf
rGlYWdst2ObI6LR0x7UzpZXMjw/2wXNOQEujoWBA2Coth4TVdzU30LeO5zEBjs8D
noA8JQ6DYzTnXk4fxtZv2pa4wJ391VeEmJ0o98qdxRuHA0pGYJQCGA==
-----END CERTIFICATE-----

30
CKUBU/openvpn/client-confs/123comics/gw-ckubu.key Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIUPPvb55y11ACAggA
MBQGCCqGSIb3DQMHBAjjOqpaPsnUowSCBMiALIvfB2vXtETRZxybvvubeJLEp5eA
qkQ7cdy331ti8XJ6fkHcU3mBQwbBDD5KSDBLRnRU8LegMWvRTKGjQ8lRGCULTvxI
sr3HuR5omwXUMVwRLWTht++I1IIYoIwwnVU9/7vMy3nJPixP3OKRGwkmv5IedCvc
5a/KqJuc+ezRVjQ8/Dl8fs+VRefd5Tmh3TYROu1vuV0pQaT33ceXDVJqZ2B+dmoT
AHFE3FUex60YlXt5iUhdGWzItdeXnI5tDMnoFcAtCPbBAB7DhynqfEn7dlaxrCrH
4POq5KvMUu5/sXlQoZR+SvkOx7Z3JNTYj/PL0OpM8tXJFvc5nT733iVcNjyauLhf
rcXqnih6MUrWYaBAfL4od6/ne27vqriKwtFUfASTqlW8pN4uESbngXx2Ww5CqM7+
K7Hz3XDF04Y92YBndBr1ZTUiFbypO5PjygZz8Jeia6RYXLUU+6kO/VQ4WsnbGep1
ftQGc5tNhwEwJC+tacFzPdd6hRnosGSs9jhHk7v8CY58V2wBcgXxBDgVZeHbp2bL
9lJmyohvZ/nzxmb99TxD6j154OqC+4cJLze5AG2AO5QmrNhMcFt+mEIxL1uiBU77
SHe+konUZuAH67UPR5oJm1x7KmGjYOmdeke3wgkFKUIRCQ04OikOvUkIJB5mO2D0
uoG6caj/KQQdweqhOMELoOj/GDQhxNCtD4Zx8LhKDz4VL/c5+s23oJX/pALuDlNs
JpxI/v6gkxVLIZwyxhNVxKFNYEMERmxN6GePdPki0iEDGRRuSjat3xnMh0N+Yp2f
N3lNDNoBfZRuBcgugF70O7P38tQXgEZF8tECwRHogmCDDSSOw4DbvbBSVdMhlMIF
oUmNKqSyGKIONwsvCYHSKJ37DDIyvi/nEbSLHy+HRQ7/foM0nwnmxrgUk17VVknK
RUqob0PeSFBMsjVV6kDrTHj2uiRYq5qD5bRh9hCKOWCdk0WgRspjUlBm4Yw1sTan
/Zakk8MAyIl3dOrwnaTuiiYVFi2mIWwRSrjV0wYriGypez5LdVew01ISx/tqudzC
6XvwMcNFeM0bzIT8PJI0g9b8JZrDGk8UbMIw0AfV1jakzZoDUNcv9BQHNGxcdcLN
TFNY6BiTgAAsZvaapUU+oRqPB6UHubbfmRAfX2AzrctucYtVNZTNExytM85qslPF
ZE4dx+yJ/irUzenP5ABVobpbvriX78d6hiuRHiAqbO90Co9nBffwDQnZptSdXRGT
+aubzGluIA0piOyW3r2s4KGRH+2s5TqHeW3WoTJTJuFlGB2lqn/Ieg0xl9Xy6rNp
31oh/n8K6XjqIl1k7NWjLq++gzkoRyidZjvjzkKGkCEqfbZvE31m9LQ3ntxAsMgs
WWXfWz+O9INtN2YzcVEDPNvbNA31FdtUs5nLVO5KPut2Rl/po2d8m+5WTdgQkpmm
8x2IA7ZEUyYXKmFa0nFEZ7H2XhRizk4jfr0eQyx43nfXab7s7L2wy5IAxpksO54P
H0VNIaaADeV/4PdbHODB4zOrrYEigUeMBVJaiZAyjvC1u1mLEtFkajWwBMaqgWA0
0A31VtMvPn8b8lEhQhirgcJzHK/550hkEAgm5kmiWe8ZoLCw0Ej8Dofr5HA/GuZg
mNs=
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/123comics/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
92f8950e3eeb9728413080949bac24e9
d84bc4e08de921cb7c64250dbbe03d9c
27040263bc8d4c035bb5f5d7b6445cd7
ac017ce7ab6830264b1246289401cfc4
84e6173530cc4e602cfac0d736e7633e
54314d44704842dab40b638bd9860bec
a770067ee4aa7d35ed085359f0ac6370
ec85b7a1eddd369eca7b9aad36651484
1836322e2d1dd5dc1b405f042f19c9b4
9857030d1d37880f26a17c9e7eb9cb50
97e7927acdd974d34f1eb57b3d4c1dad
ad3bb0380b80b673508022c3895bb6d2
9b9f1b3b4b3ecb9155523799708032bd
c3172244a5f639bc8dd1d94c1197e0b1
94f69490aee75ba48ae63b442119918a
707bfc5c40ae6ebfe6fe3f93f311a924
-----END OpenVPN Static key V1-----

257
CKUBU/openvpn/client-confs/ak/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,257 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-ak.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIGxjCCBK6gAwIBAgIJALRp90TzgA00MA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEPMA0GA1UEAxMG
VlBOLUFLMQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
cGVuLmRlMCAXDTE4MDIwNjEyNDAwN1oYDzIwNTAwMjA2MTI0MDA3WjCBnDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMT
BlZQTi1BSzEPMA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
b3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMNalpNk0cB
wPdZemz4r4TIhtRSxZEEg9yhTRo9LdMa6oNo1gpg3/60n9nBtA0cDnllx7Z37PvC
Pg4RJksrB2ZYOB3oSo8LoMzlA0lZl4AMKnxau1ZJI8OB9Ia+6uJxBnpwVULsL4sx
ds9pHsnXU74UWgdZPAHsfWhogMtk8TsikLFv7P6oxg3fXeVriWP/SUETTWHgSD3x
gPsnrcGqlCPcfb/mH5SU+v+ge+iue0BXe/1OZkJDHdj5vLZ4MiUCiVVslX36uqti
sI3Jt2OyF9XQwu5wms3ioW3XydpPmbisRuI7qrTdnmT1iVhbk29eQK/yHrXvuuXQ
i6PQAirBtMYD8tx5FbMJ6ueDcm0jTVedfHtdkWkBY84bBnecF7ys000fDzJs1YH2
SP3cb0KbREG2RE5BE1OgUgg8odbJ7/K+Tp0VKEbJAZCwpaw+qAU9xfH3pDoSX+iD
N+SXxnjSpamwGYmx+PGpwIe3RnlEx8XUcMbEBq5grq7aR7tYd5qh1NKTUKleGucD
1izZeGLLkh81Gpx+KFXNm7lk3WDx3dqUXc3tJgpZsZJc3VI3UjO5WaYlrdTc6IQs
3rD0rOGrETI/utLQI9PNFSis00h2LmcPVnEL0N/W71kHeOuytr1Tg1FyFGY7Wbth
bei4c14kNkVUk1Ncfl07pMR+/i9yee3DAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQU
EHXXKayMfThSNCInVWJK275Iub8wgdEGA1UdIwSByTCBxoAUEHXXKayMfThSNCIn
VWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3
b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkTBlZQTiBBSzEd
MBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84ANNDAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBIgCBt6v6t2HSqwkLKjgR1c2cDViPe
WmX8E8maqaDIUopyvNzsZCXjqZ1RNnIHgFKZyZqXSzXRGHbUiohJ4WkkOy+QV64L
/LUizsZkMJasjYQgcDcXu5sN9mIzGW6C5myjwtSYBWITPxLsedOQLIhYulLrCBa0
A/gs/gfODm0opsCOuvQn33psUyLda/k9BE/9EHmOg37IRh/rQi3dyQaW2DGfCgZc
GSIMsxobp4QbdUTJyyIoJW/ZK20Mam+IWNhptqCX/SXlx0pzakkdAulwMtUCPwyD
8IJEy5ST+qBoctg1mSLts14ZYM63NRYKPfnSUN1JfQE5Sl624c8koVJcKjFnPdII
cFwo9R+SQFDfTva/xRC8Ydwp1C8V+wnXtM9B1aigule5MXe8CQE4PZjG1Bh7992x
GcKGBCWR/8JmfipvH4EJ9brS4ZsQ5snfJImBtmmVxSjXn1aE77UYNEp8GF2vW8CV
7j+neVQtQdA16tXYH4bWy4MCpVCuoBj2ffTkN/5cp9xWHt9D1w73LxXHMEWoQojF
cOeUda1VSwR17SiEy/lo3mRnWoT6AzLVwYzVQg0W8dc9wPcJ2EiVzQu6ccs2gIJV
RtdV9iX+oAkwK3/lPB68LvfMEw3Qcy3OY9DmjZNajlv8HCTirBuGNaUwR6pZGqiG
JN2zjAizahwZgQ==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1BSzEP
MA0GA1UEKRMGVlBOIEFLMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
Fw0xODAyMDYxMzM2NTRaFw0zODAyMDYxMzM2NTRaMIGlMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMPVlBOLUFLLWd3
LWNrdWJ1MQ8wDQYDVQQpEwZWUE4gQUsxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
cGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1iJXRCsnhrkw
vrvWg11+tAy89uYWXSt5lDxBVwuqoTEacmhnhfOT9yEDQys1jSm8u4FET2UUzI9g
SNYFigYnKoVjjKKxGtlK2Bt9qgu36WlfzlnqNiKvUO2aHnxNwRNvI7b4YI2/uk3V
gZAAQdH4DiR0rFSDNmBKyvMQKP6ix1dy4+riACIP22n/bltEp9KmYkoU5XomS+DM
Fqd5wvCt/A18n3x5Ijw1Z8EGz7YCzMqGrt2HA+zRL8r0d//DS3KfHrZH+5qrrrbl
j8aHydvklLxDqqn+ZgbxKIRjOJ+DXG3MbGvk4gaUj/+fR5nfoBDxIxlA2wn+hXAX
v6r/eVSPPs6kGqYLNJsw8qjtuG89PggyhkuNsCoOLY/JvtXMRzadcz3RIS5nnwQe
EoLDtn+E9NbQlrj9XyKYbzCW2EMJANoNmHsCW/IZ0aKhd7C7lMNxaYGARAssNo+r
gUXj1bUbJQBpHZOJj4AZV9um1YM4ef9v9hb0slYolHw6YS1ys3Ur38+/005gVFtR
daFQLsUXvLavCALJRuWfFv6k6Vp/HyDlRiwL3kDCsy+ul+ll9DC42rMb6y7WxAnK
7lN6I5mWLkL7aWY4Qj9Fa+OeavGweSSYOaEzGHhNulQ9pIsw9f3XEKGh1XhSojpK
hHM40wuTmGMwb53GhX5jB3UPijMdbgECAwEAAaOCAWgwggFkMAkGA1UdEwQCMAAw
LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
BgNVHQ4EFgQUBYLo1mtxM1jb3ogF+1KEvfNNZDowgdEGA1UdIwSByTCBxoAUEHXX
KayMfThSNCInVWJK275Iub+hgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
EwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYD
VQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tQUsxDzANBgNVBCkT
BlZQTiBBSzEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQC0afdE84AN
NDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoII
Z3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAHe1NvTTAE32RzjFyUZz72suEVrk
OChnbtlokfhencfOZ+241jMswpg5aQDA2jY+lmEQW5tK4N+2hglTFHM4gW4b362b
rJFEe0fCMl3r/cqdmZbDNXSm9xR7pSoIWt/2vo4ucZQzQEqN6CXA0/rOx84yPDj+
UFHqvoOAAUbdBZOWqZ4Q+Qni5Y4QmUsGWaoK3LApKSEdfNxiKZkNZ6joWkjJiE45
pdYd5qeUR1plixNhl5dITH0VfeM+85IXS6y9Tm4kb6tbLPO7KPu9vF/7UD0+Z+zM
hA8nDu4CjQtN3aSq6Hazi17lDbjpYEWid2LQ0Epvh0c8PHcdNzpf3343/+fun+qH
xKcEM/7BzyHtVaqPMRqLIMVx4+jAN2k9Lj7oswzTZa526G85kStfwZ5EzuHZ+53s
2cH6ado+SZDbV2agrcjPri3Bmve36Ed0jLcAA0KcNVOKGfUuY/UR08j/0NbG12ZZ
IZACPxtIiRcd97cvPXJIxn60LqvBkiRX9rRWA0se//hkCEbUC/w9YekDzDtKU5vw
JdHjdPVX1NZgXOWom9lUFmWTzeTWC81iAG/YNw271yZ5be8RysAhx+u8ql5AuHL3
tRsHj1TUbdBINePBvWexL2XdddojjwC3h42N7AvnMNW7ukSxzCog9eGxXmhKkTt9
En3pD1oBbG67z5tL
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI62QkbYGv0EYCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM5hsq05gmbkBIIJSJV6xZtsAe56
teLN4Bl1fR+qUAfmKm3q94RgI1f9Rc4MpBf64b61IgkVWnQ4ec4CAPnhe2FeUExh
HGRoeBWR88WaTgNBo6+VUhTCYPAelLvGjhG9TUjn4sigSU3/nQos9NTEMiZjv4+j
zQxhAxcdjWHOtUkScKz9EDAmU5EAais87VSg4a0AORgHNp88SOdTf56EqzZ5nh06
NQwiUN4zlrTs2X3mnL9Xx9OPqkha4Ij2efr7eKN9Oex/IpQndH/5AUpNcjfn1sQw
pokSOQK85AulhRVD9BMD+PTVsOy7xIrQkusv80NsZyqdCAGZLaRzw1aQv5tTLsD+
pukAzv8rdaFX+k3+Pa3IZbjDGibPTw6Jy+2RY1XEOn7KD/PaULhWnNqioWG93Prh
ShsAYUeAJaAmiY61D5ORiHVw0D3lUwBjuENd8AQ+y6ofIpdMnsJGzyfomswxSpz9
CjwXUgdd99A+eeS/IDzDVECeAM0X/ugJ/gILa3ntK/DVVjap5UfCch6wpYnCYoIc
p3aRYc5TeMR1U1DDrWt9c/4hB22dn5On0mSyC0K/eYdFYqZq+jDCNkMbvGRqFfCl
qUP+SO+h6miAjakBymIZ/X4i82PucHqC+HXvcYbY4LttKEsztl+WcK8qXWxhgljv
8dJLEqD6l4FmcdP1CCIpnMnYmjJLVmOVxhusWnSsbj9se55nL+mjtOCdWCMlAMr1
06sz34Ujq1lfsB7nn+z7O+1ZuMU3qcgPigHXQYJRwpD+eCCUsKbKAPvCHqZxjtOR
k9eDTQvJMsHFA0TCQ1sMPFhuMAkH+ZhW5Fn1Qguc52aG5oT+ABjhvtN1qKQhhu88
AwfAPME60+1rmUwu75OZ22lDBVCmqu1MHQEtI7QoJqIXP9fY8bZk9XjgrqzYeQqV
ls5DVJ48uY9BoMHYNFCwnSVmMFHIVPySSjZNN7LoEICevbr1iL3la8BtGaEFPo6V
0u+xZMDB8uRoX4sc/yBavu85FWUEKP3P/IZ0Q7qhVd27Y+gZqGqm4HZ6SWMNx3qv
zNfnfx8ChYWhMbZOAuurEJ/ge0lN5pHJQYPaHJ7J5UIXHclAXPKUJXiSam6XiIyo
NAlxHvHItk5xnvgqq0m5jRkyhU+LcPplee7AIFptpk1Snrxv7weofqrUrRP0XPMr
YUxQHbqq+P1XDJQzS/fk/CE3hvwoIPTcnsazvaymaMCN4f+yAIkIur26FoN1Egz0
ed9zMuE/Q+Uy2wctVDf7ckcAvUJVmQO8ZeM81JO8qak424so9K+VK/1c5+nmwPx+
HbzSzGCLvT/AsAsgAWuSnqSpfNkK78YHsZ0166CZgsuUxbr2QncU88m4u+nxvPhV
88MTibkCopYa0fLgrdmM0KbgY0wCGBmMIgrSd77kKuKZuqtKKPvPClK8XeI5I1Kg
vaeZslPTCFJQAmABLcbtZi5GejUlh3zxPXWwr0xHWt9QMxqXIbKz9w98ZVxB6JgG
dc2eXN6Y53GWS2rPMCj57JnJzSOY7cH3mUcEAn8sZj3tfnhvjyjrLoVW6DS9DxH6
+hrYeEH2SB4VFo9LAkQf8nXGmf6Drc2CuHBggdL6E7eiqJwpFxJyWZF9cAyUIKNY
3QGe01nD7/FJ2OdQ3TewwJdO6VM9MCacCg5Tu3CCaBn/ROMDeJ6waxCAaWC0a3ye
/qF72uUPBnGmepCL8UNty5EHGJEQdLsFUqcz6esBd5QsJQFd4a6Dj+6dygHA5pFS
imsM3CvEucQLinv14T2MlSfEHGKG838XcNz45z55C6LRWmDo8YhGJpyWLTRanOPO
YgzRW64jjoowmCOYN+dHMu2N8TuHJaGtNywwzJS/hAmGywn8nQjm2hBBgmzbP4Z9
mv/j3sym/S43HLgoxFXdyy+A4mWhC6DYyqctC5stUb7LWhDDH1q3/vIpbGzNOlIU
64RU7tnb73tfNAvP27wok1Y5QulkrcgmGhT1mEXC2Dmd6UNU53cPKC2L9mSYwpLY
oI0S5LrNfvcJbv1T+Q+6tl4JOviv9c1pxHrGU5QiUC9iWHQAqABewDQcvZHCgkv3
n1GU2n/Cw3FJN5VKZvsEsL3uLt0iPNsq+gXt1O1+72vnsU9WGb3cLpei+69NaWC2
Y1eYROJUwvISYh5Fj3AbQHkeaoMBnlD65MtCC27e4wQ08f1WK9yqD9RuF0/AyoMq
eKuacUkDdRsGtv/EPw+2Y4TVZU8NCx/bklwzfti9d5Gvl13dVKH2rNxNzfU2uwN9
VMylBtSPKy0M7mIneZmpAFRDUzcVAV/+1u8khfWG0L6AX9jD3m/9/kKZIsVRuxLP
RW8OcSkZ38Y8LachhEToEyr1s0iPWOa2Uo6/nPpBswk8yI5CGETSvsL0+imcnykU
GJJGLNRg8QZRAXzB/CadLZ2YLSp+VbwY1RI9MUnOIQy4nDJYmqtrlFtFlbkgYign
eI6NycS8iTSQkGJHJCxftPW5HU/rOFoVmDkdpZ8lMBJsjqsrWxuMhZdYhd12SYRz
c8MUarMyTCNYOA/U3avP3wcMWlIBGXnDhCSJWuP4TgekL8YeXIZlpqfLNSbjjzjK
Qjr1QWrFcheKFtcN+RwxjmEH9VIx/Gl+j39GKjuVE6qFv8ydf5pO6hNlpUhdPwbw
AfnY26813nPRQszCSKXgT6ZzLExlOdGEtcsLdVgNhqTG/YLSOWOzLogqbbIGBXrP
iDenjXgL+KWWVx68rLIkX6uXp7ECyJuIzHdA4rz4BJ2E8N07RWIB4UIJqDkb+SmB
uBjHA/lnnF1NgTaF1YfGTBYJBh9A5De0lWs7f/4FBuQ6cudLHw1TWFzXNYrBUvIi
JVi3wm1MZYiLz5uWvf4hqS6kuxtHlkxmZeOjawxyNAaESesM3LiuGNa4wlAdLqrb
Re9jzz6n7OyL+7NEjpDgxS7kx2UjgZfrH3+FhGAGJaaqfeC1Gz21jXNc4S+zHxP2
Qt3/qm027TN1TARpTxDK4eGRFgOLyDbb+8aeaywjcqUWRN5tWutFNavSn/Amgugh
mSxJJvyf0WKnh6cbX5mGQFzKiaAqz22IgtcSovZt0K13KR6IExQZW1N2QbpchjWM
NFwD7jxGsOPeukul9fpANrZk+qXZqjSX58bEbMax+th1WNpnEqG470FvcJv8z72e
6YP6NW+YmJhshYOCv/q6Ng==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
9b6729c5c91b466a2bf7a494c2773f66
6f580c49cf669c267b408d4e69b47554
eb9a77dc00111f2ffb3be09c38a34c29
441ed188e45a20a0bc31e28f0740ee28
10a36049da14f04a4efdfbfc15e492c4
e8c6cc0e07b5ad43f8a7f9685edf07cc
3764e44b091a1277195ff52cad66574b
b9396a38e10445255a387a4c510ad5c9
9376d6cfe2aee6b4970faadbe8b4b581
cd01a751bd07d53d984cdbd82c357820
0251066db57e5863fc96e6ccc4ac9ebf
b06231f21e93d1934a9ed0352ff0d3cc
e1fc4269821572b858b3461c4eacacd0
0eb309b692e49ea3cd9683ff4ae85161
790f3ff5bc0d7dba51015e182d88a09c
9389557003a462a4c57467320c9913a8
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

257
CKUBU/openvpn/client-confs/akb/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,257 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-akb.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIGzDCCBLSgAwIBAgIJAJ2nraWZ6Z+uMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMH
VlBOLUFLQjEQMA4GA1UEKRMHVlBOIEFLQjEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGUwIBcNMTgwMjA1MjAzMDM3WhgPMjA1MDAyMDUyMDMwMzdaMIGeMQsw
CQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzAN
BgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UE
AxMHVlBOLUFLQjEQMA4GA1UEKRMHVlBOIEFLQjEdMBsGCSqGSIb3DQEJARYOYXJn
dXNAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDU3ELr
25xiRgZY6TlrEyKW4z26lI0B/f3q4NcgbZee+6XMU4mLyfbxMDowyfxs1QdhmVZX
H4aFhfpge25w4V4XEgslYHV4Tx6fN9jlA5EAwusByayiq2YZ/ZrAqsaSK25atH/E
US3tS/bthj4Tt1DGSmXJzVP2d89vDbfdk82lKTBdtlfbnL+zLG8NmL1NHeAGel+B
kjHRMXo8m+04Zcq6xykBQZ2/lfS1jhqCUygCyub3moHTCTVmkfbKm9qWrqBMVTbn
c5ld3G2TTjuRYVsYGzgnFHPrHtqMFgJOYgS5CIZ2mTsYgAaREt4IPDu5oIC+oe4X
iErcIJoCO1NEsuHkuchvWhqRoSaqVOT1bRdVc+v/pfVkRVBb+VOeVQUG78LHRpDx
LMx48QtN2P0HY2mdQK1FWZetFo0ncJvmjnFWqV3ZdWwWJmeXGCU+pNmokcP2wn6b
zJ9lhtntS5IWqlAWUIUfJEXL+FbRbCCFG5reKcdSoNHFBewvcRfg5wPz6cMQDHXd
B03168HJSVb8mB76bmBmc+zsLIFoCm7kepm+uzpY0//Uz0WXXXg6OI/zhBSECng6
hamvri9k6uAeoyVjKJVpG2tALMmYcC2ygxYuFi5mbYg41eAMfBwAtK6sWdLy99qz
sLWze8fwl8wHJhfHlLTQrLpMz0lpnjDtVOyP1wIDAQABo4IBBzCCAQMwHQYDVR0O
BBYEFHxCgucD6wWX5p49FMX/rCWhuAzoMIHTBgNVHSMEgcswgciAFHxCgucD6wWX
5p49FMX/rCWhuAzooYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQ
TmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLUFLQjEQMA4GA1UEKRMHVlBO
IEFLQjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCdp62lmemfrjAM
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBwmgxFIhkxilpGef3bjiAH
yyP78nFOtrQb0lb640pySl07F/2xHTYOPb/TECNzQR8no9aNGZHQlvwEdgLdIrDE
I96AwMfhvVqducsXtR7xjX5YV1Dpa7Yqvt10teuhuPtnXV/ClNaNnFMAlJtnw6bs
+6cGDATRmizu/lZiHnuzG/ANr9AtMOp5R1yw3vPn/Fx6lQ/M4sKxJg0FrJDMvhDh
sFbHA2T+u1Ke7z4BjSFAWb2tTDWfcffBuQhLRYdG0R3RgsZIVP9dtrdrKRAsdIHC
FxL9IHr4mlS3VHqtcyXxFlVhOZsQ5KVt4hFUPgMzIEnFq+T+Q9YXnYM72g1An9d1
+Y5YBkhPZONrmUE2zDjdk4bSy58h9xdSCAyziRvKomtrqx0CDOTJyTqPYjWsLCFu
xer7bvoWGw1bfC2+5TgcLlCqRtGbgeCj3NJ9xHcv5ZP4PVC5VhmewYJFsDiDEfw7
GOc8y5liXX/+YoJjEHrPwMS/QN7mDH60JdXngm7BafQa29mw3GQXwWlLvfFekMXe
DtkRyz0a0FsplnwOScDCsuA0RrJD8T/iUNW6ecdXwwFY5vl8/NhZx2wBnchsBO+z
/Aw8kwc9X87NVqIrJVh2i4UWBo/bAlKSTHY2/i+IeMZf2oXhc6yyleXk6jbZ4b2t
KIajjnXU5P26nFWLP8IiIA==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHLjCCBRagAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEDAOBgNVBAMTB1ZQTi1BS0Ix
EDAOBgNVBCkTB1ZQTiBBS0IxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRl
MB4XDTE4MDIwNTIwNTQ1NVoXDTM4MDIwNTIwNTQ1NVowgacxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5v
cGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tQUtC
LWd3LWNrdWJ1MRAwDgYDVQQpEwdWUE4gQUtCMR0wGwYJKoZIhvcNAQkBFg5hcmd1
c0Bvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKpSg7Om
QQO8vMdmYcgOqYwpz3BSRDDjQJSnKwlNXanVLR8t5ZJQtJKLqUsKo8CC2jyBZQrN
kusVwz5ecKbuyDPnDhl4ra6mCWTQnxKhUX2e9DtK7W0gc8HZ8TAa9tJt2tcKpX7S
MNeEwYETPhQk9rUUxxkynIfr38n8nodyVdtFo/nhhlsqyZO4UHLPhC5Op/lPPvzh
Ioz/I66GquHcwX+bfszWlOw3DJeAXw+qPMyjpOzQbsAzqEXHgDY84/4G+safqD2Z
l4UsoAIbEpdSmHF+blkiuXllT9cZ7l3RIxP4pC4c+NoWZFe5Uve6dv11TdREAzhi
PFI1og3c5wGIRbt757687oJ48Ou7w+MKfoGB/ErjrSrItX8CEMO3u17hgQzzGZ/u
iK/zSR0jTUuTnf2hFByXnR89YqXrEWg5Uch755cZPXzx2phniffQndNzTJcPJOr+
LpxpndzInEqC31Q8ZDUgQ/1Xv0or6ePzpTuxt9VKiA16Zn83RzO8ZIR60lO1+VQP
Uxc+oeZLp+AfbHBHO/yqNws0V4vYOo1XtUN/Uj3jFkYnfcaH0iQTXIR/aGUz6rMO
tuA5e3Y9i8qBpwnDQrG7RlBtOr1Nrrue15yTaEhPHKzBpBYWhbsIyJuBwBdxh96X
QkBgEyKRTYUAge0VS3DD9dkdLgsbst1Ed1ppAgMBAAGjggFqMIIBZjAJBgNVHRME
AjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNh
dGUwHQYDVR0OBBYEFOK0KTR2vda8ZJ/b0eqc0wAVmCA3MIHTBgNVHSMEgcswgciA
FHxCgucD6wWX5p49FMX/rCWhuAzooYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0G
A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZ
MBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLUFLQjEQMA4G
A1UEKRMHVlBOIEFLQjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCd
p62lmemfrjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0R
BAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBABfYhzlm8VjYvuZwySkA
9mR1xblTWn/E/d8r0BR8E1ra9bi5jGqYrIzyoCNNFdL0yjvXGNHZIwN0sn22LlC1
1ikhaWV3WcQhtAT91NJfcXr2tk8xOhmIeGlmHBPW8VwwLjl/6WnUEK0PB7skYjq9
iS+ftC5lFNXFCvaJpReC0HGEoo8nf17PKoktzKFWNb0m6UtS8i8QmHcm+SpqHW7b
kbgGioVYbPrkjpySFigQVu3E4Siu2MO2Z9O8y7kutXzwhCom5zBPAkUrvYchl+IX
AXF3MY/dFaxMezt+SubuTWpvH2cbxdfEusNFbG/bC5NywR+0wAKiM/gySb+TfeB+
0NPEQSDYm6stuTCrC8bu20CevLnQhzI5QsBDi3xc+I0g0aER7uJCQ5ajUtjpM8qy
0Toph7IEzQP1JQnsroNlbdI4QI1anACziCYgToYTvLaDaUulMpzGOKMiP6lXDUfy
nggOubzmWcei6syfxWizdkEJeAeHGrlcsJYMyza5PCExNodjuiUUOVrZGKZYLqsR
2kMysKxFO8x81EBhK7fSJ4wIvM/koKKKSDozTWDTbOA7cWjRYWPIAoA+c7sB7VKd
bdGCHVQVH5/YUXHIEbjM24ZYVP7UX8hQWtfxDOYHL8gSRSncI6T9HXs0p1Mlh0eQ
kJdQyX6Vs+d2zTzAbPqICNGM
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIrroJRG8KWNgCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECADohDo0yZ+5BIIJSJ+akpQD4kl1
0K+EMwYmNiqrlC1VpdMMFVEKYL34uhieaWkmhPdmlo5RXggBkdzsKb9V6veIiWBo
i7kF8ywMBzR8xP9hqE/1V64vlsz2YOi0jS55CgAL/g/vtWV/lXHecgCjLgytlkrP
Zsj/cb65XhpnEWP2fFilUAU14K2/5ecJce3kAWMbSBnms9fMXN6uIsdr+J39KaYn
thsTaH7zOfOOeqhvc5g9hcTl248RgQhpDPzCsGqOvKvzdSiKbPPxFSveNE5L8Siv
Zu0g7PvGincOw4AiNwizy1VgR2UTEagmQvqAiI1aBxP6jvePnn0CoG+DAnPlhyMk
Ei2uQ76USFtC3DBFpzfg2NU5pubq90dq0Zgdc4LUz9czwE5XUFXShQ70BGqLHvYG
clSMu3D0lodbQ0Cdg10hCKesNz4i+T7Z7xkvEERB1v7p564qGrn7NAb5tb6JmxlR
wHwS6zsaLzAymNSdxh87hlpupXn688HUSn51KKwjVYnJxyYSAIzkNRQ1LVwzS4TJ
R81J6GpPawKzFGZYnvdbLw72ohyLu8D6d7NMLR/Fc/pYT/QgoH801DeseSpaDd/h
RFr0ax3EA7MDnFQfmv6m+I9OmhTX+qdhFHtRolW+NUGAdXHFun34+cuIy5hPP3OT
FyW7vAE0gQN2zgllJcIUjz2Xd9PzoX/tsuh0/RTaj1sEAQhlENfhDfz5GFHSHYbS
fTCLLHR7YISlqUwSH0TdzP2/vsh283iqaQJL+OLfwquTDONDekNtoiIG7HlB6dQr
9ni9wg9lO8fGRbFsN9DrJ1vJcJN5CmY+fE77BNJV2K6J/9EX1wOKp3PaTFTFOjqy
tp2K/M4BTT+JVG6sC2gcDgHYg/2pGTc+YxaKyFVziP7rFQ0plzB1GqrFOGeaSDkH
7VfuUbwlTtohiToL+Fc7sbKV95bcjtug9o9bxdzTPikd5E0gAqOLwJ2bqgFBYZFl
t/Ohm8BBwnKuJqKMJXSHvEDFTM9e6VaTVKD4r+7lI9Ng8h89ergjBUdRxB0I/4PE
g7HvzcXm8Vru8U7LmfCR3KKBtfwNN3n0v9pFk4D24pMRX4o+SD+INDVaoZ/Dswqp
sI75SngxgOXdvP5x9F6LiTklZ+jxciYsVzb5f3CqkjQ57990Dxyt/+EveQBO4yLb
Hnzw9wYcunqsiRmhzKfkkHwHAYmGggtWWaZN7qhLPFgvmtt+Tkf6Ord6FWlEpr6y
5dzHds5tqH/v3Tv4NsTp8bLWqSACVoZ4tKbiv/AijVGar7hiHS4sJ+ty8q7TriNM
46TxQ/iyxQ+4ycfE0yv6MIYv3g135X8lZJfP0gK5wv5sdtgppUcHpySngJv1Se2+
KGS0WjQ9ZqlBFl2V2eJcSRzHRh4351BnoGYsogBrMxUUuFvHho9BkP+fPPkCna6V
S8f7AKb1YuyfeNrq9dLW/5FjaSI/or6VGSv62LBUXXGflFQgu18IZ6eNkzgir0Bi
bdPBiUjnYxTVbfEaxP2CGCuPyG4AQhkbjciyHj5fuQkXIq4e6x91u3FVRHu/LOwN
zjWYs+JhgVzWlH1S2qTaO1LplMt1mG6TXFEouC+qkZ6Os+Tk8jPfUj71/ffh/p73
We9RMPEdvBnOQXRlIJQXa14QYQ218POC2LSD23aWqPdDsssIwpxOKBJHuRqBZWd2
0VK6YpFubZtJW4Z6DKoc98exR+JU3y9ah2V2G7poE4m9V7Np/PjGJ5zLPtx4GhFO
Xr2D6FK26IGUQlO9G+iErvIOeo6j1GJw85HfDY8+wGFNrPmYXXDbkbgwKhcg86Oq
hBh9Zd6P4J7cvtps8A0+F/ROWalmb06TOSZ62lHrJZpnMuI4enSLh7fq3gfPLKgc
MWbxw9Td9LxGt4So4sg8QT2uKlVDDpsP81Jaz1wK9H71GZ+cKhYs4nEQChSPGh2f
XcpV0/CM855FsRTXOpbNHi9rj4jUWOYRkpF7nCdEiGxBDQ5mMdzQ2j+wWUpCl4XH
oD39DVsEmDvRM4fIoYfiurZB+ByWfNwQ5uWcLqexapu+MzVgzEZd+UcejmmlLc0E
BV3U/DgoRoI4zkpRMzKeRMdKFZ93HjHETrSISfqvulOqgA/FsWCoSt3OSxlYQ+vm
bS8gFuF7FuadfQpZ+9wnsrVceNL4bgaZ8jB2wYLPJ+YGz16DtRkfp24gYPSfKfeU
LuhWbKrRE3MLlMSsjtdrLMUW5nxttdDyxbOj9lBezA+LEiiQGP5Wv10wWyjaAFTg
UCAfWr2oP1WH/lXmIqDYD6zgZEgb2rRmnpeZGbzB5xKYTp97YeKxg/kuPIl9Tf5t
GKYUPp5wO6PEkiHDCyCC8cyzs54pAwMBZZkuNcMZ0vse1FcBFZ8YjEwuxRnVMHdJ
3ZEi1b/kHTWDgH1zvj9pHbT+p1DZmZakV6P+gPxkvcLyzb9Zkt4pWQ6PbmZa6q/c
dYDQExeB/tEiGBn+nb5mYbjhGm8kkokK3lbRRuoqCG/cNBDeGYGNU8q6EabbrSGQ
BU1s4Uda/kHzXXmHxphV8P6luvh/aI56RHPVzj3tDBhNBZXjsIm8vyLi1jd5Y/AD
vzg1Vkhf0AAZpSA6w4uTj+/JCVR8ksitXuDNit2iEWcFHmz6vtuKw78lB8VkpI1s
Y5WmXsZbdWsp66GNWcA5MmBRBb7vd1idSfbw9yRLuiZAhVAmlGpVbSUplfTe4wOi
lDfAZLGVbfvdjWIR1fY5QzJBckfSe3QuuHPmsa+qTLlYbZxWeO01JfoWBADwIa28
otFSYOi9gLAIHOHuRTB4uGZZ1R2B1HjDOx+VFfkpuzUvevG3sA7VZGP7KlvtJ4TJ
+f1KvxBkQoVK0e1dKOFJfqsUDUt+hADQt3fpSpw/x+AROybuynbtJV5oC9/VJG76
7n3dkmZ/07ALJ1vATwMK3/XUW/JNVKjmS87/HkqvpPYlgHK1avwWvEf+Y/0LM6VM
mfEi3ZGo6yGye9O1f5ISRdNpXkFRTYTpOpxGL7vGy7JnGE8ZEpkqHREbqptw34I9
I0DuWszHoohU/MNfXUYIIssmWi54iwN8DHDWoh3bNMmEtLEOzPFGk4016yGpXLea
zrMG2XcHwgwX0S/qORDLR4N826diQqrd49V0yjBnqCyAtIlOrW0l7oAqaJK5eaeO
k5E/xOQ9MK94fdI8ahT+Bw==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
ea4b0c3c2469d8119fba1b968f7a3ac1
97af13fc4b4fd1d7e6e3aa6b6513ca98
0acee9fba071da555f9ce14d6642e20a
452192aada6a80e73dc62c3103c780fe
8b5df3a054ba1e86d01bb880defbac93
f061ebe4cf87f5c123ec49ba82f50e1a
e83290dfd4debeba063e3ca1c5f37bac
457184dea9a1a97a053ada58f63b7c1f
1de01ca49f3789716e8df654727e4ee4
77d9b182ba174ef871d72ea2bf82d25b
8d02b7a783324263e03229c0852e712f
950c0528985bc1050145f6e1a2379466
11058027d0373a920718c5a5b2f9177c
94365214e24022b2c34d51f25b008f02
8a198e2ae5910e83120b533853bc47a6
2a579fc8df42a997fa4e4854fcf1608a
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

22
CKUBU/openvpn/client-confs/anw-km/ca.crt Normal file
View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDnzCCAwigAwIBAgIJAOPMOpcckCT9MA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEWMBQGA1UEAxMN
QU5XLUtNLVZwbi1jYTEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwHhcN
MDgwNTIwMDAwMTI4WhcNMTgwNTE4MDAwMTI4WjCBkjELMAkGA1UEBhMCREUxDzAN
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
GTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1LTS1WcG4t
Y2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQCz6U29hsY9zm7uv7aG2lnlRKyeVCwQYUw5/BPT9DaSqROz
Kuidjnu/mmwqmwiPQi8ikkEb2sgH+EdxMXig9DSgoVNrXCYCDLlhruyf2Gr6XPXY
q0IzhskqilP3QkjTnrJabBZSdXF6JWVXSVZXiP0tpJZZpCIQAUzkN2aBOk2PrwID
AQABo4H6MIH3MB0GA1UdDgQWBBRoRIdr8PyJcZnPMsgcEDjrUtg0mDCBxwYDVR0j
BIG/MIG8gBRoRIdr8PyJcZnPMsgcEDjrUtg0mKGBmKSBlTCBkjELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZv
Lm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1L
TS1WcG4tY2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkA48w6lxyQ
JP0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQB/ETqWltrGX7r72NED
4vpdN2ZVYxEMz0A4UI6dCRrqEMmhbN7WbvTN/pYaIEl5C41ANGG8ZZKiSrjFwrXC
wevYMUKtHMFeV9Bn116w3odXdD+/Z6ykGvrX3jk5BNYbekVLxG3XgQt1lurvTWle
La/k2uEdxP0RwOLDm75rVYw8ag==
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/anw-km/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote anw-km.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/anw-km/ca.crt
cert /etc/openvpn/client-confs/anw-km/gw-ckubu.crt
key /etc/openvpn/client-confs/anw-km/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/anw-km/ta.key 1
status /var/log/openvpn/status-anw-km.log
log /var/log/openvpn/anw-km.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

73
CKUBU/openvpn/client-confs/anw-km/gw-ckubu.crt Normal file
View File

@ -0,0 +1,73 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-KM-Vpn-ca/emailAddress=argus@oopen.de
Validity
Not Before: Jan 2 03:39:56 2015 GMT
Not After : Dec 25 03:39:56 2044 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-KM-Vpn-gw-ckubu/emailAddress=argus@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:9d:32:39:db:a9:6d:78:47:e2:78:2a:0e:2d:60:
b9:ee:27:e9:a3:59:cf:5b:90:6c:3a:5a:c9:e8:9c:
72:a9:6a:e7:c2:b2:99:78:94:e2:34:69:af:33:42:
64:51:34:0c:ff:84:59:b5:1a:d8:f7:3b:4a:94:f9:
75:cf:5d:66:23:a3:38:b6:dd:b8:59:e5:1b:be:d5:
5e:91:c8:28:83:90:bd:26:a3:2d:1d:32:1c:bc:98:
aa:4e:99:fc:34:7a:9a:4e:13:9b:aa:f3:e4:c6:e0:
93:1f:5a:ca:f5:56:51:4d:ff:1c:ce:b1:9b:ae:2a:
4c:3d:fd:8e:5f:68:26:b0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
EC:14:0E:00:D3:F8:F9:BB:B3:E1:63:47:96:45:00:C4:7F:00:FC:2E
X509v3 Authority Key Identifier:
keyid:68:44:87:6B:F0:FC:89:71:99:CF:32:C8:1C:10:38:EB:52:D8:34:98
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-KM-Vpn-ca/emailAddress=argus@oopen.de
serial:E3:CC:3A:97:1C:90:24:FD
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
18:00:f8:c3:1d:2a:78:32:56:b8:d8:5d:93:2f:bd:78:8a:71:
c1:ca:48:40:60:f4:e8:cf:52:ef:9f:44:e9:12:20:b6:08:54:
ef:83:9d:00:b3:ab:c3:68:dc:92:ff:71:11:23:40:d1:31:12:
00:8c:65:10:81:96:a8:d3:5a:85:cb:6e:ac:69:4a:86:c7:65:
52:72:f9:50:e6:d8:61:47:27:6e:13:77:59:2f:07:fd:4f:26:
98:7c:bc:b2:b2:14:79:af:78:f8:6e:6b:35:79:59:38:21:87:
b2:30:b9:df:5a:7a:ac:fb:1a:e8:4e:0a:4b:b9:7d:0a:fc:57:
bb:05
-----BEGIN CERTIFICATE-----
MIID7TCCA1agAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1LTS1W
cG4tY2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTE1MDEwMjAz
Mzk1NloXDTQ0MTIyNTAzMzk1NlowgZgxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
ZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQL
ExBuZXR3b3JrIHNlcnZpY2VzMRwwGgYDVQQDExNBTlctS00tVnBuLWd3LWNrdWJ1
MR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAnTI526lteEfieCoOLWC57ifpo1nPW5BsOlrJ6JxyqWrnwrKZ
eJTiNGmvM0JkUTQM/4RZtRrY9ztKlPl1z11mI6M4tt24WeUbvtVekcgog5C9JqMt
HTIcvJiqTpn8NHqaThObqvPkxuCTH1rK9VZRTf8czrGbripMPf2OX2gmsBMCAwEA
AaOCAUkwggFFMAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdl
bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU7BQOANP4+buz4WNHlkUAxH8A
/C4wgccGA1UdIwSBvzCBvIAUaESHa/D8iXGZzzLIHBA461LYNJihgZikgZUwgZIx
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
MA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYD
VQQDEw1BTlctS00tVnBuLWNhMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5k
ZYIJAOPMOpcckCT9MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAN
BgkqhkiG9w0BAQUFAAOBgQAYAPjDHSp4Mla42F2TL714inHBykhAYPToz1Lvn0Tp
EiC2CFTvg50As6vDaNyS/3ERI0DRMRIAjGUQgZao01qFy26saUqGx2VScvlQ5thh
RyduE3dZLwf9TyaYfLyyshR5r3j4bms1eVk4IYeyMLnfWnqs+xroTgpLuX0K/Fe7
BQ==
-----END CERTIFICATE-----

18
CKUBU/openvpn/client-confs/anw-km/gw-ckubu.key Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,17FCFC43E5265156
V8gYTlFBeMXEIZUYq1fLtRIYjVnYNBRGmGNHtraHXZycO/RUnnEyoawl6pTPRWlM
z1fVM7sK93uyEX6yftVG9DfFbMSkzkW8P3CLIMGNvVE5kF2KzpNPDJ1Lvfi7Vafu
KPvUngUAEjQQ968NIAGvN+fOeICoihNZYro6lNaN1iOPTHO1ySiSEGslbW2Q7WrQ
RyUJPS1onvAMkEOp+E15g+BNVLVap0iISlIW+urCnJ0dhVUAS/bZNaQVh6MsKUnp
rYh/t3DZmXTBOG5gu/VSY4PU7zGMuHKNyA0hMUEapvzAeyyVfppjvKN31OhqXZAS
X65uD8x0nMH8NgBuh7ZJBmMIYjjAvHi4/0hsfRjp5ZbADkeay+cyzjo1t8q0xctJ
qZdLFcTj+XVN9DfPeAkg6RQa1sUKJE+n0enmsBL+99fopWH+GrxEDqux+JHhRrlc
15fzFh8AZBe3Fl8aheDE9n2f4sk63ap+u7hgPMRa0wYJVU5meYLsfaU4XRJnq73f
LO6ZwLV0MDEm1sc4k1P9KkPbZc/XxIXDtsev3psy/M39zWodhtfXMrzYVfH3ChRn
uIFV8EhkEMPj6hPFFubhHRFjW09Pa2knWOZK6x8Wad6YEJxMw/pB6NAa1m2bkGan
EXTL3Ehb6iAQvQ6BBb5+kqjnWFuCqjsz9h2Rb5r/l0KvO+VScF10mkDLoNqCHhBK
BNLKYngRCZw+8N4vnhsc3s8GPf5ssSpFEW1sypaSbW2Hgux55jBu9NtNzo4vQLGM
UoxiJoq54w9a3EjgVspMQ1qy6WzJaNCZpqvdl2fT43c=
-----END RSA PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/anw-km/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
82b1f1533640a6436ed2eb2993ef9e7c
f867d5f61ffe5691be2bc8304714b41a
9f49a741e0c9f22417ee9ee6893434fb
1e5611b7d64d31532a450e41871c4885
c3ac11d33ed5c878500206416cb88c9b
c0487fd5098dc3a5982694feb2d4d3fe
1ba4f32fc7574fa4b09d47aa1986c096
e022fcd44b87ad8c08c979b8ac7ade3d
130f838ffaedf278360eba2f6f9b94db
e1d0e0f6f4a44210f4acb38835797444
fa2b5e067ec14e5f2013a36827c85722
386cf69b2c5e9c3bced20e4aac287edc
da8b1eb743cf527750999e01274f2e47
e79c9cbede772362b103a6ddebff76da
ed23277286cf8da544d86f6e5f6046b7
a0d2f4b8bf57d734ef4ec3763979ced2
-----END OpenVPN Static key V1-----

22
CKUBU/openvpn/client-confs/anw-urb/ca.crt Normal file
View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDnzCCAwigAwIBAgIJAJfS3XHJWN9/MA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEWMBQGA1UEAxMN
QU5XLVVyYmFuLVZQTjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwHhcN
MDgwNzAxMjMwOTQyWhcNMTgwNjI5MjMwOTQyWjCBkjELMAkGA1UEBhMCREUxDzAN
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
GTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJhbi1W
UE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEB
AQUAA4GNADCBiQKBgQDXN4KAEcJwYICMNTL47p3grgBwylUtkjtjJdmUVo8k85jR
nZSlj592rDPB7/G1o7qU8vEQlmIQSjkfC/ViuMlS38kmn+1B8kVpqoUPWZ8PRnm5
JHWRK6TD8LjHCEZKr1hfaviddbK8Exg7b+Va3Pz0eAqS/BfuuRXdrZYJTdiuDQID
AQABo4H6MIH3MB0GA1UdDgQWBBTY304dMhIbcaY0w/D+JRpi/lcRZzCBxwYDVR0j
BIG/MIG8gBTY304dMhIbcaY0w/D+JRpi/lcRZ6GBmKSBlTCBkjELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZv
Lm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1V
cmJhbi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkAl9LdcclY
338wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCtIEYEN8d5imgML5V3
OnwSN+aAm6hobm6IE1fFj+G6RyvcewrLaKybXljBe2sLB4TdK3CUntoJ7yaw28xl
5u1rBmzFI7r/xNwdU+qurpb121yMnwQSSgF0bVpDZHdz4+V1+V4Lor8bvmqOIfsH
YMgxU+nNxqoPlGaO1xxcEuK78g==
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/anw-urb/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote anw-urb.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/anw-urb/ca.crt
cert /etc/openvpn/client-confs/anw-urb/gw-ckubu.crt
key /etc/openvpn/client-confs/anw-urb/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/anw-urb/ta.key 1
status /var/log/openvpn/status-anw-urb.log
log /var/log/openvpn/anw-urb.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

73
CKUBU/openvpn/client-confs/anw-urb/gw-ckubu.crt Normal file
View File

@ -0,0 +1,73 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
Validity
Not Before: Sep 18 00:00:05 2013 GMT
Not After : Sep 16 00:00:05 2023 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Netzwerk Services, CN=ANW-URB-VPN-gw-ckubu/name=Christoph Kuchenbuch/emailAddress=argus@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:d7:02:6c:3b:15:f3:97:28:c0:5e:8d:24:ac:9a:
9f:cd:11:f6:9d:5e:a5:5f:5d:3d:42:a5:de:b0:35:
b5:d7:b1:e0:e0:f8:f3:29:53:7f:33:78:18:92:67:
1c:aa:f9:16:48:5b:19:d3:cb:8d:d4:fe:1b:84:d9:
e2:89:1a:85:5c:0b:93:c3:9d:6d:a8:4e:72:65:84:
16:d6:02:6c:b0:0d:00:46:e3:06:15:54:bc:a8:84:
80:f1:a9:93:b0:7a:a3:57:31:3a:9b:aa:29:9b:39:
34:e2:64:df:4c:d5:3c:6c:c5:1c:3a:4b:26:ee:5e:
58:e9:29:9b:42:ce:ef:90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
5C:5B:7D:20:D6:16:C4:CD:E8:D8:F9:FF:86:B5:ED:8C:83:CF:90:C5
X509v3 Authority Key Identifier:
keyid:D8:DF:4E:1D:32:12:1B:71:A6:34:C3:F0:FE:25:1A:62:FE:57:11:67
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=ANW-Urban-VPN/emailAddress=argus@oopen.de
serial:97:D2:DD:71:C9:58:DF:7F
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
c3:95:2b:e3:f8:62:d2:5e:b8:02:bc:a9:11:f8:bb:f5:0a:04:
fe:a3:68:e7:c1:97:f0:44:77:c7:54:98:4a:dd:b9:df:76:4b:
2c:d5:4c:a1:9e:e6:da:5f:d0:e4:73:c1:63:6e:29:ef:3c:79:
82:0e:f1:59:ca:8d:41:aa:22:42:e6:e2:88:ba:00:91:b1:f6:
f5:15:03:db:72:ab:39:01:c7:ee:19:25:c1:fd:ff:5d:30:b2:
ff:76:70:e9:3b:4f:88:af:14:68:8b:63:e2:a6:9c:e6:05:0e:
eb:b9:9f:3d:04:2e:9f:34:c1:14:53:69:3e:5a:c3:2e:ab:8e:
12:72
-----BEGIN CERTIFICATE-----
MIIEDjCCA3egAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxFjAUBgNVBAMTDUFOVy1VcmJh
bi1WUE4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTEzMDkxODAw
MDAwNVoXDTIzMDkxNjAwMDAwNVowgbkxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZC
ZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRowGAYDVQQL
ExFOZXR6d2VyayBTZXJ2aWNlczEdMBsGA1UEAxMUQU5XLVVSQi1WUE4tZ3ctY2t1
YnUxHTAbBgNVBCkTFENocmlzdG9waCBLdWNoZW5idWNoMR0wGwYJKoZIhvcNAQkB
Fg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1wJs
OxXzlyjAXo0krJqfzRH2nV6lX109QqXesDW117Hg4PjzKVN/M3gYkmccqvkWSFsZ
08uN1P4bhNniiRqFXAuTw51tqE5yZYQW1gJssA0ARuMGFVS8qISA8amTsHqjVzE6
m6opmzk04mTfTNU8bMUcOksm7l5Y6SmbQs7vkFsCAwEAAaOCAUkwggFFMAkGA1Ud
EwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZp
Y2F0ZTAdBgNVHQ4EFgQUXFt9INYWxM3o2Pn/hrXtjIPPkMUwgccGA1UdIwSBvzCB
vIAU2N9OHTISG3GmNMPw/iUaYv5XEWehgZikgZUwgZIxCzAJBgNVBAYTAkRFMQ8w
DQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVu
MRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRYwFAYDVQQDEw1BTlctVXJiYW4t
VlBOMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZYIJAJfS3XHJWN9/MBMG
A1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOB
gQDDlSvj+GLSXrgCvKkR+Lv1CgT+o2jnwZfwRHfHVJhK3bnfdkss1UyhnubaX9Dk
c8FjbinvPHmCDvFZyo1BqiJC5uKIugCRsfb1FQPbcqs5AcfuGSXB/f9dMLL/dnDp
O0+IrxRoi2PippzmBQ7ruZ89BC6fNMEUU2k+WsMuq44Scg==
-----END CERTIFICATE-----

17
CKUBU/openvpn/client-confs/anw-urb/gw-ckubu.key Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIciZPe4pZyPoCAggA
MBQGCCqGSIb3DQMHBAilx1xBgz8S1wSCAoDBMXDwnWuOF66Yodm3A2D1Su9K+hVo
5KfJeC0BmWDf1455kw/ZKiB7bdgUcgogJPpQgzjugGu04iugoC/KobocidD6NP7f
ZkmT6UGPkFa+3xyr61rYBlKT9HqphAVRwUoNhNNbFG1h0oBIL9qjxuQCssL5qsne
R9KN9VsYVDRloL5/RfmcozJ1mXeRQeBkDCiQWb7cCYSqzpXHD6Vf+Xabdb7KiEOp
coIWoOLyX6JdlV47CN1bUVerZulyZfU+xaI1EyqDCiVR6uao7ggIrLEnnTj+3oYN
0NK77BCAJBsMEvSa2ZJQUvKeAl8pHTZdD06ixZRFlroUbMYV3ns2BvlT/M2GT3Oz
P55FxClNjnmST1+MB+Ak7rZxdSVXf6tJP7fyxWU/zeGqHFfhQS0soiJxsdu2+iAy
/AW4d5eF7fDMNdtelQg9oNMu8DBqIEMt6iZtmEPMxXO18BWrOOuAcXNExjmX4YP5
/WVKwpukfbizsCgA828Rmm6KlLaGcfwM4Q+msK9uQuLW1xrAjghS3KPgCFOnrRzV
UCvZGaVAhdA8oSdigBJonQmC5KWjjd+MIHFUqHOz2CWdN2HPvn9DKUeZwUVqtyVZ
LytntILVJ2CCLikf8iR2Q0YLCnA/Z0dA1+yy2OnSpFRv5qZ8alvn3sJ/RKCNnEVe
5Y5mhfC/MFk2Ak7MaI66vW6WFFUWFzFqvpco2ItVF05mjN0QfQfwB0CllO5QzfCI
xEwG4mcAgB7NceXHYh4mdX/nxDsmbkHSlWRKIE1SPuJzQPeolxKUcVr9O4UVHUya
zL3PaQ4PZa1YeL01QrqeK/rgvirQbNqnNsr0diqNXiYPNGmIEW0Aln5u
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/anw-urb/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
e19230da99dc39d3169c1a77dde7ad76
8831a21b862a03aed5db8332bff9177a
14ede9e8e89da3d4da92a5419006adaa
b61c895a2445fe8a8fc15ec250f1dd53
07860a266aa331691b89b129819ba7e0
18731572474ad3a4e87accaf7e74010b
6b28aaf82be7a726558b1cda354888af
a574d1fb1bd0e86a16c0bf635a3f4ede
cd156415a01cd62617abf1eda6c38585
df9b9e8e831ce3e645ee0ea6fc1f2c27
1c381080d87697462c4eb69c100a099e
902a5423692b0ec0598a165e65da298e
bd72f0f00216b026b6a2fc3f1a6ada6e
db76051b9d055307f0e02f11c8b16419
b246546fe5023afd1ca2b7328c69cf47
d48f9015f5c5655dd899736d78bd7614
-----END OpenVPN Static key V1-----

28
CKUBU/openvpn/client-confs/b3-bornim/ca.crt Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIJAOWbjDrr526ZMA0GCSqGSIb3DQEBCwUAMIGjMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAGA1UEAxMJ
VlBOLUIzLWNhMQ8wDQYDVQQpEwZWUE4gQjMxITAfBgkqhkiG9w0BCQEWEmNrdWJ1
LWFkbUBvb3Blbi5kZTAeFw0xNzAzMjIwMjE5MjVaFw00OTAzMjIwMjE5MjVaMIGj
MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4x
DzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAG
A1UEAxMJVlBOLUIzLWNhMQ8wDQYDVQQpEwZWUE4gQjMxITAfBgkqhkiG9w0BCQEW
EmNrdWJ1LWFkbUBvb3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzzVaCu/oIRHn9CaLJdwurZvlnnZ1xI+HtWlVnVY60QBzw38Rc36VUOH+bf
NRM+aV95Pe6h0icFmiDfnSHQwogO56tkZFq6OW9RfnC/wSVXEfVrdvV8H9JgPiLM
WdyRIgjdeM74EdZ0tFN8sO34Bf/dv3OYGUz7qJgFnKdy7ByTgv2maRmITds9Dk58
H8h5wl0TnGRS+A8zOz1TAIjVjdPWEFOwkKLGRCSbiWIm2qqXzbhlwYYpxifxRkXW
tcSLOB3lKtAM53l22Qvux6J5+s0UH3+WoPo+6Gc65Jtg6SUGxTpvJZgRyMpRKLNI
JEFzo8JMYSb50TmC/9j6ZOX82VsCAwEAAaOCAQwwggEIMB0GA1UdDgQWBBQfLl6w
QA2SpwmD2iVsGSCeyWDNITCB2AYDVR0jBIHQMIHNgBQfLl6wQA2SpwmD2iVsGSCe
yWDNIaGBqaSBpjCBozELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0G
A1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsg
U2VydmljZXMxEjAQBgNVBAMTCVZQTi1CMy1jYTEPMA0GA1UEKRMGVlBOIEIzMSEw
HwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQDlm4w66+dumTAMBgNV
HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAmLrMjjb3MV6gjBZCIDJag6X9+
WOLY6UJfNGXyg9qt4SxKFqvBSCC+ZB+39rvl/+ReAULKCjggM3usRuPZfcK63Ncm
FRqkxA+3xk+c60KZd3DP+4yRdY3j1GeHip8FJloT91eVkGdCGDAFwz3njBex40BA
qpIPOoYDKJDZElrunB/8z0KW/12HqxowEnPQaSkTiFeb9hRJMB71/LvS0OZoWPj9
4kvNGJq8H3VdWjzLDAXfX+VYI1gTWYax47klQM6QnKBOuQGPpHvVWBr0ifFsa6Wh
eoBxJ50RuMwLoXNZqqJD6TH8vCv7IqARnhiNKhNiDQQr5CZyr4Nwn7gT4yw1
-----END CERTIFICATE-----

138
CKUBU/openvpn/client-confs/b3-bornim/client.conf Normal file
View File

@ -0,0 +1,138 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote b3.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/b3-bornim/ca.crt
cert /etc/openvpn/client-confs/b3-bornim/gw-ckubu.crt
key /etc/openvpn/client-confs/b3-bornim/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/b3-bornim/ta.key 1
status /var/log/openvpn/status-b3-bornim.log
log /var/log/openvpn/b3-bornim.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

97
CKUBU/openvpn/client-confs/b3-bornim/gw-ckubu.crt Normal file
View File

@ -0,0 +1,97 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-B3-ca/name=VPN B3/emailAddress=ckubu-adm@oopen.de
Validity
Not Before: Mar 22 02:25:44 2017 GMT
Not After : Mar 22 02:25:44 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=B3-VPN-gw-ckubu/name=VPN B3/emailAddress=ckubu-adm@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a0:12:ec:ae:52:b3:19:53:4d:f4:ca:96:dc:4f:
b8:94:e3:ff:77:97:93:2c:63:1f:af:b2:d5:e9:d4:
32:16:ea:b5:62:93:c6:49:e4:48:1d:38:8b:a3:ac:
11:82:50:05:24:6c:d4:5e:9b:d6:06:e5:a3:a2:77:
eb:3c:14:23:2c:d0:3c:2d:15:32:8e:79:74:47:2d:
1b:1b:e6:bc:bb:cd:f1:d7:e4:25:67:27:d9:e7:14:
96:78:2f:f2:2e:a8:76:df:0f:20:18:ab:d6:54:31:
72:88:81:be:17:2c:0d:e1:65:9f:17:b9:88:e2:b8:
d4:ec:3e:a4:61:46:db:03:da:69:2d:be:2e:24:b9:
53:59:9d:3d:ef:2b:75:ef:1b:40:ea:f7:a6:b2:7f:
3c:b7:46:e4:f7:6c:db:8b:cc:4a:cc:3c:df:0e:a7:
8c:39:2b:30:53:4a:19:10:84:34:f7:17:19:94:eb:
fa:63:84:ce:4b:8f:09:04:19:38:98:24:19:24:96:
6a:cf:f1:3e:42:8a:9e:cd:16:c5:39:de:bd:1e:fc:
e6:57:12:3f:b5:59:d0:50:b7:38:d7:75:99:b0:4d:
62:d7:95:64:fb:b5:8c:68:20:61:78:7a:04:45:c4:
15:8c:92:60:b9:9e:24:3f:b5:54:fe:92:4a:1f:4b:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
01:0E:AD:99:D6:AD:30:D2:45:B3:FF:56:26:D4:E7:8F:BA:BD:41:86
X509v3 Authority Key Identifier:
keyid:1F:2E:5E:B0:40:0D:92:A7:09:83:DA:25:6C:19:20:9E:C9:60:CD:21
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-B3-ca/name=VPN B3/emailAddress=ckubu-adm@oopen.de
serial:E5:9B:8C:3A:EB:E7:6E:99
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:gw-ckubu
Signature Algorithm: sha256WithRSAEncryption
16:30:40:fa:eb:4f:06:12:81:ee:94:67:b7:22:67:53:af:f5:
23:29:43:7f:fe:9d:50:94:cf:ab:a5:a9:f4:85:36:4c:2a:38:
f4:46:b4:01:5c:0f:59:3b:d7:39:2c:a7:d5:64:b5:63:83:ff:
e7:98:c8:94:69:cc:a5:8a:03:ac:61:c5:0a:20:46:7b:f8:86:
71:39:ad:a4:bc:fd:cb:dc:ed:27:95:2e:d7:f9:2f:0a:26:1e:
e0:1e:4e:77:94:c1:08:11:b7:5f:6c:e7:5f:a1:98:4e:a2:8f:
46:d2:e3:c4:b8:fb:c0:51:8d:5f:d3:3e:a0:81:e8:c6:46:ef:
89:57:7a:8f:d8:af:e8:48:c2:c6:64:ef:d3:1e:77:72:17:c4:
57:87:19:97:e2:04:e5:27:11:40:28:52:a1:fc:79:85:56:69:
69:0d:04:a5:8d:b8:fe:4b:ca:6e:4b:6e:bb:7e:a8:10:54:6a:
45:ae:49:2f:10:8c:8e:cf:d8:b1:00:97:62:ed:14:84:1c:1b:
5b:b6:3c:44:e3:8e:8c:ac:25:33:39:6f:9d:7b:db:7c:0a:4c:
ec:70:d6:17:32:e2:93:8e:33:fe:aa:e1:12:f1:99:1e:f5:f8:
5f:b7:94:77:83:4f:6a:de:48:1a:db:9a:62:dc:7e:87:00:87:
c1:73:fc:ae
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQBgNVBAMTCVZQTi1CMy1j
YTEPMA0GA1UEKRMGVlBOIEIzMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
ZW4uZGUwHhcNMTcwMzIyMDIyNTQ0WhcNMzcwMzIyMDIyNTQ0WjCBqTELMAkGA1UE
BhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQK
EwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGDAWBgNVBAMTD0Iz
LVZQTi1ndy1ja3VidTEPMA0GA1UEKRMGVlBOIEIzMSEwHwYJKoZIhvcNAQkBFhJj
a3VidS1hZG1Ab29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgEuyuUrMZU030ypbcT7iU4/93l5MsYx+vstXp1DIW6rVik8ZJ5EgdOIujrBGC
UAUkbNRem9YG5aOid+s8FCMs0DwtFTKOeXRHLRsb5ry7zfHX5CVnJ9nnFJZ4L/Iu
qHbfDyAYq9ZUMXKIgb4XLA3hZZ8XuYjiuNTsPqRhRtsD2mktvi4kuVNZnT3vK3Xv
G0Dq96ayfzy3RuT3bNuLzErMPN8Op4w5KzBTShkQhDT3FxmU6/pjhM5LjwkEGTiY
JBkklmrP8T5Cip7NFsU53r0e/OZXEj+1WdBQtzjXdZmwTWLXlWT7tYxoIGF4egRF
xBWMkmC5niQ/tVT+kkofSwk3AgMBAAGjggFvMIIBazAJBgNVHRMEAjAAMC0GCWCG
SAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O
BBYEFAEOrZnWrTDSRbP/VibU54+6vUGGMIHYBgNVHSMEgdAwgc2AFB8uXrBADZKn
CYPaJWwZIJ7JYM0hoYGppIGmMIGjMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQ
TmV0d29yayBTZXJ2aWNlczESMBAGA1UEAxMJVlBOLUIzLWNhMQ8wDQYDVQQpEwZW
UE4gQjMxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJAOWbjDrr
526ZMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNVHREEDDAK
gghndy1ja3VidTANBgkqhkiG9w0BAQsFAAOCAQEAFjBA+utPBhKB7pRntyJnU6/1
IylDf/6dUJTPq6Wp9IU2TCo49Ea0AVwPWTvXOSyn1WS1Y4P/55jIlGnMpYoDrGHF
CiBGe/iGcTmtpLz9y9ztJ5Uu1/kvCiYe4B5Od5TBCBG3X2znX6GYTqKPRtLjxLj7
wFGNX9M+oIHoxkbviVd6j9iv6EjCxmTv0x53chfEV4cZl+IE5ScRQChSofx5hVZp
aQ0EpY24/kvKbktuu36oEFRqRa5JLxCMjs/YsQCXYu0UhBwbW7Y8ROOOjKwlMzlv
nXvbfApM7HDWFzLik44z/qrhEvGZHvX4X7eUd4NPat5IGtuaYtx+hwCHwXP8rg==
-----END CERTIFICATE-----

30
CKUBU/openvpn/client-confs/b3-bornim/gw-ckubu.key Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIFoCf5M5Q7nwCAggA
MBQGCCqGSIb3DQMHBAg/IMWDanMqPwSCBMgU7zQul5AkX/TrxXfYu6f1PRJEpfb/
v6F9NXOH42JaWp7VDTI/aQgToi0q+qZRE3GCj9eCGsv7XcltWVtt0c0Qd3jHB+N3
IRXAqNH5dUhpuBJstMBFrYL01TbPkg7fhGhtYYJIJz11BTiwllZULGEJXTXyiusI
zWnkt37KdnhOaWVhAHaf+gWQayB/rMiI5HM4dkdgHm/VQKBrOQGJYn8LMqLqmHKd
kLYeYultYkPtcqDRpnxERbtLXItC2PneKU2WKPwsmCsCy6CTIJoSF6FAxluv8jhO
etLKAzLiDRg9Q/xB+50o8ouRHtNLFSo4FoF7BSeS7ZfdVfRKMMpzUzzRys4KVQry
vXng3IQVxLzHEEZAP9HXcGNuvXeFq5LC72oCSob0ynpPdaTnI00O8vLBib93RfIh
Wn4Tsc7w8Ls3AWhFStkz+8sJ6iewgcp0BlhWLBbTn38sIhW9vG20zAR/CvOpT5vT
8lxLrphsbOuf1HsH7vsYbzsXAwB5Jpu6NCpuiDS4NaBKZAAVmBi37tAc3KbTlUzx
BUhxlrwwDSdQ8j2KXk+/LAXpXM3oj9fKyDOIzuQtFXP7dV9ohX6YHocwMoQCgCl/
ab7mw0ouIb5uUwR5s8dFfFl8scWPsvs9/BALC+ZAfvWBaWvq9dCrngdciM90Sg1c
CQjsBSGMbUTSSgxQE/DdI/mMRa+gqVLe6IniRB/RoKyyBdufkkqhNf2D/d0Ll5uF
yPKvuOJxYHwGPnwknGQrBCe2KMRotzCRliMZ2ua5SPe2fhnVJ0E3jTgABz+ArZhN
XNBAjY/lM80App2NFP6A2p1ryxf5M9j/qbiGFyPaXsnFHT/8Iku+FErWzRQ0fASQ
SC/8kuGWWafwKig6wjHDv6yrIYrtzWiLd5OTpi6QqD1JY19s4pP04v50XL9F9scK
ypESdCcZz9+Q18N4yxREKbCviThpTy3FBoWa1v4SZeerAroUdhGJjXzWfypzmHo4
21J004Dhb7XXKfqsE6MU1TVDQ64Qg/NalULs3LAdHCfur/JR2Htme7/k3jAuJNDF
SPu8PNVH9lnUcxaMVOIMfYtcwMCCn6lW25WqbKPG/VIir4WG2HmGxqbEqugNgt1H
VTxV2uYU1CGEGTlR/EgiI0QDGjVfVLHgugvnTY0T3w7r1kfYKhyyggQ5k3mqvPFX
4B5lm2cCUYBlg4hkWsCTOs+dBG4zB54fl1kfkZ34u9BoTSOFoBi5v0Jhg1CQEgxH
Gesw0YH/gqR2UiWzzwQf/K3WFHaawSmK94ChEMLX6FIUbLwBC4Y9I4J0oT2wfXgi
pzyXR2BL8ccCXlSIzvxDLie3jCgBtuwxAUkK3QifE2+ksM2+3cZk9FMXVlVnGYyz
bTqTxZ/RJCNFIZr2Z2gl2uBhU3Q1k8aWyF6Yu+q1FxtMzIyltYgTUia72vkyGCLG
O0mqRbsxW5RaPpIC7P1fj3IQ5IjvamDPhpG0nXX9RXNlGjRn8QbPX7NEk6WCVgc7
dpNAaZOY68LoQpw344GVWXl5O8sQvrQuLMzoIeeMNlGxK9fjFsf/vUDz3JNy0Q8Q
dni2K4UplAMnfeG+A2DcGQRQ11MRLLJ9cIT2z4lLvv1Vd+Lbv31O1ucdh6kuQbMG
WXY=
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/b3-bornim/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
21da7cfaf8c240eaa9597be6998e7c8c
7d58443834682a57b9af84412d7106cc
089a4030a6380ab83988694fab469c88
bbc1bb60d1164ad108cd4564fbed5891
024dd88abcd93e02d5b28de7e84296b4
cbd182474cf02852d319c864e614aa4f
3b2747bc8b617dc897e279dc34f262de
47f8cf2b7f3c99322710881dc7d48bb3
224ca59ec3cfec94a392f7c30bcb08aa
3796c4eb3c1faf682a313b146cae545a
a052f3bdc66caf301aee6c862c10361a
106747075f4a82742f29a230bdae4df8
6ace60b7d8e702b792fede84f619f009
ba6c953baf22ade495cb4da8b2702650
1954246931a08e7e508f8535a65e5f36
587bf48f2e80fdbe53d1ed8a797cd5aa
-----END OpenVPN Static key V1-----

23
CKUBU/openvpn/client-confs/flr-brb/ca.crt Normal file
View File

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDzjCCAzegAwIBAgIJAPf/MOnEeNJTMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEPMA0GA1UEAxMG
VlBOLUNBMRQwEgYDVQQpEwtWUE4tRkxSLUJSQjEdMBsGCSqGSIb3DQEJARYOYXJn
dXNAb29wZW4uZGUwHhcNMTIxMTExMTgyMzU5WhcNMzIxMTA2MTgyMzU5WjCBoTEL
MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8w
DQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxDzANBgNV
BAMTBlZQTi1DQTEUMBIGA1UEKRMLVlBOLUZMUi1CUkIxHTAbBgkqhkiG9w0BCQEW
DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIdp+t
lUB/nx3JqiZiBEkyTK2m+uH/hes4wYTpmbRY2x1YJtwQegX/sfxuu0n1xA42gON0
eOBc2v/MmKzrGP+VP2VxWBhR/VnJsPeFTJJvD6ioM+jc9xNeZFNgHibRw4vzipyK
ALQJK6gJ3COvhb3YWOul3njUGgZZkaikPMuTQQIDAQABo4IBCjCCAQYwHQYDVR0O
BBYEFFb+8DvjraReG34P1h/k6dWObxLWMIHWBgNVHSMEgc4wgcuAFFb+8DvjraRe
G34P1h/k6dWObxLWoYGnpIGkMIGhMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQ
bmV0d29yayBzZXJ2aWNlczEPMA0GA1UEAxMGVlBOLUNBMRQwEgYDVQQpEwtWUE4t
RkxSLUJSQjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQD3/zDpxHjS
UzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBADPFDfqCtYtsS/NxGVYc
hgxKsA9S/kBifNbde0e6nmPBgufW+O3uPrkvg7Wx2EayxMhX/dVrAYm8NSNCdWXV
5ra0lu6cTI8rwWt404e0F/o0v6u+5eWHFxSF0lDJIVhwvvVoiAUJQw8h+BlI5PYO
JcHZCQoQE1/RE6Xp+0xgTXvW
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/flr-brb/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote flr-brb.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/flr-brb/ca.crt
cert /etc/openvpn/client-confs/flr-brb/gw-ckubu.crt
key /etc/openvpn/client-confs/flr-brb/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/flr-brb/ta.key 1
status /var/log/openvpn/status-flr-brb.log
log /var/log/openvpn/flr-brb.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

74
CKUBU/openvpn/client-confs/flr-brb/gw-ckubu.crt Normal file
View File

@ -0,0 +1,74 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=VPN-CA/name=VPN-FLR-BRB/emailAddress=argus@oopen.de
Validity
Not Before: Sep 18 11:07:19 2013 GMT
Not After : Sep 16 11:07:19 2023 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=VPN-FLR-BRB-gw-ckubu/name=Christoph Kuchenbuch/emailAddress=argus@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:c8:6b:44:7a:ce:51:74:af:7e:b0:db:ab:e5:cb:
50:f7:01:9b:da:d4:38:7e:35:01:0c:60:4f:28:92:
90:4c:dd:06:1a:a0:89:d6:65:c4:97:d4:22:35:3f:
8c:0c:79:e2:ec:9a:26:4e:e7:ee:f7:73:02:65:12:
9f:cf:5e:05:0c:1e:96:c7:f1:81:92:8f:ac:48:71:
93:df:f8:f2:a3:66:65:ad:13:81:c1:f1:23:a2:c5:
04:86:26:29:bf:2c:7d:28:43:fa:a1:3d:dd:aa:47:
01:af:0f:c2:ba:e0:0b:1d:af:53:f1:f7:a8:b2:90:
2f:4a:ab:c8:19:f6:9c:eb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
DC:10:87:FA:DA:75:B6:5E:0D:5F:CD:4E:2C:9B:B0:E5:A1:E8:85:1D
X509v3 Authority Key Identifier:
keyid:56:FE:F0:3B:E3:AD:A4:5E:1B:7E:0F:D6:1F:E4:E9:D5:8E:6F:12:D6
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=VPN-CA/name=VPN-FLR-BRB/emailAddress=argus@oopen.de
serial:F7:FF:30:E9:C4:78:D2:53
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
9a:71:cd:8f:8a:8a:a0:96:68:01:5e:86:36:74:41:1d:1a:99:
66:56:83:09:c5:18:7f:a1:ec:bf:b8:17:52:e8:fb:09:9c:b3:
5b:b7:0f:ec:e5:4f:db:87:7d:0d:bf:4b:ce:b1:f6:fb:c8:e0:
99:f5:aa:39:ce:dd:8e:7d:6d:b0:70:7f:00:42:de:6e:55:be:
57:f4:01:8d:2e:00:b7:90:b1:92:73:65:89:20:52:8b:b9:f2:
28:eb:e6:32:0d:ed:a0:51:2a:73:fa:dd:6b:86:b5:71:b1:d5:
b7:30:59:6b:94:dd:fc:c9:47:00:35:a8:b7:18:53:c6:99:fb:
0a:70
-----BEGIN CERTIFICATE-----
MIIEKzCCA5SgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxDzANBgNVBAMTBlZQTi1DQTEU
MBIGA1UEKRMLVlBOLUZMUi1CUkIxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVu
LmRlMB4XDTEzMDkxODExMDcxOVoXDTIzMDkxNjExMDcxOVowgbgxCzAJBgNVBAYT
AkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMG
by5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMR0wGwYDVQQDExRWUE4t
RkxSLUJSQi1ndy1ja3VidTEdMBsGA1UEKRMUQ2hyaXN0b3BoIEt1Y2hlbmJ1Y2gx
HTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQDIa0R6zlF0r36w26vly1D3AZva1Dh+NQEMYE8okpBM3QYaoInW
ZcSX1CI1P4wMeeLsmiZO5+73cwJlEp/PXgUMHpbH8YGSj6xIcZPf+PKjZmWtE4HB
8SOixQSGJim/LH0oQ/qhPd2qRwGvD8K64Asdr1Px96iykC9Kq8gZ9pzrIwIDAQAB
o4IBWDCCAVQwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2Vu
ZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTcEIf62nW2Xg1fzU4sm7DloeiF
HTCB1gYDVR0jBIHOMIHLgBRW/vA7462kXht+D9Yf5OnVjm8S1qGBp6SBpDCBoTEL
MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8w
DQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxDzANBgNV
BAMTBlZQTi1DQTEUMBIGA1UEKRMLVlBOLUZMUi1CUkIxHTAbBgkqhkiG9w0BCQEW
DmFyZ3VzQG9vcGVuLmRlggkA9/8w6cR40lMwEwYDVR0lBAwwCgYIKwYBBQUHAwIw
CwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBBQUAA4GBAJpxzY+KiqCWaAFehjZ0QR0a
mWZWgwnFGH+h7L+4F1Lo+wmcs1u3D+zlT9uHfQ2/S86x9vvI4Jn1qjnO3Y59bbBw
fwBC3m5Vvlf0AY0uALeQsZJzZYkgUou58ijr5jIN7aBRKnP63WuGtXGx1bcwWWuU
3fzJRwA1qLcYU8aZ+wpw
-----END CERTIFICATE-----

17
CKUBU/openvpn/client-confs/flr-brb/gw-ckubu.key Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI2PZiohF8ugcCAggA
MBQGCCqGSIb3DQMHBAhTTx6Dj3br7gSCAoDTyLVebeOV/njatPhy0qEi/DlH/6+H
oK9kQaUV69QS6NO3N1RqqDvXu2DcdlkzLLvi1CJWgTJyeHbtKHyTMEEXI/P2SOZL
wBGqXZ2Nav6MqjGpjzHryAAh32thyGJC5o/m/SOMX1lMvDln/g9WzC0ZRAMdNi5M
SrLZieR41OA/0Pt7EuBIfuIvs2MhQwaUbVgdVShmBDVVS+44qJU36wmTT47mEFCD
47ghy6xXvfykiI30fYO4qPad+nR8zpnpEGB5ZQfEx2SRdsbWxY1GMT4rAzTBMgiJ
bbyVY8rEb0kKqbJhUFQ9jjodW2b94p6nayaJHoyO4sFEgvvPhpPsBXRPKOZXMSl1
kNjDEwUjpPCxm2v4JpYiPUoiZO4IAKbXcfJ8WWuKZp1Du37PVD/EnXDjyKBFOyzD
QJDF7ukzAwMHcq9bVv8AybVxC6I+1nDgdrD9s/8cBQiCyYufV/5H484GBI6d2dXo
SyKffomnpHVK7AzAYZXmyxlQj1kwJeh73xYFH06fec0VmmH6vHkN+wjYheJLrqSi
xZkOnxggAecIINh3kVbPrZCfKn46vYwDoFHgK8Ek7nRaIXaYGuKrRfHZRTN6g98s
+QK5iGSL/5Fg8EdsgRtAm4Ss/mBUCEY2AZF4fekfyhtzbpYLtb5XJIw42SCwJstN
dd35UeaUWTOXkO7sIub88UVxv9VXIXpq+2DD7emd9jpyQVp0W2/jlGEvtSNUUsMD
E26+ck8dSOnJI/FFYOeqtW24dZ+0g2NXAoUiwtqQweOJKkOjQlNV/L1Ud68zSy0e
oDCt0c3xYx5JAXDKximQqlVAenc5rl+4kHVnG8wmULmTgWCMbYSk/sAC
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/flr-brb/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
670c1735182a2aa7373f3913f4bb9922
1011f52b6004f688f702ee2eebf789de
8e9a7cbbe597de15dcd0944cc77c63bb
247ef4ec6beb0ab1ad0e68fd3224d9c3
50f3536eb45f0582ab3deb4a84144e08
4ab82c010550262a803f617826443ed5
34ace631dd1115372b4b6d91523ebf9d
5212960ff14b16776359a2c4a8a78672
c6dd16d8e3bead764da1f39a267a5d2c
e798d3f52e0d8ceb7cafde530cbff390
7a099224465c3bde210bdc7e713dae1c
05e190846e0bc7cc8e4c79427516eed3
b580385daaef259dd823e67970ffd9f3
125c3b6217f6622652f76f1da0ea96e5
b9724b6abd8384f45f11d9b41a9afa7b
34d1a506ef314806f46e64d46f4b53a7
-----END OpenVPN Static key V1-----

270
CKUBU/openvpn/client-confs/ga-nh-gw/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,270 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ga-nh-gw-widsl.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG2DCCBMCgAwIBAgIJAIfpECeVF6BJMA0GCSqGSIb3DQEBCwUAMIGiMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAGA1UEAxMJ
VlBOLUdBLU5IMRIwEAYDVQQpEwlWUE4gR0EtTkgxHTAbBgkqhkiG9w0BCQEWDmFy
Z3VzQG9vcGVuLmRlMCAXDTE4MDMwNzE4NTcwOVoYDzIwNTAwMzA3MTg1NzA5WjCB
ojELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGlu
MQ8wDQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQ
BgNVBAMTCVZQTi1HQS1OSDESMBAGA1UEKRMJVlBOIEdBLU5IMR0wGwYJKoZIhvcN
AQkBFg5hcmd1c0Bvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBALlE1NE6tNFSDcmhjj9yyWXd1gXn7u3sk7r/gLyvUs1yIpmSKRlMJOh7kXUQ
AXiPsNavC6QFDMq1mFjIuhkNqpl8YC2NgWhfjsaxi4+oa8d+e0nr1Y0jHkLKOWvT
OqKHL2gqFeumOPNOQ1lyoiQzcBfgs28WLk+hfeqv4CPPrPRAXMv0C3jy73T+ZHr7
MCCxpNIcbKZO4vxaPWwi5pnBS7RTIB0OGOEgoWTpryjRiiJ7xuZCF8bQTfucS6fl
9sm2wuftifgU2S81bmrlQ7Wfkm2Xr/QaEKCS/nMhdju6UaC07/22SHGqaqT7eJrr
hk3psq7ecPRmMTj9neN/yYoDByWFUz7nhGmVnCXOO3Ct8KjSeH75W0vf9rCOwY+/
7YUz7ACiz0itjQlj+jdHqwvB3a97v/mf2WFVhbJ84dhUUeW9CmaebLAJMNIqccWX
VibBtG4g1mv9xm0oiIpyNW89Zo24cLXX46P6OAukwSPVnTcfyCxZo2g1EHVVk5oI
nti2sR+h6aabRR+rmPqym1R4rbPMZjDH3NNsazdINRBGkY2Igk36xYFLydrpUiKr
uidboUu/85wZr6xKu7QJYjliP1lkxFuIuzlGFCd41q3CgYPNKO3KPLAeTOzaa6yq
9alxtqs3z3ccOaXyjp/AsDiSsH8qoNKaMQEFyyQeRppNOkgJAgMBAAGjggELMIIB
BzAdBgNVHQ4EFgQUIhsBj9GmWfsTD+kHmHt1fFK3SR8wgdcGA1UdIwSBzzCBzIAU
IhsBj9GmWfsTD+kHmHt1fFK3SR+hgaikgaUwgaIxCzAJBgNVBAYTAkRFMQ8wDQYD
VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkw
FwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRIwEAYDVQQDEwlWUE4tR0EtTkgxEjAQ
BgNVBCkTCVZQTiBHQS1OSDEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWC
CQCH6RAnlRegSTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBkQr2/
StSTSKY3Q3OfZzh3+Lqq5Hppk02N4WwwQ9d3c7TQowoHnI/a7llgAb9gu1sExL2p
9QSj+M4sEcSnouLUdnHDArrxJ78AHBGnPq4hHODChkrGFiqvw4yXsNcfhOdv6hrL
LO8OJJyenSnaWL/gCqKDCjdrsB28I65ancGWyBN55UKVGxDpQi14cT2ImSPQAIAy
Rlh7l6uZ8l9SRLtvnjZ7na4VL5JUsXYUIHqc9qUoRwF0At5UmnIPwXZvG0GgA15B
h36Cqf21WfoYZwdff52xwKyl3qjdt3h8tq3XuAqto8rk2Q0aawDgrC9tXJwKB3mo
EZVX1aAxmdDGKIQQzkoU6uR6tYum1H9XFci9QbBMhADLiE4ohn2ukjSV7Z47Cr3+
sClUbqxpfJFIGknSB0KZiFBsnnrB+ICDczPljyHoXbgDV4NvUnKFjzpnFfIhkSvR
ZOm9Qq51b+4XbmXX/+GlsxWYcM2WfkYRaJcRk12z/6Oi3udKB7omp3oI+ZGRvI3D
Rsq1cKwPFFO3EiyPI6GV8BdYTLZ51WSgHohV5rI9c6nre05AB+97kQDUj7jz62P2
ERZr5oWSViGniiQtgclFuMWY+VvuT3DDNtdRikMy3f59S0vslV2HkgLugXgu6RFL
keMwZh7pXr5MP/CUpGgsLMHd627uIuryVYbaLQ==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHOjCCBSKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQBgNVBAMTCVZQTi1HQS1O
SDESMBAGA1UEKRMJVlBOIEdBLU5IMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Bl
bi5kZTAeFw0xODAzMDcyMTM0MTRaFw0zODAzMDcyMTM0MTRaMIGrMQswCQYDVQQG
EwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoT
Bm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEbMBkGA1UEAxMSVlBO
LUdBLU5ILWd3LWNrdWJ1MRIwEAYDVQQpEwlWUE4gR0EtTkgxHTAbBgkqhkiG9w0B
CQEWDmFyZ3VzQG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
AgEA3RJLZn4alzVmYVq47nEh8G3YHJ6j2m/5QDtOE1L2sYYVUNV6FvIlQEsX9aDW
S0ufoShyTeN3XjKXL/U88C7s1FK37Fo1l+jnsAhkxCraGeMxGrC1qhdo6lgRvDhV
tQjJR8teGtIN7iYK5jLDEq+0J1U5DS1ORVmOZ4b6TIjW8Z97zeiVQc3bsu8Jqdct
Tb3WKa9G57ZXN8eP4huyrXA1qsOWfkkrTPJoieuFcbqBZ5ylEQvPvgcUek90J0G/
6JKe0z1DTCEi5KxMv+ueWvrT2qFzGybEVWwRNmHzjQUEJAOhNGXsCEZoj1HjKpVz
xMdtQ9f7/6BWUUwOR+qfFMO4to8MbOZWdTjGU2jMlgB/KUzbmqgOFUhDxkBtpDwp
2vMaRu5Cu5vbMXjrjnV8r2NBO/5TUawzsXkNWMytRMHux2UOgMY8Yfzvl/owCI51
6YISg8C1z1VlGXiHYWtCOIb/J8kgtHRO0TyeX1oflXqGIvAexmcOQu82YiBKkqwm
LOMbHOaJ5bj4FUT84zl87gfePXJyCs0dyTY+y18+eUunx6xvirDxt2aAtwwbrKSI
KU7AxqkRm7hn9W0jdKDSFBfMEp5RP3IQRgUT1Ww4IW2YBWphCk3UIWt/xnozHUVo
xPQ6sj9xPBul/GuOPmDngyP6fIRdlrXR48nkDXd6DzzpUx0CAwEAAaOCAW4wggFq
MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBD
ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU/RfN0H8Xjr2+04e2mjbz15uj0DswgdcGA1Ud
IwSBzzCBzIAUIhsBj9GmWfsTD+kHmHt1fFK3SR+hgaikgaUwgaIxCzAJBgNVBAYT
AkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMG
by5vcGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRIwEAYDVQQDEwlWUE4t
R0EtTkgxEjAQBgNVBCkTCVZQTiBHQS1OSDEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGWCCQCH6RAnlRegSTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
BAMCB4AwEwYDVR0RBAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAJQ8
Nc99G3xd7HbOjLFELWdO1CnoGWH9fK1OsFpbAtNKmPKU8Rf9uXfgaeydRsjjpP66
CnPfzCSAG12fR665becRzWqCiDexBYvegS8H3VlL9ExlB6BYnRVfj2EpU/urzi+T
EPnTcnaFuqRjt0WAM3MqbV7aKNy+kGJDMO9d50QEKBcgCK2iYL7VZyPAj30K13n+
+/wHydJAmPK4aXXZ4cchg9RBl9lpIIGIO8Oz6xfr5BfhgJjramPjGLHpJ4Y1pGrh
R7VI4Jzkkeze1MRCOKmQ+GaUePdou0w/9C/k0e7Pv31erVGXDAtcXHJ2qzxZO9u5
ZctJ+Ap4IhOs++GjI9xpsEnoDuOrQFOK0qREAZ0nFkkxQI0vbxGx33lzWdCkjS9Q
K4V/V7QvYd6R9ZKYdfg2zROWelTfIRRw3+Qfa/FFGdi7lzLLukCX2UfY814cMOJz
Zz2XqwoRxpc+YvfNaWJdUucxm1KOUzOw1LHzvi1pSzF+j73USlPZWIXA8PSkPcTM
UXYZNzHtv9eI+a3s+FIzrSrk/AGeJSSC8fYKw/n8h8Vp/TsfIYlk5DveJyVZSV4B
4a+sm9k/Jh3WlR0XCxutajGrUcxlfPkYdpj1mA1/c+I2eWkMQlpyXK39iVMn12Bs
qGFRp7CLxAigMKutOthbSiD5kZrZxt6poFdV0AuA
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJjjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI1yL8hnrdSkUCAggA
MBQGCCqGSIb3DQMHBAhZy5GBL/4zwQSCCUiDbKR0EKOVYrvrjTQHSQjDeGFwS2FM
cDmu+aDi2oNHKjxk1DHevNDbnxksCws6HNQvclJwJ1jdwVcq44QcaotGEfw7z2B6
wi24lYxML5t3uGpMrP/QVhtNXrxi7JgPG+9A9JHh1WCihwYDm8XQjytFTP/KvPAJ
E4vEGvVLJk0xRHsfhTYj6s5vX60Oe1SURv1mlQBQGyEZYCoMVQGFFUnc+Q/uRo/o
sTTJCkDUJgil/OzmkVVwHmrs1gqfHFp3ywlav7bqf38ixO19Vydz+LvqyuvtxYyh
QFb8ZJJgTa6RvpDrgoLFQ5Ry7rjgWhzSLonQE6qYGM2gvWcNLmOGqv6wVyV/inYy
S+fKB+clGRFM8SITr48eEQbLEa2NN5woidfplSmacQtflxiMPu9SAbgKWSzZ8PAU
XyTcEt7tL3RAnfhXdCMWsWNlcATDOvWXj27VcJmgVp+jt0GFpBacxpW//fB6Yqy8
C1ogguXgrQPRe5FVmVZOFgnbK5phn3qmWsNgDR/r669Ro1b4P34pSVTQb+VG9000
cjwb785IvMk6zwl3jdKacOauiltc6H42FWUbnLy7u0TYUvDSTa8YsbNBB1kQYvlo
kMlMJLx3o9SjYjZjPELAPHFGY03h04nWih5Ov0ygVNi2Es5+GQmj4HCl2tAMEgDX
p3FE33b1Gobv7hJv9ode+R7lDfvciqBUsFSE+1lIvoeqM74RUDrtDEDlGY0MTpmB
78oooQV8F5JjEkkxKZOsucIyvl5m6ZK5/N4gbHkjG0LKvyUVsAOtENxvgFPC6/zz
Qm/IbgjCDxYAFzmdTZL0nR6VMQH7VSUBo8rLhWbswbGIXG23YDDur4Y5Qe5nR4bp
h1f60fO3ziFcP/nmkJUdtNowT7GoueKEahs2OT6ub+aBZwE5nCVc37XucP2s/9eR
9Bojti1Zf5c91lUgnfey+9P61mYkEVIweHcC4nc39MYhlRzWZsmoFh5j8gwvEh0i
9hb+wNfeFNH2LDCoxwtbhfBudJe3e9eCMcDyO302LPtpc+e3mGwsdKZuaMZ07lTf
0YYOOBQMVOOHEQWF0JuKHLaoqPtikPsgCnoRteBG5sHG18PVqJGlb+vijzUaY7Er
AkdjafXA9m6YOo5H3mae89ax4xNfCUlu9buAIOjsM2ISKGmfRzWmCEA8MfsESaP3
w6gducanrAP1sGspy21EDrQ49ElxpPC6aG74ic2F2vhJfdtd6kQU/Azax9nvCJIY
xUaHVOHPPmDd0aS3EJma/Q9z+av1pGQB4hRZY/E50p8VtV8cOp2kSgUra+amYl5b
wk4SokCgIz/cW6S0wkI+jd+uvGU4rgxgNlCGdDEP4HYjdrEb1b5aB0N+Gki5LEYl
42qFQ6BOXxRQkydEGvPDCY0888Kivm6IvoEj8E+7C5/LVG28XcoQZWTI6QLMloQQ
ZYcOYgjnvvMRs9wMbZrUrSYFZtLfNttWrIm4Z1lMCUmahM6CSMx2gYCBXbhMeEKV
dc9FwL9wfcRmvtz2Hh/+EmW4tzSiwr0OxVXhdeSLmnzpAMPJBKhj2jxNs8mhj/CO
PFSxVBB4SZlyzsuViheq89ImeGAELOWpFmKDpbdgpY8ng+QEb4TJhFEWoK29XXfe
0ePEykrlYFn64ZDuLhWlYC4XgILkj8sJFCYGUv0D2mTSXAoVRmmiglhBvDyjOxHC
wgU10rNuYrMARoSUqGwxcznEzsoFYfaP4BXaifTgMOP8qDcXF2gn1c36QxLYIsLO
mu5xCK60ysNINePqJb5slxHlgC3hlDovukuvW/AZGuDHJQMnaiViJh9xGc3uXGf1
0X9dSvNsbzrjch/pX5HKJg9UBFh6q3tR7dRmT4K/9++iB9mzLA3xFRDBFRzdl3P8
ixWVhMMFRNM8b4uvKv/smeRzbbGTDXOG7qr+Jei3zJlEQAvqXiG9xTtp/i0IQm69
KpM7QCGgJ2/HukvywHrwidsVQT2SCkq/wzSlg8pnal6skBK/ncVZPW7dqufT9Csi
Zi5deietR8XeAs9mKJv+FyWL2+q/wMn4PBdHDqVDHaCgrBCSyMTJke26ytb4XQwD
WuVLLlHMwwR+BbFIcAyq5CShfuCboJUJ+FXbzTpOWduLWbZaR/EhqrZbv+9cmCj6
Awu3akR3QkdQJ6gHj1cUeGPtA1RiItVmQlkuMEokFY8oIolCEbzhGd3zfjo27InC
uzGfQbuVo4D9xFNbgEE3lRG8yARp5NXgwiEF8QIwoS95qjZ4h9IQoKs18ap7QYsO
GM1CLLvhuHFFenM61/KitgbY8WOrQilRkw1lAyIyzeLDc2i/aL1dmumbvKjVjQAU
0BwRHO6HTtUtQKv0aH/J/p37I9HUEAhbuXDpJCg8uQa1rhe9Ebkc4GCNDrDXwOaa
OQdguRGZGOJwlRx+5GnVqAdyGKrtqIZsBAYTSwB5Itb/xRVcPv+c4cFIQDFfcau2
DMn8ejXCSIAAlR9MykeuMpg2jRxMDknYNqy6rtasJdHUZrSE6wuTLMpmLSb2IUBO
BIQIbA8+0dOZ95M+5LH1wu+2D1JhGPYQ2iW/PfPMeaKZvtrKCvmWGHA+a07duor5
YorAhCKWEYkpClpRlnQMBoqnZugivE9dhhl5IR3CZDYkQRq4kfnosT1p8aAMwCou
PZb7pQk5R/hBT40U8U/PbHMLBy4wNCkSigBZTA6zPc3QrOw7gFQ0asioNCmq0L+3
UiDQ4zD12y7bXdqSvQfYTnmZew4De9sCW2A25mkYIyPmdc8T9lw+03feCCcvJeUH
xKa+OtKYsLt8pGkj6J6/1n9fOzDX+ExXtAtbsFhYrMlJaZuOg3aD3eB/MW+HbYn5
iCloFAbOcAAn+hi+ZHCqHUot/bYLzKVxHRT6fDcU4O7Ae/ysHsG9HztlRTSjz+Ha
2H+arhs1M4gs0KsqSPWkOuBbTuTL23jsIINXlqPYbWfepwOTyHw0q+OZLm19badR
3ZWJEvcRHFEek0Dfq0BjnhiCcGKMppAGdRcKC/1k3KvYRtV/4sSaHZdQvmAH6kyD
D5c9U71rOgzJw+cRhlB8yEi1f0r5G0ih3btgtTZfZ4NYk47so9hm5E7+/SXkaGWd
/74UNEWXt4YB/vGgwYG8VDXD3+FsjQA+HX20wzS4Is0z2TUf7vQblNiSypFEWEB7
3Os=
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
#
;ns-cert-type server
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
2465bfa0ca1b39fdae239633c579f730
7c1894c67cd8cd57107824be00af4ba6
77bb44be275b284684f1b0131cc6eb7a
8755ad6f5ffe282608733f6652c611f4
08f374e03ee93ce5d148a5c5b8d0a9ac
468136e0d5ef9718b9dee785fc514d7f
fe96e14977285b5a8c5cc27c0a864e68
44cdb07c51273b90c16f0fb2188228f3
808058fe88e5f51cbf5f802743ea8261
3fc042173bcedabe518ebd0295844f75
2dcb570c2bfd968513f4102b645113ef
7ce8d5086b47f4e10480c9e900c6e3ed
cff01982b7d910f795f014d4e7d44b1d
f5400b02c8d51383271c16f6b05a790e
a6e0f99603d6f4de67f34fe82f0dcf09
3b99102bae425ec22a98d1b074c27728
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

223
CKUBU/openvpn/client-confs/ga-st-gw/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,223 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ga-st-gw-surf2.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIJANXFq8sijdObMA0GCSqGSIb3DQEBCwUAMIG+MQswCQYD
VQQGEwJERTEPMA0GA1UECBMGSGVzc2VuMRQwEgYDVQQHEwtTdG9ja2hhdXNlbjEY
MBYGA1UEChMPR0EgQWx0ZW5zY2hsaXJmMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp
Y2VzMRIwEAYDVQQDEwlWUE4tR0EtY2ExDzANBgNVBCkTBlZQTiBHQTEuMCwGCSqG
SIb3DQEJARYfaXRAZ2VtZWluc2NoYWZ0LWFsdGVuc2NobGlyZi5kZTAeFw0xNTEw
MDkxNTQwMzBaFw00NTEwMDgxNTQwMzBaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UE
CBMGSGVzc2VuMRQwEgYDVQQHEwtTdG9ja2hhdXNlbjEYMBYGA1UEChMPR0EgQWx0
ZW5zY2hsaXJmMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRIwEAYDVQQDEwlW
UE4tR0EtY2ExDzANBgNVBCkTBlZQTiBHQTEuMCwGCSqGSIb3DQEJARYfaXRAZ2Vt
ZWluc2NoYWZ0LWFsdGVuc2NobGlyZi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKLTHSHgX6/Ibr3AlmJfQ3k3yTvaD031Ps3c+bsXgOQEPNO4x7er
8R47osA7FHNKI8ob7jnX/xJSJcsE2B1zsYpceW7IN/Mmmz0eZyIr7B0tu2dFixxC
t4Vi4dBTh8ZvEaTZ3YUzROBc/YnWFyq3NFZ0DLdJBX+lFXAYg7qVyD7RCB1Yrwxq
rJFYK28qeIi4WHfHQICZ1dBlf7qpnL76MjfzjjiTTs4MZwjYRT2RJaPOhnNzPaeF
c11kP8T+ER46TqYbmBuImpoOntca002opJxw9iXoYJRLYYfhs4XS654iApGbG0vc
2Kd7uH+QyWElW19EDmeDRJM6Bc0LUu1rKtkCAwEAAaOCAScwggEjMB0GA1UdDgQW
BBQ1n9sNhkD5ZQ7jRXnON5gNKFeVWTCB8wYDVR0jBIHrMIHogBQ1n9sNhkD5ZQ7j
RXnON5gNKFeVWaGBxKSBwTCBvjELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3Nl
bjEUMBIGA1UEBxMLU3RvY2toYXVzZW4xGDAWBgNVBAoTD0dBIEFsdGVuc2NobGly
ZjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAGA1UEAxMJVlBOLUdBLWNh
MQ8wDQYDVQQpEwZWUE4gR0ExLjAsBgkqhkiG9w0BCQEWH2l0QGdlbWVpbnNjaGFm
dC1hbHRlbnNjaGxpcmYuZGWCCQDVxavLIo3TmzAMBgNVHRMEBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQCXp1hi923vehUa/Gd9Ze9UobRo0kPCLxgQkPOotUPAX+Dp
BDJOIHzoijORN4LmtQV+UNbRGsGU+Mwbejx1b4NHrFtj6KaCbCdB3bumcSmfFbaJ
QM+qvMtQYXx1NnFnoV6PYD9ZjfsY0AaVi5FB/eHnP5xuGzmbq7gPgG5sz2RO5jcR
1jO26hbrOINfYplu/NNQqBfRJPwyPFjHcCD/wWE63fnue3A5Oj6jUcuNLbOAHJEy
Pu37BPHNzjnTUdOe9scXp3WMCJXOtdxoZkfHfGKXYhz//XwX6X/hJMzOZ2K+kUHC
NfKwQ6snmDzycXtx0EqsYjzGgxbOR0qJbK/pJhii
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkhlc3NlbjEUMBIGA1UEBxMLU3RvY2toYXVzZW4xGDAWBgNVBAoT
D0dBIEFsdGVuc2NobGlyZjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAG
A1UEAxMJVlBOLUdBLWNhMQ8wDQYDVQQpEwZWUE4gR0ExLjAsBgkqhkiG9w0BCQEW
H2l0QGdlbWVpbnNjaGFmdC1hbHRlbnNjaGxpcmYuZGUwHhcNMTUxMDA5MTYwNzUz
WhcNMzUxMDA5MTYwNzUzWjCBvTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3Nl
bjEUMBIGA1UEBxMLU3RvY2toYXVzZW4xGDAWBgNVBAoTD0dBIEFsdGVuc2NobGly
ZjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczERMA8GA1UEAxMIZ3ctY2t1YnUx
DzANBgNVBCkTBlZQTiBHQTEuMCwGCSqGSIb3DQEJARYfaXRAZ2VtZWluc2NoYWZ0
LWFsdGVuc2NobGlyZi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK7355Rx645LFvVBtQAzVNqcEVSj4xQP9B3jMiCUSP1G2LJ2EjsjPKLy5IGa5YWr
w904xeDK7q8REvGPeDp4pT+56k6O2j7md9XOy1Y6yr+X1qVlSRXO4Hta+cKWinAY
vjtPIL3FubVGB/FUrXZWR/GD7nyKnelCI6Gntvt2wwWt3aj+yPoV9J86MN1NwFAz
Cxn2UcufcFPHfIDFaXpMuwbsRuRudxh3fBRYRkmarB+mRl/3HHEzpCX0gpKWVv2v
a8RaDu/T5mg2yOiMHHUS+D40LmTdo7yzfizoVlVbGrNG5AbXs/gZRKMOLZIPyGR2
r+eD+2KhOpFW+kdjwsPFe0ECAwEAAaOCAYowggGGMAkGA1UdEwQCMAAwLQYJYIZI
AYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4E
FgQUdxceVU2ZsbHErH1NiTl5R5Oj99kwgfMGA1UdIwSB6zCB6IAUNZ/bDYZA+WUO
40V5zjeYDShXlVmhgcSkgcEwgb4xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIZXNz
ZW4xFDASBgNVBAcTC1N0b2NraGF1c2VuMRgwFgYDVQQKEw9HQSBBbHRlbnNjaGxp
cmYxGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQBgNVBAMTCVZQTi1HQS1j
YTEPMA0GA1UEKRMGVlBOIEdBMS4wLAYJKoZIhvcNAQkBFh9pdEBnZW1laW5zY2hh
ZnQtYWx0ZW5zY2hsaXJmLmRlggkA1cWryyKN05swEwYDVR0lBAwwCgYIKwYBBQUH
AwIwCwYDVR0PBAQDAgeAMBMGA1UdEQQMMAqCCGd3LWNrdWJ1MA0GCSqGSIb3DQEB
CwUAA4IBAQBBTSwtPN85g+0QPT8XvxYQFv9PedtEFdKf4R5JWisSI0hyvW9Sf3Vc
4bc2GYIIG2DFSJip2lUgyvC3yOqKtT6vF32M4NS+GglDOycXWbpZNB9vtjrDvpo/
Xhv8dSuwE9BIsoJF+peEbP6lINGi6W/p61NHWmO1ClvtZyRxb4YnqOmIEr9s3XP7
Mm6nttX7690jwZoae/xwGOy17eUz/cGLBq2t7t7m1rhU4ErvGgJOP9PKHkgFrYjm
jHeBXLbHsff+Tq10bhyiDb0hsAoZi1bViGpRtfaQ+eC0rXnDy/C+/nm+SzlEKeiC
2XmTO8dbNgoOqETj7d/iDd4copvdzZYw
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI5AUTsVDif7oCAggA
MBQGCCqGSIb3DQMHBAg12+MbxEoyygSCBMgCrl75V6WYOCdXaXmPDePYFZnY1rms
O7VBq16osPoJCUbnowfDlWyj73kM0kypBQPK1l9ZtXiC50BgbjPS16CeeAZNvFyr
/1glAmHv4wKArmzF8GL98vEDsKbnBV9nFnPe1YV+Rq4QqeSiOmnWJOqoFbpYDJiO
f2Io1g9DgoYYjMhvvjMk/mG4Oa6aOueMDYBFQ17NCNwXDj65HI685SiMEYzksQEW
GcerSML5Q9PDwbaiH+xs1AVp3MEa65PDj3KW7jcB8LenSAzodXo6dhzJelSgv2Bo
Q769n14ZetOK0Mv/o4blxQAPsbfknKylg/tvGIkFt38mH3PBJeXCNElyWHZJD6BR
xZah53ajLQa6XXhV2LOj+qKjgvIH4lwb10nr+eL3VdXKPXdMrGQUHHx59Z5zGnwK
qoRvKOtx/Lk56c+ycjCo0MJW4QddxB8rBmMEduUcI+jIk0ffF26F/uWh/gZO59hj
Tu6cGAgZY5hxkofm+b4FdyC8dNgQUspPqs9iIqkMSjttzuihme2qdQg5cgl0F2Zp
u7FTp/E8CsRX+MpVm/i+/0oXi9hspvEwfZcg1hpk3LdF2w3Ym+Wj/jlBiUbTC17K
YSLQQk2WEWLbvhGLA/3Hp2auYm0h4PxyG9lp1RTkK6WJSz+Vjc/Y8V01Ml5l7pT5
22eTksbqTeNcasCZkm7dEfAiuA222qS6OUZLzUkX9cBb6EXG/XIQ0qzY6c0UR/38
qfU0aP1Z08mIwMhGfyn/QmYTcxMw2rov6eHt2tsemDFXNf3qj2dUvJn91nu4b0OQ
3ddYB6mazfwCOqXeAzxv+POxuJvjUIx3MmIyQtQTvlNa0nzg89DNlAtBrRKDJVvS
mRLEBT/mFTz6KPpdfVp+qdx+akAQ7YCpmRfBs1Am685b9azOs8+VQOl8rp4PpkU3
T2rSCRpc7O6hW+YZYBwEMgJn0Qs5YXyiE8Js+k9QB5d20hGIJQAQ6hAyLLamHcj4
K6KaBhycvsXvB27drkkofQOVEIV751McsgwC+cxS2DRaJf4udr20Pg/2Trc539kp
anj/hT2auv3/rGGTfY9RLblp00eCjKazltsg3/DbQ5S34hSxnipfa7o6PACxqgAk
qgZ0G5K/smgql5nppPpE8udS0utfDKgi7lCwlviIfKY/UjsQwRr3wh1L2NrjG1nY
f7df0/WfVAc9+LA7QBVtKp68oh2wTCGQXdhgjwJgDMJp7xA/I1kd6tsjkXPjPNct
tg1MZYL/jDjAEzC96ikhLCjbybLVmL3NJKC8Y5+kpxrIs7W4T+ZwTXwfgBUN58Kw
ZHK7JSQzlBKmLlRbpYcjT+Ra5Mf78xA0ZsJ5D7yVoKYmMRfGfDAXQ4s3ri/EyC5h
t4FeFvUdrr4fTu3FlxCAOhxV6rFG/pkjIe/o0JHEZpTvxnd9algrNCTu4D6EFJTW
tQNfQY0mctQhtuMoqG51dB1jVRnZ+f+b7bzBnsesSzJNXKcrq8N0mgcZx0nNDn65
Db32YOv28+JaID53Bq811tHtsybiuTCx+77oubUaH1it5xIMe7NzL9/gQAPkfn5r
LnaDPGgPFEy6UaErrCOo10CkLq61VoCj8DgQz5fQ41OQrd0WbKYR5yqh/nTXpFus
z3U=
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
#
# Note!
# This option has been deprecated since version 2.4 and
# will be removed from later distributions.
#
#ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
2e6c91c0db488d5f018432f60605fbba
5ec1afd4522ddd28d917ade2c7515daf
9a7a3104b523c929f10a2ccdd2197b83
949e5644669ab0f82b62e08aa887252a
cc20618f9f8c1b0eeded6ea92a392e79
e477a890e2800cf0cf340ac6139cf7a6
0cfc5c713a39e8b2c44347006bb90583
8fe0bccf4feea50e7880ee7c7c510114
e9613960f8af9096fc46d75886b1bdbd
773b77d9044db17109a5615614797b98
bdacaae155966bad69819d08f1c8cafa
1cf102981e2188d155d26043b59538b9
15c1d67430d6b67c9c313123fb7cb427
29cc6972e63470c74c6bf2342fb57ba3
50d3254df49d2158f4faf5bc38fa9d69
1014d126eac903e30f6c97df69a3b665
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 4
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

23
CKUBU/openvpn/client-confs/jonas/ca.crt Normal file
View File

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID3TCCA0agAwIBAgIJAN8aOZJGFGPvMA0GCSqGSIb3DQEBBQUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEaMBgGA1UECxMRTmV0endlcmsgU2VydmljZXMxFTATBgNVBAMT
DFZQTi1Kb25hcy1DQTESMBAGA1UEKRMJVlBOLUpvbmFzMR0wGwYJKoZIhvcNAQkB
Fg5hcmd1c0Bvb3Blbi5kZTAeFw0xMzEyMzAxMTM1NDVaFw0zMzEyMjUxMTM1NDVa
MIGmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJs
aW4xDzANBgNVBAoTBm8ub3BlbjEaMBgGA1UECxMRTmV0endlcmsgU2VydmljZXMx
FTATBgNVBAMTDFZQTi1Kb25hcy1DQTESMBAGA1UEKRMJVlBOLUpvbmFzMR0wGwYJ
KoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
gYkCgYEAout6qX8xnAqKRuPPLrYXFkRi8jQ8kfzP/IcD/kLvwDK+wN4Uvfb+88Lv
pJ5dTdBWPkvBLt4wEq6gjs/Nqr0lX5V2I6HfnSN2rLvtrtIsfrjmBo0SNpvuxj8Q
FW5cl+M7d9b8RATFg5I4Senr+pZzIZc82OliVWNSv3j/mXK4NIUCAwEAAaOCAQ8w
ggELMB0GA1UdDgQWBBQCAq4BgqamRfpKEE0YafCQh/QdGzCB2wYDVR0jBIHTMIHQ
gBQCAq4BgqamRfpKEE0YafCQh/QdG6GBrKSBqTCBpjELMAkGA1UEBhMCREUxDzAN
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
GjAYBgNVBAsTEU5ldHp3ZXJrIFNlcnZpY2VzMRUwEwYDVQQDEwxWUE4tSm9uYXMt
Q0ExEjAQBgNVBCkTCVZQTi1Kb25hczEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29w
ZW4uZGWCCQDfGjmSRhRj7zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GB
AAvXrWdgzgaLfSSgQQP0g1UlSkKwQr4KpYQuL6Hy/RJbpkhgBiAUm502G2Z4Syiv
p+W6jvEctOUPoXnc6qPgBA7He6tBdVuH7/xshFdO2ik7LBjTWPMfNr6L49FXRJ2r
h414q4N9S1EMZwl1TMqyXTHmHOtLoCdBub1McFu0tfni
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/jonas/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote jonas.homelinux.org 1195
topology subnet
#push "route 192.168.72.0 255.255.255.0"
#route 192.168.72.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/jonas/ca.crt
cert /etc/openvpn/client-confs/jonas/gw-ckubu.crt
key /etc/openvpn/client-confs/jonas/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/jonas/ta.key 1
status /var/log/openvpn/status-jonas.log
log /var/log/openvpn/jonas.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

74
CKUBU/openvpn/client-confs/jonas/gw-ckubu.crt Normal file
View File

@ -0,0 +1,74 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Netzwerk Services, CN=VPN-Jonas-CA/name=VPN-Jonas/emailAddress=argus@oopen.de
Validity
Not Before: Feb 22 13:49:03 2015 GMT
Not After : Feb 17 13:49:03 2035 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=Netzwerk Services, CN=VPN-Jonas-gw-ckubu/name=VPN-Jonas/emailAddress=argus@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:db:71:8d:eb:12:6a:d0:a9:a7:6f:66:80:3f:44:
cd:48:95:9a:29:c3:15:d6:2e:66:ea:36:c2:44:85:
bf:03:df:cd:c6:29:54:7c:99:a2:2e:26:7f:70:e9:
5f:d8:dc:06:cb:79:4d:9f:6c:fc:e2:e3:50:c1:9e:
77:88:77:5b:65:89:b1:e9:6c:e7:c9:bc:7c:a9:b6:
1e:2a:e5:81:32:6c:a1:98:44:74:cd:a7:7f:7b:f2:
0c:87:25:f9:ed:2e:30:9d:6a:5d:25:48:84:82:cb:
38:9d:85:ca:8e:38:de:8c:25:8f:f9:f3:50:fc:3d:
57:8c:b8:c9:73:2f:83:c6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
5A:D4:32:1B:A5:71:82:40:00:1D:40:F3:18:29:94:F0:4D:14:78:CD
X509v3 Authority Key Identifier:
keyid:02:02:AE:01:82:A6:A6:45:FA:4A:10:4D:18:69:F0:90:87:F4:1D:1B
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=Netzwerk Services/CN=VPN-Jonas-CA/name=VPN-Jonas/emailAddress=argus@oopen.de
serial:DF:1A:39:92:46:14:63:EF
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
6b:5a:01:5f:9b:69:de:64:1a:ec:4b:42:f4:c0:19:41:33:57:
36:95:50:4b:6c:32:cf:32:fd:8d:3d:1e:dd:1a:c0:ca:e9:6c:
57:23:51:0a:be:a5:5e:8c:87:3a:53:91:e8:f3:e5:5b:95:da:
e9:41:25:26:5d:0d:3a:9f:07:14:be:9f:a9:d9:4e:e8:53:82:
c4:39:75:63:16:22:68:6f:29:3d:4a:71:ed:bd:53:dc:84:86:
57:a5:93:75:f0:6e:f5:fa:31:96:e9:79:9e:4b:9c:3e:2e:91:
46:3a:b2:17:b6:bd:04:03:ab:27:cd:af:0f:66:ab:3e:1b:32:
db:80
-----BEGIN CERTIFICATE-----
MIIEKTCCA5KgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGjAYBgNVBAsTEU5ldHp3ZXJrIFNlcnZpY2VzMRUwEwYDVQQDEwxWUE4tSm9u
YXMtQ0ExEjAQBgNVBCkTCVZQTi1Kb25hczEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGUwHhcNMTUwMjIyMTM0OTAzWhcNMzUwMjE3MTM0OTAzWjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZvLm9wZW4xGjAYBgNVBAsTEU5ldHp3ZXJrIFNlcnZpY2VzMRswGQYDVQQD
ExJWUE4tSm9uYXMtZ3ctY2t1YnUxEjAQBgNVBCkTCVZQTi1Kb25hczEdMBsGCSqG
SIb3DQEJARYOYXJndXNAb29wZW4uZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
AoGBANtxjesSatCpp29mgD9EzUiVminDFdYuZuo2wkSFvwPfzcYpVHyZoi4mf3Dp
X9jcBst5TZ9s/OLjUMGed4h3W2WJsels58m8fKm2HirlgTJsoZhEdM2nf3vyDIcl
+e0uMJ1qXSVIhILLOJ2Fyo443owlj/nzUPw9V4y4yXMvg8ZBAgMBAAGjggFdMIIB
WTAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQg
Q2VydGlmaWNhdGUwHQYDVR0OBBYEFFrUMhulcYJAAB1A8xgplPBNFHjNMIHbBgNV
HSMEgdMwgdCAFAICrgGCpqZF+koQTRhp8JCH9B0boYGspIGpMIGmMQswCQYDVQQG
EwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoT
Bm8ub3BlbjEaMBgGA1UECxMRTmV0endlcmsgU2VydmljZXMxFTATBgNVBAMTDFZQ
Ti1Kb25hcy1DQTESMBAGA1UEKRMJVlBOLUpvbmFzMR0wGwYJKoZIhvcNAQkBFg5h
cmd1c0Bvb3Blbi5kZYIJAN8aOZJGFGPvMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsG
A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQBrWgFfm2neZBrsS0L0wBlBM1c2
lVBLbDLPMv2NPR7dGsDK6WxXI1EKvqVejIc6U5Ho8+VbldrpQSUmXQ06nwcUvp+p
2U7oU4LEOXVjFiJobyk9SnHtvVPchIZXpZN18G71+jGW6XmeS5w+LpFGOrIXtr0E
A6snza8PZqs+GzLbgA==
-----END CERTIFICATE-----

17
CKUBU/openvpn/client-confs/jonas/gw-ckubu.key Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQICD/000w6/2YCAggA
MBQGCCqGSIb3DQMHBAj0c3QKF6N/gwSCAoAHSua9v8RQvKZJV7LAvoRIwhtVbgLH
Yt5QOREISVUTu+wJHL5d9CQGOS5OAdDkxVQrdDmqJMUzyEQZZysYpaVFCHKgqaGz
UxURznrGug5xLSmt+30IooAcvELwyPRq5cwwD3//NQAonN3mAZQe5fkcHCFHjAZL
qo30yLD19xoGPaBU9mR7uRMILoRD1NbDF4a+juPfc0JxJdCYUHOBV5aR4Bf495Fd
z5Pa9zVRIlsLwPqYEUv2SpwmlifrIGAVT4sDMy4fM/z8DwuSIiSH6ay9FEvxPyVy
Em5WhLJ8yj+ZYC9PSWlzhTqKYLCAMCoOx8Nr+1P3p7vlNrxtJuHWX0bcBNP7BSk1
Emeu9Nwo9miTIPdqN2t7nSoDf4vt8vY/RGyLD9Q9M7TPNCB9NqqIE/M44PuUP/oC
1JnLJkfrZl06SSk1TC9cBacmziXjqgYZGyCDPgwkjeDB18ZY2/U/woUZcHuz8v6X
UGuLL4hyi08V1EGIdmtIse28b0cU8eXyFPG2C5gMANzMPfqpcxMFA9gz8r8qkD8F
sqjKvPgVQXTowO0HtB2c89/rkoF0E3T1GEdPxo7xX0gfK/WwwkQyX2hVwotu0pPD
JFEXAGTE34/Pg09Qg8jaOaewMmqoM7UVxHz57SmxHyH1y/B5+5VVoRER2RHym23l
hj7q60UGDIRE3ckIt5JEB4Pl0u6im+7SYXMWgqkq0zoUTBcK6WXFAiJZ8rxqJLka
Qx4Y3HnYDPd2Cqd80XPjQ4FMM2TQROv3+7t8b2mVaoE/mUAIcY228DLag036HcK2
SOWWLrA7cMcbkiDjCaovZoALKKyDnyBQD9AioxSbbYEdcWIjyJDYB2Kw
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/jonas/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
3e1e6a6db0e098d43da080f87c6bcf9c
6259d4439e5caa74289b3bcb0931e07e
b3170b66ffd4b242a7aa58ac2ce19cca
09652d59ff49a3e2b4ce570078186820
66434fe8cee219da9cdd10e99091de98
b2179eecf24200e5fab0c47fd268aa84
711ebb8ca7cf154ce331067c8822eb56
b8cf0cf1d20439deab1c83369a52f670
56633c2c49865d8c20c77975834a57cb
faa66bf71e704c6a80863ca7e626308b
9e460dae6cb6ab87ce3a088c257120cb
48f04f3103e7c5bff04c26efc57fa300
fa2c43faa67bf1da9569541110a6860d
329b06934e0f157fad54dfc64ab5568c
0b116ca80f9edd7fce35103facf0e6ff
b34c00b297ffe4e3a63808c2172f84e8
-----END OpenVPN Static key V1-----

29
CKUBU/openvpn/client-confs/kanzlei-kiel/ca.crt Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
-----END CERTIFICATE-----

138
CKUBU/openvpn/client-confs/kanzlei-kiel/client.conf Normal file
View File

@ -0,0 +1,138 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote anw-kiel.homelinux.org 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/kanzlei-kiel/ca.crt
cert /etc/openvpn/client-confs/kanzlei-kiel/gw-ckubu.crt
key /etc/openvpn/client-confs/kanzlei-kiel/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/kanzlei-kiel/ta.key 1
status /var/log/openvpn/status-kanzlei-kiel.log
log /var/log/openvpn/kanzlei-kiel.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

99
CKUBU/openvpn/client-confs/kanzlei-kiel/gw-ckubu.crt Normal file
View File

@ -0,0 +1,99 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de
Validity
Not Before: Jun 27 23:24:59 2017 GMT
Not After : Jun 27 23:24:59 2037 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-Kanzlei-Kiel-gw-ckubu/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cb:3a:12:41:57:f6:08:8a:9d:c8:f2:7d:de:eb:
9a:0a:05:44:82:28:16:30:bf:be:20:50:93:61:6f:
a4:ed:ae:61:dc:2a:4b:61:03:a8:c5:c1:86:c2:88:
34:66:c7:49:3d:61:59:e9:d0:88:d3:ad:af:8d:92:
c8:5a:ad:a6:4d:0b:38:41:b1:85:61:34:8e:94:56:
55:d4:05:85:02:5e:6d:cc:3d:81:26:1d:93:04:0a:
38:d5:c0:93:22:00:93:bd:dc:1f:9b:af:1f:78:1c:
f1:2c:b0:11:7e:4e:cf:62:8b:ce:7e:e2:bc:b3:8e:
af:a9:c6:cc:f3:40:a2:30:d6:a0:4d:9e:3f:54:5e:
74:35:67:3b:c5:78:ef:f5:9e:b1:39:fc:ad:71:13:
e9:84:cf:11:55:78:59:49:26:e9:1e:35:62:66:8b:
d2:f8:d7:19:94:31:5f:28:6a:69:25:a1:f7:c7:23:
82:d3:48:e9:58:2d:b9:a7:8d:41:6e:dd:3b:cd:27:
16:bd:6c:4d:7b:35:62:fd:b7:5a:90:ce:bb:6d:31:
c7:53:b0:df:aa:08:eb:69:d5:11:c6:66:58:8d:02:
61:79:bb:a0:fd:fd:8d:5f:67:26:8b:a2:d6:09:e5:
78:e2:f0:7a:2f:f4:98:ec:98:7a:a8:5f:f3:64:c1:
82:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
19:56:3C:B0:C3:18:52:DE:13:D0:D0:A6:B9:FB:E2:71:73:EC:63:2B
X509v3 Authority Key Identifier:
keyid:4E:82:1E:14:81:EB:9B:C8:71:2C:B1:22:68:90:BF:EE:D9:D4:FF:D4
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-Kanzlei-Kiel/name=VPN Kanzlei Kiel/emailAddress=ckubu-adm@oopen.de
serial:FE:59:AD:5E:BE:90:05:3E
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:gw-ckubu
Signature Algorithm: sha256WithRSAEncryption
bb:0b:05:a8:4c:67:80:ce:29:fd:b2:8f:9a:e9:3b:e4:40:9d:
9d:96:27:46:0b:4e:cb:0e:48:9f:4e:78:b4:fe:5c:93:f2:54:
c6:55:c2:18:7a:b0:c9:6f:f5:8b:a5:e6:87:0a:0d:75:23:6f:
cd:a2:32:d6:89:39:ad:46:3c:27:e2:cd:5d:8a:6f:7b:6a:43:
65:60:9d:9c:22:a8:34:52:a7:29:f4:c4:ba:65:18:86:70:6d:
82:09:d5:b1:4b:7d:f4:1d:5d:9f:a3:89:36:6b:62:7b:01:ea:
41:76:4e:22:b2:8e:b9:b7:70:e1:9e:76:d8:f9:f7:0f:67:1f:
fc:cb:71:4a:af:aa:60:91:15:f4:df:52:2b:c6:1e:3e:63:87:
cd:86:1f:52:fb:73:9f:20:d3:77:20:41:c2:fc:b7:34:93:6e:
8f:6f:55:3f:9f:e9:17:1d:23:63:84:d1:55:94:bf:b8:9d:46:
f4:d9:bf:1c:09:99:b4:dc:d0:b1:65:d0:3b:d6:94:8a:fd:78:
c4:b3:d9:52:24:6d:88:56:f9:ff:bb:d9:c3:c8:0c:3d:b6:60:
ae:5d:2c:3a:79:2d:fc:3c:46:05:a1:9d:e7:ba:07:f7:f2:48:
88:1b:21:36:49:72:9a:e2:a9:6f:ca:84:89:f6:83:ea:0d:b1:
d1:95:1f:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xNzA2MjcyMzI0NTlaFw0zNzA2Mjcy
MzI0NTlaMIG9MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
aWNlczEiMCAGA1UEAxMZVlBOLUthbnpsZWktS2llbC1ndy1ja3VidTEZMBcGA1UE
KRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9v
cGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzoSQVf2CIqd
yPJ93uuaCgVEgigWML++IFCTYW+k7a5h3CpLYQOoxcGGwog0ZsdJPWFZ6dCI062v
jZLIWq2mTQs4QbGFYTSOlFZV1AWFAl5tzD2BJh2TBAo41cCTIgCTvdwfm68feBzx
LLARfk7PYovOfuK8s46vqcbM80CiMNagTZ4/VF50NWc7xXjv9Z6xOfytcRPphM8R
VXhZSSbpHjViZovS+NcZlDFfKGppJaH3xyOC00jpWC25p41Bbt07zScWvWxNezVi
/bdakM67bTHHU7DfqgjradURxmZYjQJhebug/f2NX2cmi6LWCeV44vB6L/SY7Jh6
qF/zZMGCZQIDAQABo4IBgDCCAXwwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe
RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQZVjywwxhS
3hPQ0Ka5++Jxc+xjKzCB6QYDVR0jBIHhMIHegBROgh4UgeubyHEssSJokL/u2dT/
1KGBuqSBtzCBtDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UE
BxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2Vy
dmljZXMxGTAXBgNVBAMTEFZQTi1LYW56bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBL
YW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJ
AP5ZrV6+kAU+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNV
HREEDDAKgghndy1ja3VidTANBgkqhkiG9w0BAQsFAAOCAQEAuwsFqExngM4p/bKP
muk75ECdnZYnRgtOyw5In054tP5ck/JUxlXCGHqwyW/1i6XmhwoNdSNvzaIy1ok5
rUY8J+LNXYpve2pDZWCdnCKoNFKnKfTEumUYhnBtggnVsUt99B1dn6OJNmtiewHq
QXZOIrKOubdw4Z522Pn3D2cf/MtxSq+qYJEV9N9SK8YePmOHzYYfUvtznyDTdyBB
wvy3NJNuj29VP5/pFx0jY4TRVZS/uJ1G9Nm/HAmZtNzQsWXQO9aUiv14xLPZUiRt
iFb5/7vZw8gMPbZgrl0sOnkt/DxGBaGd57oH9/JIiBshNklymuKpb8qEifaD6g2x
0ZUfFg==
-----END CERTIFICATE-----

30
CKUBU/openvpn/client-confs/kanzlei-kiel/gw-ckubu.key Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIgzdhh+GFVpkCAggA
MBQGCCqGSIb3DQMHBAhQnYHUELQpXASCBMicbtCdvVEgK+pV8reDVVuacqqeIwQV
OIa/MCryNPukqS0P10WT6SLzIN2c/A3jVAmHbm+E5Zvk6bX5LmmAIClEulVnZsbV
qeXz/jlbKBZAj4hYVmvUfKMQUj99Hnn6JdGfEgvYauQIzhwujHvAyV7kfXufEQxj
kUrE5U97HPfbVj4f2kUNNcLU3gSX91ILoO5lGDUcTpceYQXO00EI0ftsdHp+qKgc
7kJ/ntt779n72r99BaFMXZ5V/DSuQeNvKE98+PIRQF1ffDW/aJZq1B1MUJC83esO
VC2Fxg3ZNRNTcyQXC2MzQ7ZLkQWdPOsElcZ1NDqrEXUQtbrVfNCjuFvPPNeorld0
3uLFOytLv0OTc/AMDmEFGMap8XmWBK4g63Rhi3WIwxECYp6+s7uFu5VC54poD0Fm
aerMKnVadW9FbH69Oe5+hfhRlJ6N/H5Wp5XMCl2ttzSFcZhiiufuTjaxUgAF2vLP
xKtrQAIQkOZJabeGrJR8zzIN/FsziWh8xHbnl3aO6gXS5SDpIypBADEvc2aibEAC
DhJkCasUTzETpZVdRfBD2CHXk0krg2HHo3HUyw8nb4aZg9EbbMiLK113hWDCr2z3
evhJzaTdZUvJlgNGTcLOd1ZgLpwXIil4r54LsT4A1skZ7CNgO1zVzxo/sBZ9V5J/
PMdhTmPeqFXwHp6cA0+Cr4r0oqEBbJ0OjjwtXA8RvbTDBkKi3Bq0YgudSoJ6mgt/
SwlsiL+FFQWnhhgWMfXXS7qEzTgHgkBM7AgupJYo2VqU/pcLOxSvbLs35MMj2cij
Bj12/78AqHDGEwlAhyD31ndTC4Lbpy/VcBcDi7RByXPgHH2R79qXuS1WQJD5Y2CT
UvkCFLCz+zlxyMFzRhJ+rTXPiCQTwtrnMRYmZTR+YyPa/nJcXJ5OH7aq6ypuP50C
IeeBci5fEuiBqEH1QPmUx/ByMXVhybxUnuN0V0u4TtJJOzQrXKDz3tulklVBFFp2
MFTU+20jAMxVmVHz03fCORZSjKShubS8AJR823lXXlW0CtcwErRqjyJyxk4svnJ9
bRENRA+5G329kCxGm04AO4po+NCf1w08wRTJsTE9GRzDKu3i27J5jf8SxfzbCX+5
isjOyhEgnTkM3fMWRk9t4ZSsKIg+BqwtwYQJq1AI6Now3FhxfGt+0jfO43jBOa8u
5LnTO9uZzJL1Go0LjsFS2kL6MGQ6wYtsG0Rl2KpUtuzZgph7BHbxUMYY1UUES8tp
S1fC9u3NIb/E4179WHzle5wBbUEZtHXxbfWzIi9fwQSKgJ3LPsjaVEjPknpzy9Sv
sfZKsef78D9XynCAyqP4GU1nvpLaZ8+SGPiuvXc1kjHgrUm06stmvXG4Tsxiv0Ag
aORlceD+G4tUms67AkeBWTZ+wTKukN6dfgbZqQxSC6ut0JkkDdoMOdSAl2E88XXj
/vJHw4YdaKsCuxcL7nVIX4fiL8E8Vr/haqmaj9xBvkXorqtpPHWiyn4+aW1ZVONe
1+kioFYClC3faJTQA1oFPfUcq38HNtLtHHh4e/JtjnYH2WE4C3vZCkEnZ60KwVh2
7S/Sc7lu5UEyCkiKudCfX59vWRpxrzBcLy6rlncqtpWtipQjBLU24mihofJvKRBO
qAg=
-----END ENCRYPTED PRIVATE KEY-----

3
CKUBU/openvpn/client-confs/kanzlei-kiel/passwd.txt Normal file
View File

@ -0,0 +1,3 @@
key...............: gw-ckubu.key
common name.......: VPN-Kanzlei-Kiel-gw-ckubu
password..........: uoziengeeyiephu5voh7eothu1Aex8ar

21
CKUBU/openvpn/client-confs/kanzlei-kiel/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
36188fa3977457d267ecae99373870f5
ef6e44a8899d4f5ccc831e9d2dbc31ac
e171c7e8e49e0d2edd43c3834a2d0099
236aa4924c80971b0a34310eb69b70e2
fbe85a7395cc10bea13ad09efa46d738
f594c332d26c068b289ba96bbb1f661d
efb873b76137057a62b4e27b522cfce6
aef7ea67ec2540b00b4782780352addf
2f7722d1edd40a8f3de3b0295e2da07e
b46d196a4cbfd85e47739dc320af6584
eb960e2c5ba27bf2f56381f8eb3ceaf7
cc72d829ab05aaca6fbb205b78606ff8
cc58bc336adb644adfb0034f9974b7d9
f2b1308249cd74ecb555a550af6af1ad
b15a3f03ecef5f89fa70d2fada97a1b8
6179b0d487a6e3196209d053597a7416
-----END OpenVPN Static key V1-----

258
CKUBU/openvpn/client-confs/mbr/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,258 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-mbr.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG1jCCBL6gAwIBAgIJANEahjl9dpJcMA0GCSqGSIb3DQEBCwUAMIGiMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMH
VlBOLU1CUjEQMA4GA1UEKRMHVlBOIE1CUjEhMB8GCSqGSIb3DQEJARYSY2t1YnUt
YWRtQG9vcGVuLmRlMB4XDTE3MTIxODIwMzc1MVoXDTQ5MTIxODIwMzc1MVowgaIx
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRAwDgYD
VQQDEwdWUE4tTUJSMRAwDgYDVQQpEwdWUE4gTUJSMSEwHwYJKoZIhvcNAQkBFhJj
a3VidS1hZG1Ab29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQCxgVOFpm61twgXerJYeVjTi7Kv4R/aOxh9UCXqjJN6cfR2Dhj5CX07fIf7Ed0S
8s+xBrwl3PZXACiz3CkTP7Zygw4TtYyUuTvvjzfcJfE+hv7SeYxOU/YYVlznGbqC
o8R9uNJYKeKEJnX2oo9RnR3Q10d03twKFlm50Rv8L4Oi502Qo5gaeLMP2D81rz4o
UcEVWU1PtnblkV7ARQOR0QF77ea3UwM5pnBxD0UnsaH4tJc7MwDSUxaDaiUZ9ecE
sJ0+ZaTrsgB//kbF3iB0cjBs1/Qfz8vgQMVpOax6lckZZ4WKwdo3iOckglvjh6NU
SED6H8ru2p6bmfyqjMMzpj4AQw+BYFQhDuXQpx9d5vyxS+fjW1qDVGG84Ahaj6pf
XdznK5BXygnyItcD5Q4ZHQdz1GqCL1LdcNXiurWbSvUYLlIpotMxePEmncv006hx
YvbLzjvsAGfsbs2gnx9IxCi+sPiFacWvpYolVdd8l67kDAihG8iokTR3wpHM6Xe6
vD49xDnd86rRSn30dDgxsWSI8lyh15akAhzS2dUk/8aX7lIcpFNTPBJHppXalrsx
4wuXAR/78v2eiLpdORBerzIYjgyzcpsZZZe85BrkhKi3mgu1tJZMH1yhRKvgUhnu
K1HF8AgBi63YTvari6R1HiTtKXZqaxlJ4d3/OwIjvcxa5QIDAQABo4IBCzCCAQcw
HQYDVR0OBBYEFGHocrkyEFyjv6enWR014LS1UYD7MIHXBgNVHSMEgc8wgcyAFGHo
crkyEFyjv6enWR014LS1UYD7oYGopIGlMIGiMQswCQYDVQQGEwJERTEPMA0GA1UE
CBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcG
A1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLU1CUjEQMA4GA1UE
KRMHVlBOIE1CUjEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlggkA
0RqGOX12klwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAdTsZUi6m
BS0MqhTwPmCF2bjFOwFs+oHpEIRKwBQXSFJfOysFl6RPgn9PlmsGmNmn/2gH7GTN
YMjPjnlArRZTVhcULG7IsabXCAgWIXcxwYciCmtFAse15kda/EUohP2yG4EIJURK
cUCK/fer3Blh63t+K0/Dq9eWJ4bVrfLoYp+Fl+ciomQhQXz9pZrgGSvDZLGg0upi
zGPsrEJHT+zPcJfQunZHXGF36eq5uWMuB83WYhvE8rNwz4OIDhLlongt2Lf/gWP7
rpVlDzNarOc2tl800C3/UePtAhEr4Nr3UYcbV7Nb063o0nGklxIr3FE5jMkzOj3p
q8Lyd+wHqPG18ysXaSbyCAjXSOQ4OjIOz1tPC3QabycNkrV4QGN6KlJypfJ16P7t
2ui2HB1bfX9wbwXOHxjDlx7mssaaygI3+RVB5yjJGJs286AO+YInWul6T3kPAZNn
EXhjZz8fOjRsaKR4dVZfI6/zzyg7vv++iNQ2/yNe11Bcjo5jwpuKZyFmmFpj9xoL
0uCOJnnHrhqIfy/LVTH+b9K3UQDgBHd3InFKt/Uy1rMNyBbH0tcnj2PZGct7Mg2G
vIgjygOKrYJytFrVtHFw2xKGIW40ohy7JzXTPjTFUj2q5GtVcGLIBiryOlTz3bsv
s4eV4pJgMrNqR14qsRN3HvAvf4DLigpuYR8=
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHOjCCBSKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEDAOBgNVBAMTB1ZQTi1NQlIx
EDAOBgNVBCkTB1ZQTiBNQlIxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl
bi5kZTAeFw0xNzEyMTgyMzMzMzBaFw0zNzEyMTgyMzMzMzBaMIGrMQswCQYDVQQG
EwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoT
Bk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQVlBO
LU1CUi1ndy1ja3VidTEQMA4GA1UEKRMHVlBOIE1CUjEhMB8GCSqGSIb3DQEJARYS
Y2t1YnUtYWRtQG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
AgEAx/Q0+5i0lCTsMpXtQfxqi/OWcGOgWG50lqapVshmCOXKh5JT5bWRYqpumOYB
T2VLprpWnurVCkksKO5U/rMISRxmKckThTgyG9GJLkw9we8gXxXGHfdfSo1mnY48
9J3+pp7r+C3OSVGceBv1IGvkVRRAS2jL5IKi8TBE3YSbvPQ0Bm9CHAWXtDKE85a0
ocj++z26WvmuCnl5mYbs39LwKbusYOzEQN+ffuTU24PKQk5R32YqxOiCxQr9kgi8
m9CUtO3BVgF8hJBUXVc2tiDu/3QhpcafDi/nf4rLr7mlJs808BTwU8gw2aP+vnqe
yTrKcv+wTl1D2lyhy3WVErctPJG9tijr0B/2cnAdeqf8Xh+fBysZNdV6m8u4jA3l
oht6JnFqbRtpmUh9YQEfGm4WJ3F/BJopPvZRa5+DZYKFYySdFjtxiJmXO1E9dT1F
2/fBUVQBdgOqHYLccySPVYDy5CFGu0VuKdl/bCqB+KNzlQi3DF0R64DGMJfF8NsW
14+SmmdwytcYyE0LEQU4vL9Nit+pZbKbrMU3nXgMoArAiKRShS4ceJOl2koNOAmr
ZezesJ7f0L5IArjlk7HzhxTNWq63AG/NtRMQtJzkdlihV4OVE0Guya/N8SknZXPp
TZnWLCn7Vq3FiPRHw0ieLD6bUvYuqEk4JWW/brwZMKBEpeECAwEAAaOCAW4wggFq
MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBD
ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUyCmYxdwfXdP9ZsTs9RHh/GYg+XwwgdcGA1Ud
IwSBzzCBzIAUYehyuTIQXKO/p6dZHTXgtLVRgPuhgaikgaUwgaIxCzAJBgNVBAYT
AkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMG
Ty5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRAwDgYDVQQDEwdWUE4t
TUJSMRAwDgYDVQQpEwdWUE4gTUJSMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1A
b29wZW4uZGWCCQDRGoY5fXaSXDATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
BAMCB4AwEwYDVR0RBAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAKaX
0hCwrna+rQvUBQ+RKIYBjThRjNu0cSm6OZIgVqhdhqOKe3CU2SwpzIiEUv2vgN9w
aa38VffKa9J94bYqxBVCNTQvV6hK3dVbsmiVFRXVWkGwtOl0DPb+UPooX7qtdWY8
+6jvUXz6rhOZl0KFrX1Udl06VwZrG5+O0ioZnBpTEqTy+nNHG+QffThY4RMxk4fu
9B63i0bW3dCHV/Us9fsJnxN+TqslLmRnRyVmdFqB69t3jv9Ru1OncC6bF7eHBOmX
P8E91Atr115FVVjZXeZ7+NDpN97oqMX9Bf2OCXu/HjEQIW/zvoFScWkf8FPLjKV2
/ms4X7H5ZDxNumkaJB3DRDPyKrkvJZQ8HqhcMKo7qPFLnBGORad/fto+SAJoBE2v
Ie2h67vU4Wr3qQILebkCqLkYYdE9W02CAZcZ+2O0BZCtrs1HbGDIIt5CfqkrxulE
8opGS53U8A+CXuUcOdPRrdz10/7o76chJfEciOQ1UaHShtNe5g04/SDn1UQuWltv
YhcAZmrOUbzIY8FWFLJ0XwCMFc1m0rABskQGEDjb3UL66cgOIrUg1lDlKGZpi51c
4eqTfuR1dk+wtwWgNU78UrIgPDw1TitA/aDRaugymPUnVeM6/CRqNSrlEU+QmIVf
2VSZXxkvk0sFPh/1h5Hk86tezdb6ucm+3ow3HcCd
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIoJKekP1ZYoMCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHiPXCkPcmkMBIIJSBkqxukBibbl
LdkzjsRmpDCFmPbmEzu/YKmXCMqSbgnEp0Ny2/05sWH2x7DDfZHC8IkzSZb6nqz3
G5AenJ6wZhPhtVEHFJaiVkJv0pIGXpGvqVsXimDSBWMnIwBFUfzrKSOu7Dhiw7Cx
1KdGgfoISh/BTLF2UAJjRqIL/Hw0nlqungeXV46twKFW83fBwxJBMj5HwfHtkTqN
yXOoRLOFJHwYAn6qqBw7n/pJyb4XzOqmmPqC8S96WPQwTCUDlJCSg6AGpobEfxQx
KFreSVCyQadyFSO3C8jGIOsP+55j7sk/GwABYx9iZ+hPiH1uBhhDNzLpnDbLsrgf
chvpMoftpmgZxxd6bFbWdhZGhWKSGivmujfaAQySc8+w9ejjpCiHg9oEBsm78whh
UcxXNrbfVpj4ivZm6K+BoM710imeQu22t/SNeO7S6Mko9Weu/8vlg3976H8E58PG
NwseCQRyVKmIC1i8EuKbYt4Fr66YTkuv+OGdqmvTPRe8aMQOgEFU3NaoQ5rHBfma
24NZoy/Hk1QXYSkCIc6izJdv07u44ZK2X0LGGiETin8lmCmyrph+iP51Hl2np8gk
5PiHAVcnhuSrBP9nVOZ6XFbBFYwItTdtlkpSfJBYlNnEHK2gA6wIF8dQhQE3VXS7
H9F3MdaJx7qVRy7qDwEG/ONBDX/QrU9cTom07TP1T7IHbqfF6koZE8fOEnwFPwpE
4sFuaRfrPdBDaE6jww0NLdAHC8eSdNgrHHVEUnwWosAldapfmj3JNONc+tJPYo4r
usMPPL+THX9UA9D7hxZ5wHz4fqyTlkK2bE0aK0euEaAe7tQ8+teYYEiO+OkRNQI4
yyHAX8b1jCaCOOMTeSHdV3gFhh8wmRsZqa4i1a4lWqeQlXKA9/Iq5Uk0ujNOSYMG
ttMyS7b38IvDCog9G1XYiSqH8DE/IzSi9tUbfUtqRX9jqUp9ZGlY0h8R/5I9oDKa
4IQRYAjktsJDi1dxYffQpWX0XeDZdlT6drhZv3OZHfTzX7pAI8TbEcu48tuI/JpB
zzI9/+yxF2hDNlecWYi8BP5vt5u58oiO+IEReFC1sPVssJSQisOJp1qNQCwgvNxu
/1heDohlurh5Ra3XtFddDVg5r92A9yuM5LZFGNA4VDZe8WzFOv9adKrZARBiWqBH
CG2KwL8o/psC37BT0SRCQd8iOHTlfMUIPd9j7WxfM1DcxywEcLCwtBjMXidVVIB+
YG58huH2AdEgm01f7UeJrd0RBCV4Lx58nNnnkBoTQXzP5KqpAHmSndsOy8dAUf4F
lk0zC1LARseF3r9eeFxNeMC+diQHzLOGLQNhyojlhA2/9FO546lOH3TLlBNgQ41w
CfhTRa5aU+w+OmYjkPEnhde4NzzSXEbFMjGQvt0rrn+6jFMQ/kDLSoJEHBEa+Anf
VAbVZThhy8JhkRrKpEht3sLUd/mR57Vrk47xZnV8uGBW0Ii28rRYdImHV3CGUys+
S6r5o5zLa1yRhz2hGQE8kpnu5HiF4Pz7svBp8FEiRLTxvTQ9D5MgdlXUHr5Ujaco
ivlm4WvXoNyji2FbWDVgscvfbOQgNnaQ5uY5g3rxC2PTCwNbTCGNLxYJbJ4zzkp+
NHS9xuV39AggXJpFpb6vl30NU4pQCLDTYpembdhNmIfgGo4DS1bMSWZyz9I1OkOa
rNtVWidyTgZd3I3v5r5weD30gb+D/aaCxSEa4CCp1e7Wbdjwb9tuj6bJsRlnAn/K
ucDfQzTlImshtBjtWG2C+dpRyTVLpo/49kQmHhXvr/OpDWv5tggrvEZ87gEvCgOA
KkPNFET5itNA3KkVX6fi9Lg4g94hwEqAUnKHFvhatMC6DYYXF2hnZLIAaXjCAysz
ubxOMEeyEYEBpGnWuWgK6uv+IgwYdA9+vca69upH19J9sxvdhUluRo4ghoH2Ufuz
gz1P852iCvVGsGgUgWsyRgEqylP726YxNyxBot8EZ8uUXVaUFs540nJRY85Sli4f
17WzMYKTgV+790XFUgYlV8K9wVL2qCcCPwlUS/sjLIUACnuiDucMT/3J9zQcssY6
3ka8UhMzaFGys0FQl1WwcXZ+gWtQJcF7R1nB8PCbUFt06+adyJaSrE4UTQAZYMM5
NS06CVaVBxhZDukAq9Rw/W1mnfkJTb9IHy3n/5RJqNzf0PXDe4CbXKqRDWx4aPbr
bklCRDCujoECsnYuTEdNbRawubCrt0uAAAudJkHQsDHJcjs1Uxr26duRhElsolJX
bkSOiarjckoGZG2k05aBkZq9HcOMNMHiGsia9/3TmEIWkuOxY+EVB/FHUdjeJA1F
1pI4phDz3rGYJOcWwMtW47P7vemKi7UXzfgCVW0wS/pxI5+PGUxq3NrxLz0TMdxa
lKAH18quz3tRaqlGNQ2d9NVEn17589JLS72OFROnK0tUBQevaVwP4MHwu5g/lz8h
C72U86jx1ps1N32y3SV5T/U0rch1PT9v8PO4kD3ojoMAjxXSe4Iv6gXaJSKmORdD
WHb7W2Tq7IWHRjUWWl0wVsqLyEfu9LAPTw688P17UWvK4fDQDvr0dOyMRSYNBTiU
YudmGZh0lphuEXnMmPgD5l06EmKbXzSIWwg1iMlOKQzENxTR5fr9ozvpe1KDqAGK
Fcd/QRNydHOJcLShwhX2ZTfVMMzoE3t5hizS7cbo3j+OYKJ30P4GFbXrEIj+c6Jd
FOT30UZWZ1lK+jFscJcKCZMDFvHVDk63pOLCdxxQlmovuaCjsdGXRh1mvtYyV+wE
kDCbCdjjlf5Qj8TwxNmKA9Rg5dlTIOSFALGM50YX3Iq/rwJahBOpirKXNcQ8/qoG
0sF+4jQyNQSMu6Y+9RKGBwPESZa05M9N0xbcAz+wFlOKBRXzioMRNoG5rOew1mTj
wgxpNTidqvnVE36gw0hYy1K8+jyYwFwdh+t++p+VQ3kctc1QPVgomouC8DY7UCNg
5wFFqm/lru87YJcsgrso6/fHvaTkA3toS5olRrmhq68hjISk1XArDm1vDo/hcvFX
L4MLrR/LpUCccUFV26NaNJuQdvpzBiGTwyetK1+rC5QtvNvfTQL/1WeKpbOpJCkl
2FqU9ZXvhJH4N3zxGf9LRkg/tQjYKLfDbvjZZzDnk66fJMK19FkuCm2uqeRQZHiQ
j3AScnn8S7SPYjaNkOxAmQ==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
79d91376ee2c248cb615cd6291bf2954
a8e96540005b24814cf8b156c133033a
8d46114db5bb435551604fcb18c56b09
09750d641767657cebf8151735230e61
b2a9631cd7490ab824333b74e60e4cc0
c3fce42e7518bd6519347f7e111b9f61
be2682407cd8186c2c9b03987a6d0fd0
52599e30c6e2214cd9734f442e4d9a34
62e1dc096e13a894538798a94b2e2d54
f1c5bd884fe95aefdd919a96cdbf8f1d
c60a65e7b59990a11324fa1960b8cb3f
ac2fc846d6860e50f7b35f83eb6b791b
d59707320a80e639b2226c2d16830757
f7d29d94fd8c5fe1ab8c939e394d2126
bd880494edfa929b03b894c6984890c2
8e1ab55c781b17828ec1d4126a9736e2
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

22
CKUBU/openvpn/client-confs/opp/ca.crt Normal file
View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDljCCAv+gAwIBAgIJANdEFItVo9+IMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczETMBEGA1UEAxMK
T1BQLVZwbi1jYTEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwHhcNMDgw
NTE5MTMxNDA1WhcNMTgwNTE3MTMxNDA1WjCBjzELMAkGA1UEBhMCREUxDzANBgNV
BAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4xGTAX
BgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4tY2ExHTAb
BgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQC1RgTR9sLzgKQW/1iSnMYgrl0OIc9KUxg4lwnA0WcMTPk5iQrX6guV
BAP6gTzf23qd1mwXqJDGIYaeA7D4KI3kKZdM6vCtKPZ+E2d4j8Kt5JzWAdy2fXVg
75PCqY2KWfkAh8EGlxmGeSQCuDGqVeiL+ekbp0hx7M57Gst5yxN44wIDAQABo4H3
MIH0MB0GA1UdDgQWBBThTcNr9HyBexayzG0kbMrdm5NT4zCBxAYDVR0jBIG8MIG5
gBThTcNr9HyBexayzG0kbMrdm5NT46GBlaSBkjCBjzELMAkGA1UEBhMCREUxDzAN
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
GTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4tY2Ex
HTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkA10QUi1Wj34gwDAYDVR0T
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBgKYEcUleLw/trPJbbeI/s0ZKRGVki
nk7jY7+k8qa88FqrTP3V7pgGnWunINBgTBxM1dH/H4p8DXiIGWJrY7KCddIJSA5J
JiX7UJBXFQDXflP+MhqIdHfGjd37djMqUD2//WLAKuahxNSuf4L9FfoeNGghlYKX
Y/hjEv3y78V8QA==
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/opp/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote opp.oopen.de 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/opp/ca.crt
cert /etc/openvpn/client-confs/opp/gw-ckubu.crt
key /etc/openvpn/client-confs/opp/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/opp/ta.key 1
status /var/log/openvpn/status-opp.log
log /var/log/openvpn/opp.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

73
CKUBU/openvpn/client-confs/opp/gw-ckubu.crt Normal file
View File

@ -0,0 +1,73 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27 (0x1b)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=OPP-Vpn-ca/emailAddress=argus@oopen.de
Validity
Not Before: Sep 20 11:41:43 2013 GMT
Not After : Sep 18 11:41:43 2023 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=o.open, OU=network services, CN=OPP-Vpn-gw-ckubu/name=VPN OPP/emailAddress=argus@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:97:a7:33:b6:32:9c:b4:75:af:7a:7e:54:53:25:
cc:06:7b:f9:e0:93:3f:2f:9d:83:d2:ce:49:27:ed:
da:35:19:fc:a2:40:67:52:db:8e:ba:42:42:13:74:
73:00:eb:97:12:ad:e0:5f:8e:de:59:ff:c9:d6:8c:
27:a1:95:28:0e:06:5e:ae:49:29:3e:97:60:3a:76:
b4:f0:e4:11:0f:c6:07:fa:e5:42:0d:e8:82:d0:71:
38:a0:07:a6:aa:20:45:7e:d9:78:2e:66:53:8c:10:
77:44:e8:49:57:50:5c:33:85:b0:88:61:1d:64:aa:
4f:0c:bc:b2:1b:b0:5c:6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
3F:A4:2B:57:0D:33:62:CA:48:8B:87:19:C6:1E:15:A6:31:A6:FE:6B
X509v3 Authority Key Identifier:
keyid:E1:4D:C3:6B:F4:7C:81:7B:16:B2:CC:6D:24:6C:CA:DD:9B:93:53:E3
DirName:/C=DE/ST=Berlin/L=Berlin/O=o.open/OU=network services/CN=OPP-Vpn-ca/emailAddress=argus@oopen.de
serial:D7:44:14:8B:55:A3:DF:88
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
20:73:fd:0e:d1:64:95:60:ef:19:ae:dc:e6:e0:38:c8:f4:aa:
fe:1b:89:a6:ff:ed:b2:36:ec:1a:38:08:5f:53:61:c6:b8:7e:
c8:fd:82:6d:69:b3:92:bf:ad:40:4e:7e:d1:b3:c4:21:5c:d6:
6e:eb:ea:64:51:e2:3a:49:d0:4b:49:dd:ca:9d:4b:ab:a5:b1:
1a:82:ff:7b:0d:44:10:91:1a:11:db:ae:8f:2a:88:8f:d9:ce:
a9:56:e6:da:8a:ba:27:0d:44:4b:2f:70:da:c9:34:cd:c8:19:
79:93:d5:45:16:49:7b:53:7a:83:3c:14:6b:09:71:bc:5c:58:
e8:cf
-----BEGIN CERTIFICATE-----
MIID9jCCA1+gAwIBAgIBGzANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4t
Y2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTEzMDkyMDExNDE0
M1oXDTIzMDkxODExNDE0M1owgacxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJs
aW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBu
ZXR3b3JrIHNlcnZpY2VzMRkwFwYDVQQDExBPUFAtVnBuLWd3LWNrdWJ1MRAwDgYD
VQQpEwdWUE4gT1BQMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl6cztjKctHWven5UUyXMBnv54JM/L52D
0s5JJ+3aNRn8okBnUtuOukJCE3RzAOuXEq3gX47eWf/J1ownoZUoDgZerkkpPpdg
Ona08OQRD8YH+uVCDeiC0HE4oAemqiBFftl4LmZTjBB3ROhJV1BcM4WwiGEdZKpP
DLyyG7BcbcsCAwEAAaOCAUYwggFCMAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW
HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUP6QrVw0z
YspIi4cZxh4VpjGm/mswgcQGA1UdIwSBvDCBuYAU4U3Da/R8gXsWssxtJGzK3ZuT
U+OhgZWkgZIwgY8xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV
BAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNl
cnZpY2VzMRMwEQYDVQQDEwpPUFAtVnBuLWNhMR0wGwYJKoZIhvcNAQkBFg5hcmd1
c0Bvb3Blbi5kZYIJANdEFItVo9+IMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud
DwQEAwIHgDANBgkqhkiG9w0BAQUFAAOBgQAgc/0O0WSVYO8Zrtzm4DjI9Kr+G4mm
/+2yNuwaOAhfU2HGuH7I/YJtabOSv61ATn7Rs8QhXNZu6+pkUeI6SdBLSd3KnUur
pbEagv97DUQQkRoR266PKoiP2c6pVubaironDURLL3DayTTNyBl5k9VFFkl7U3qD
PBRrCXG8XFjozw==
-----END CERTIFICATE-----

18
CKUBU/openvpn/client-confs/opp/gw-ckubu.key Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,4CB95F5C6DD612B2
Nw2A/U2PvM2266HmN6E58eFsPDSAFKbtiM8FLA1D20R3TDhzGETcv0J3v5iQFRMp
oeBthXWiNOvT0HfU4cjhR5MPs3gmLN+OF8U61kCRf9767Smp8zaXdRwgQ4gOMM63
DVQZhNlY0MaeX5IS2HKvO+gZ/DAUDTU/lDnVSe11bAibzmDwbQXZ4eV2gP8dH2/n
nYKWagqqUjU90HpxkFO1XQgQ3ShGUoTB2v6UYqi6NhvH7Jz/0IN+eTHHPbPr2CXw
CRm9bFQbKchp3N6V5oHhY5RO3KgNa/w+/XoxjJZ3bBeCjZeFgeNMDkKC0YnTCz+/
+hO6sgHM5I5oYYEvvZflKg7JMBSY/w/XyfWQTh2FLOvcJDh85ozU/JeQ7EbNaiRt
ZF2TaMHbcmKSdyoW5VL3iRirq93nbpFl6wUFuifKobLniqT/rjwiSvirqoYds2S/
sDn19aC/DtOxTXXqp3ReRvBQ56CL4exROHTYrHjh6ECvofdiWoO/tjZrcbtpsIla
v6nTqo/FMvetbvLPoRfzfeoXIzH6q8fBJ7M10L/AGdbAEW0x5VyMTceHhn/rvdWM
EPIewbUDKb5WQm2nPxST540fvUMizScGrKVhJbA/2uMtsKjN1G0cF0yPUouK9itW
1ChqDPJWZJegXNcwcVHHX8hIDCcpd/sFFKVlGDThPmDv6LQ2mgy1nkIDslvsRyeZ
j40+xfwhXQ49PnGLndkBT4MtvxR46Zt2PH9FFPC18EGDoces2Fv8IKjGVlZpd9uO
W5D1D69vwgYVFV6E7ZMWF9z/mY53ci0VSMnRjVh3R2rTQjqXypDCDQ==
-----END RSA PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/opp/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
ff2b7b56af351769ba703f874d389327
2e8fed8405df740d51d58eff3eb25af3
d6de19376333a9b05aa72f8b90124bbf
5ea3085029070d28952a1fe9baa392fc
4865bd5dbc58a4ccfc373d2ce772a217
17f099df7d2354e404ae7690cbc50002
151667c2af583705bd3896327917327a
a8b2c9073e58b7deabb3ad04336170b9
6fcce57b50827b0f393b7d1f0a7f6299
d15140e46f6108983234eb53b0a6d56c
6ce3815bc7f5ec9f52bc7eb680562b4f
1241f1378b774491ca817b56f1d5ba09
c25e8a4dff3610c60e4f9f3c306c15af
8a70829075343f2ab24d61560804c78a
dda39ceb12e11a0079b59dcb607166e5
567cbf1dc83c2f32f8ce1cb4576c12df
-----END OpenVPN Static key V1-----

29
CKUBU/openvpn/client-confs/ro/ca.crt Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIJAMlUrtE4JKkVMA0GCSqGSIb3DQEBCwUAMIGvMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMP
VlBOLVJlYWNoT3V0LWNhMRUwEwYDVQQpEwxWUE4gUmVhY2hPdXQxITAfBgkqhkiG
9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xNjEyMDIxMjQ2MzlaFw00NjEy
MDIxMjQ2MzlaMIGvMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
VQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBT
ZXJ2aWNlczEYMBYGA1UEAxMPVlBOLVJlYWNoT3V0LWNhMRUwEwYDVQQpEwxWUE4g
UmVhY2hPdXQxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ/Xi+e76pcPgW/mq45tSezbSTlH
qnNmNf82uxgobSdQNKoNm41CJh/W8qjfaGAjLyuIwbPAyRCjxt1WeL9vje0mMd5P
GVNMZsc2c72R7Yel9La51tWoDfkYjU+uQVUjPo12RTnAQwPRAS4q2riHIu+OkAzZ
QnEEy1CC/spLqWvDDyaY2vEKWldFyIdCxT1wV/DJUESriCHoz2fgM5stslgbd3Dj
qHsObhhlGdAI4aZ5KaAbDNk+DyiWRWefTZ7POBcLmSQCYCfbq2JXvt7ZtEt9KZM6
RUpfPaAC2HXt+m2+zTSBhpwm6WN5MxJkQg8Po5mgVYPSVifsy2UjHNWKsVMCAwEA
AaOCARgwggEUMB0GA1UdDgQWBBRf3ZvIHiBrLarJsif7fOv+3181ezCB5AYDVR0j
BIHcMIHZgBRf3ZvIHiBrLarJsif7fOv+3181e6GBtaSBsjCBrzELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZP
Lk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGDAWBgNVBAMTD1ZQTi1S
ZWFjaE91dC1jYTEVMBMGA1UEKRMMVlBOIFJlYWNoT3V0MSEwHwYJKoZIhvcNAQkB
FhJja3VidS1hZG1Ab29wZW4uZGWCCQDJVK7ROCSpFTAMBgNVHRMEBTADAQH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBaFsB+tMuVX7/Yj8yGngmA3raqK2kPsyPzIDGMSgyZ
lBkjaCIG2+VogDlJhdr4qg0WGVhtLwFdUhVlMdzKhmQFvH8BVEYcJRjinlJ4j6/5
V6eWaVuY2uc/tfOz4vuMLSj2LFIPMjjPlGthUm2M+LITMv8yS27Ww2/5iD4B37vb
znbJkY0khWK/oDNVvabVm/XNLt18vzmtee4XiCQoZEgnCgh7M42icScjNwPVGJx3
co4BQk0M0yO1nnwdtLMKDRTX/FpNv2mztvh4qa/Xm74imeFFtY6WfX+jIxHdMrCX
F4AosN0ktKNj+jFja4Vbhk+r2rME2llSsrrdr3E5JrLy
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/ro/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote reachout.homelinux.org 1195
topology subnet
#push "route 192.168.72.0 255.255.255.0"
#route 192.168.72.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/ro/ca.crt
cert /etc/openvpn/client-confs/ro/gw-ckubu.crt
key /etc/openvpn/client-confs/ro/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/ro/ta.key 1
status /var/log/openvpn/status-ro.log
log /var/log/openvpn/ro.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

98
CKUBU/openvpn/client-confs/ro/gw-ckubu.crt Normal file
View File

@ -0,0 +1,98 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-ReachOut-ca/name=VPN ReachOut/emailAddress=ckubu-adm@oopen.de
Validity
Not Before: Dec 12 19:50:59 2016 GMT
Not After : Dec 12 19:50:59 2036 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=O.OPEN, OU=Network Services, CN=VPN-ReachOut-gw-ckubu/name=VPN ReachOut/emailAddress=ckubu-adm@oopen.de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:96:37:a7:11:5b:b5:7c:04:77:d3:a1:6d:fc:88:
ba:e0:b1:83:32:0b:29:86:7e:7d:40:5e:79:cc:5f:
35:09:fb:8d:3f:7d:22:4f:7d:ed:c9:4b:73:fb:cd:
e2:eb:14:cb:95:29:67:c6:53:c4:81:01:72:e2:9c:
96:6b:a2:a7:3a:08:dc:29:7e:8f:fa:37:73:21:b6:
49:7e:1c:c0:31:f6:34:0c:94:62:f5:57:a8:00:8a:
b1:28:82:f6:4e:a9:c1:64:d3:aa:81:57:d4:9c:6b:
5d:9e:15:cc:b7:b8:a0:a8:00:68:c5:f8:22:c3:26:
db:18:df:da:91:96:34:37:71:8b:d1:cb:e2:1b:52:
27:db:22:57:23:fb:ec:46:79:5e:67:eb:c5:05:8d:
5f:dd:b0:b9:b8:df:6f:c0:5e:ca:69:7e:66:d1:d0:
63:b1:28:eb:48:82:94:c2:94:8d:95:19:47:3c:ec:
08:43:e9:4e:36:b5:31:5e:a6:5c:b9:92:e9:ef:a5:
3a:5d:aa:78:f1:44:4b:53:78:27:85:9b:09:19:ee:
7d:d7:ec:bb:73:a8:02:e6:3d:01:71:c0:c1:07:ba:
2a:f3:11:b3:c2:52:f6:aa:f6:08:2e:14:8a:b2:25:
df:bb:d9:a4:3b:90:2f:0e:ec:37:cf:0b:6f:cc:23:
ad:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
EC:45:15:E6:92:4D:CA:CA:4E:6B:7D:D3:52:18:00:A5:92:69:24:1E
X509v3 Authority Key Identifier:
keyid:5F:DD:9B:C8:1E:20:6B:2D:AA:C9:B2:27:FB:7C:EB:FE:DF:5F:35:7B
DirName:/C=DE/ST=Berlin/L=Berlin/O=O.OPEN/OU=Network Services/CN=VPN-ReachOut-ca/name=VPN ReachOut/emailAddress=ckubu-adm@oopen.de
serial:C9:54:AE:D1:38:24:A9:15
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:gw-ckubu
Signature Algorithm: sha256WithRSAEncryption
8e:58:7f:4f:ff:32:4f:22:e6:98:95:bf:2c:a8:d0:c9:54:1a:
0c:58:4a:d5:11:b6:3d:d7:8e:c2:84:36:9b:4f:c3:0c:e5:b9:
f2:40:7e:e1:93:7f:28:b6:61:c6:f4:96:f3:82:f3:be:22:e5:
7f:b7:ea:3c:09:b7:ad:db:28:0e:79:ab:03:c0:38:c3:ae:cf:
85:91:d1:6d:6f:b5:c5:97:c5:72:5e:87:7a:f1:bc:9a:39:4c:
ae:38:e7:9a:6f:8c:ad:7f:37:12:e3:4e:38:63:04:da:20:dd:
d0:77:7e:66:93:8f:a3:0d:a0:1d:67:69:7f:3a:a0:b8:47:56:
f3:a6:e6:9e:5d:5f:ac:6e:3b:fc:df:2b:9d:31:d2:11:0b:a9:
3f:17:ef:9a:2b:9c:af:dc:b7:ba:46:5e:d3:77:dc:52:f3:25:
b6:52:c8:ae:ab:48:8b:4d:8b:a2:25:d3:80:f4:76:88:31:18:
4a:f1:03:39:1c:30:d1:1b:ee:ec:6d:c8:2e:42:98:56:10:a2:
a8:94:16:fa:c7:eb:84:6d:4b:d9:63:43:3d:cb:66:7e:81:47:
80:90:4e:d6:ae:a3:66:b6:08:6f:dc:46:81:1f:33:c3:89:23:
2e:f8:54:a9:0f:16:23:6c:e9:b5:49:88:34:bf:1e:42:39:42:
7f:f8:d6:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBrzELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGDAWBgNVBAMTD1ZQTi1SZWFj
aE91dC1jYTEVMBMGA1UEKRMMVlBOIFJlYWNoT3V0MSEwHwYJKoZIhvcNAQkBFhJj
a3VidS1hZG1Ab29wZW4uZGUwHhcNMTYxMjEyMTk1MDU5WhcNMzYxMjEyMTk1MDU5
WjCBtTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVy
bGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMx
HjAcBgNVBAMTFVZQTi1SZWFjaE91dC1ndy1ja3VidTEVMBMGA1UEKRMMVlBOIFJl
YWNoT3V0MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWN6cRW7V8BHfToW38iLrgsYMyCymG
fn1AXnnMXzUJ+40/fSJPfe3JS3P7zeLrFMuVKWfGU8SBAXLinJZroqc6CNwpfo/6
N3Mhtkl+HMAx9jQMlGL1V6gAirEogvZOqcFk06qBV9Sca12eFcy3uKCoAGjF+CLD
JtsY39qRljQ3cYvRy+IbUifbIlcj++xGeV5n68UFjV/dsLm432/AXsppfmbR0GOx
KOtIgpTClI2VGUc87AhD6U42tTFeply5kunvpTpdqnjxREtTeCeFmwkZ7n3X7Ltz
qALmPQFxwMEHuirzEbPCUvaq9gguFIqyJd+72aQ7kC8O7DfPC2/MI61LAgMBAAGj
ggF7MIIBdzAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5l
cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFOxFFeaSTcrKTmt901IYAKWSaSQe
MIHkBgNVHSMEgdwwgdmAFF/dm8geIGstqsmyJ/t86/7fXzV7oYG1pIGyMIGvMQsw
CQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzAN
BgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UE
AxMPVlBOLVJlYWNoT3V0LWNhMRUwEwYDVQQpEwxWUE4gUmVhY2hPdXQxITAfBgkq
hkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJAMlUrtE4JKkVMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNVHREEDDAKgghndy1ja3VidTAN
BgkqhkiG9w0BAQsFAAOCAQEAjlh/T/8yTyLmmJW/LKjQyVQaDFhK1RG2PdeOwoQ2
m0/DDOW58kB+4ZN/KLZhxvSW84LzviLlf7fqPAm3rdsoDnmrA8A4w67PhZHRbW+1
xZfFcl6HevG8mjlMrjjnmm+MrX83EuNOOGME2iDd0Hd+ZpOPow2gHWdpfzqguEdW
86bmnl1frG47/N8rnTHSEQupPxfvmiucr9y3ukZe03fcUvMltlLIrqtIi02LoiXT
gPR2iDEYSvEDORww0Rvu7G3ILkKYVhCiqJQW+sfrhG1L2WNDPctmfoFHgJBO1q6j
ZrYIb9xGgR8zw4kjLvhUqQ8WI2zptUmINL8eQjlCf/jWiQ==
-----END CERTIFICATE-----

30
CKUBU/openvpn/client-confs/ro/gw-ckubu.key Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIX1f/p8SfdJ4CAggA
MBQGCCqGSIb3DQMHBAi+ldSjE0eLdwSCBMi3tzjN920KGtkWzX8EqiUpOrNj+HzD
i/AX1NgTAqOmLatuowdCBuezyBcNTE4YXqqbFZ5LMPi4/4cXP3LjfH3E5D1TMNT4
QcFzSYbgHkFVTq2ghxCIyWG06J5Z8dx30G+ANfcKt2t/chyCoFf7jaGVqjQaL4cv
AfKHgPpaVpGvbfW7st/ZzCwkma5M9OskuI716dmjLhhPpXry3HaFXOc0kGQk9UHP
rn2kM3tPSLnX/0fwMKedb433V6h5+w+H4tiiKMhfSY34XT11NGeZ/WYvV2Ew17yf
kNHGxewn0ad+dYcdPJVoW/8m64dOTy0opOa0eZyO1WByCqqtGnv5pkXM9tU2vEFq
87SD50oWQ2lM4Z5jYAyrHRrb0A5ErTTa7ZWSvq+GNid6G71kR8STYnH3PgFzufQA
14i/WqJ7UJXfv2/0xDsCr+1W0LIF6tnTK1B+08rDVTFatrLpTuVMD3vdYFBMCoF2
RQ0P8b45Ud9zbKYEr2tVIDH06OP/qW57IQu5yjGBelnUUQhz/cdfSCJOAKqxABfH
5PoYV01N+NISPMrToGiwl1v75WT/nTzFNwuD+Bj7jylQhXbkPa/1+LOFAoNAm3SK
U9O8wOm2gOwVMr4FrEfPIG6JjfIuXdSgEMDUnSnSqo/vBT4O7VcHFjAACkJQ1iQU
ZqE3LaojZrSyFRFGbTeQZd0nRTBqD/i91UwZdAZmMhFHFtbjz5b43WLIsYhIUL9s
0r8b6CuUS7BGvBGiLFsUhcSKc3cEWChjbQlaamViykk+dp8RluI+N9G97NCEnv29
HHjoH/1ixQlFGYlU7fnWZkKc1A/U9wog7J2Hw1DJPo1O35p7qkPlDhGJ/5d773U1
V/dAn59liYGB/u5m33Tig/SXULXgYxPFqB0lQGk3P3J+5BEHbsuaaj0BJpVFDgxH
1zCX01ctyGbRx/pSNQw6FmpgMRHZgnW2vnAM3LOiDlxf7tSwvD5AqWUZXOzj/uQf
hWPENVARorjj8aBhVdbeCerHrxhBvt96FZ4xG7460hgu9ZyXTV52fbCVJqcNo7dx
zFvXQ5KwLEv+nwATD40d4VV7pewIE3kokQ2FFb+3t2SJ9Cjd4sBU9duhrgpVNmjg
ODA/v+VCr1KNE52JYIZOFiiueyOq93r+Vlo/TRznqcrjB2nMbfTJRJt+Cl8+IRNm
3GjsZzHAGEg4i91YyKouFXm4pDl8z6oMa9jY7icq79uQMWCJp0SXLyyo528uKf4Q
MHQQrti/+/41yqNNdnw8XcQFL9FLh8YLCn9Kn7Er0C0XGrmFlcgC78ROi7XxClFO
a9dwJSlRgsDq5nN9oYRJI+gECHXOLoBtHiXNd8LXyjrO7IxhCcpq/xyF9QA5zxot
7QsXm9zfhGXp3kE3bJN7qO8yJgwUpcKRb8dL7LUcAJZEP5HkLyL0Aw4FSRfKUJ2f
Dq92Zee+yyvKxamIpVLZDCLhSHghMOqip1/r4Z50UrFhy+0yyjkzF+0Z8S5Rew9f
o/oNdZV8acDqYbzY1fDZN1ZHVIc+hf7vyVSxp4nyDvTusa6MxPw0C3fn8/qcv8qN
Ez2+K15DBtdzkOJXPUFaCPn/HHpl5++WI314o+8eci8E8Q8y36a1btFlr9vMw8hR
998=
-----END ENCRYPTED PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/ro/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
0d93f89ecf24cf310bd30e8319a142e1
4ebf7508a293db1392c69e7cd4079271
a27f9e64288772ffc7d6645cd7c7f5d5
0681237cff1fe4ef520d9b90609f053f
e4980b81c1cf14015ea0510114c4a71d
b0fac8f22a02fa4bb63dbfb90b094842
9ae86a022ee4f8ea344cfb89cb787fa8
79b5ac1178bcba8cc27619cdd5ba7a0f
46d11ea63d7a9fe1f1ff84d631124ce7
04ea9fd27add0e4462cc5a404227f0bc
533647d8412d6399010729d4dd4dbd6f
70d667a64ef8183d9db91ee13c5efe2d
3f559bf3c5bb0fce0010522dd61ee765
1b078eb55aea89a0c89f23ba7a6d2c39
b5ca2616e27001dfbf7e58065a31ad61
1d236dc8bff5873f97d0790df1de11db
-----END OpenVPN Static key V1-----

39
CKUBU/openvpn/client-confs/so36/ca.crt Normal file
View File

@ -0,0 +1,39 @@
-----BEGIN CERTIFICATE-----
MIIGzTCCBLWgAwIBAgIJAKuW4e7lOKjBMA0GCSqGSIb3DQEBCwUAMIGfMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xETAPBgNV
BAoTCHNvMzYubmV0MREwDwYDVQQLEwhzbzM2Lm5ldDEUMBIGA1UEAxMLc28zNi5u
ZXQgQ0ExETAPBgNVBCkTCHNvMzYubmV0MR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0
QHNvMzYubmV0MB4XDTE3MDYwNzE5MTkzM1oXDTI3MDYwNTE5MTkzM1owgZ8xCzAJ
BgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjERMA8G
A1UEChMIc28zNi5uZXQxETAPBgNVBAsTCHNvMzYubmV0MRQwEgYDVQQDEwtzbzM2
Lm5ldCBDQTERMA8GA1UEKRMIc28zNi5uZXQxHzAdBgkqhkiG9w0BCQEWEHN1cHBv
cnRAc28zNi5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+72M9
e5VDY9bQv0KXFOhYVP1JMojpyQitAmAtLJOBtPzrxRKHQgwk8RALOV5Vd25i3bWV
CsyIO7lBd3JXvETogcAgSuPYo2qlCvP6ja3y+mG0KcdV+VHfzOlsKjkrSTVpHbHZ
4eknnE9oNL6NEFNQ1qGBs9FO+E1l7T0MThM57pfXvh7EvHZRexyVDF46mr6Ko2S3
dxfW1vOD8ULzbIVACUODIh5ZM6+/OaxgFM5yda2o3NPUrSWIyQS/2cmHgMBqacH/
q1p72iwV1UHgr+8MV6MWQoxMcTpFbUkWCvz1TIOqT2DhX1FTVCjZ26FvRct++S15
unlHxO+Gr6xiP6dClTP/bUrQVvkK8lZBkIewF67xHlMEVjW0pzBS0cQi7BwKWzkJ
4GH24CY9QOnOalc0ORo1FY66VlJytQfPql8zPp9Ucx+KHFH3siSzY8IKACZSfh8B
1SaTMDcWvGvdpIG0/yq0po5kgQwDJVkmPU+lmqhQ3e+HA8tJ82P0EmBmtRNhKtZF
rGyIw9/k4h6Nr0ihUO1uxVJG1bbEVszpy+oT3EwCYo0WL+WSFQ/2h9Y+OUqljz86
SEI7dHxP8uj+w8V8ITRYSPrzv2iH3pwE35Vo2mPDEn9bUc0QrY3f+hL+n4e83bhQ
k9Z15cbplfyal/eMlgU1C7bv94anTRzsWEPkuwIDAQABo4IBCDCCAQQwHQYDVR0O
BBYEFNAuARkBJeMMa5jcjhFJT635LHFfMIHUBgNVHSMEgcwwgcmAFNAuARkBJeMM
a5jcjhFJT635LHFfoYGlpIGiMIGfMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xETAPBgNVBAoTCHNvMzYubmV0MREwDwYDVQQL
EwhzbzM2Lm5ldDEUMBIGA1UEAxMLc28zNi5uZXQgQ0ExETAPBgNVBCkTCHNvMzYu
bmV0MR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0QHNvMzYubmV0ggkAq5bh7uU4qMEw
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAq4I1SRHvZSe1xBFsd79b
xVUlY3y743yDsSFJYbEl3E1tbufBuidQcfZlX5j5clHZt40DfZV1YniyWgaOBxOm
XqljVOIX1GaEPZiQlLWCbmOifEiTSa7BxFFZBRNO0PYe4vzJ6dp/lIUEApVK0S+X
QhXkNp1Xh7aYYNW46/1DHdwVhJo+tZlHkAYy+8m/xF5dWDDtxNkTNI3v2SPC8ujv
xgoHCJk1+dKZ26Y7BPv18hkw7LhrFlQeZraa1Dz6EDb/FIGcS0Caw3WMbOMiMuyD
gzKP75o7Brue46HcM5DB3j5Q5Qbgir/2NqWFoIv2062lbY34Vrkoihmz/daIj07T
1xFQ8qqk973WKUyxyZunKHfVaRCxG9KQN8/iDzaGJFWVo8U9PLsiIqyL9twdSu2P
zSQZMJ6GicdxAMIVrh58FneCt3G7bNmVLeSUpGTbGPrCbwtHFGhREADRA5PZ4NRb
5iB9+bQExqdTXyZozcHp7pp2dTHJU1yui6AOsOYyaGhFiOCzVE9KPLvhOTVGClQY
gBxcEkM4rr6T07roEWW0I/X0+pWx1wLsGp6x4dqypE3piGj+l9XMhq6GCWuS0Hwu
8CLoAWaN6I4jHjkwjKc8dEbm7PZw2/2rUqWEU2N+T3LCQSF1uTCC3TDmPPHapfwI
t104nf7W0IY4I64g+onavOA=
-----END CERTIFICATE-----

139
CKUBU/openvpn/client-confs/so36/ckubu-gateway.crt Normal file
View File

@ -0,0 +1,139 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=so36.net, OU=so36.net, CN=so36.net CA/name=so36.net/emailAddress=support@so36.net
Validity
Not Before: Jun 7 19:34:49 2017 GMT
Not After : Jun 5 19:34:49 2027 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=so36.net, OU=so36.net, CN=ckubu-gateway/name=so36.net/emailAddress=support@so36.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c8:bf:6c:c3:92:0d:dd:82:c3:89:00:5f:5b:8f:
30:ea:65:ec:35:72:f6:24:05:81:8a:ce:64:3a:93:
f1:ff:fd:9a:31:43:49:53:c0:3e:63:b5:17:81:50:
e9:7f:79:f9:b9:3a:f2:fa:df:eb:29:5e:2f:f9:ca:
aa:c9:07:56:11:59:6a:52:40:7d:1e:21:44:65:ee:
fd:e3:b3:e7:18:9b:25:bc:33:05:b9:b6:39:e9:0b:
20:75:53:01:db:78:3d:2f:bd:e5:50:35:ce:d6:23:
b7:d9:e0:d4:72:d5:8b:eb:17:9d:de:f6:58:28:37:
db:2a:fc:0f:b7:a7:b0:a7:a1:b6:b2:10:9c:39:96:
a8:28:54:da:e0:85:20:5d:1e:b7:62:e3:f3:2c:be:
c5:bd:8a:d7:57:6c:13:c0:cd:51:48:40:41:17:15:
79:1c:3d:0e:e5:66:9c:56:25:90:1d:69:5c:bb:a5:
c5:6d:14:10:e9:47:47:f8:50:09:a4:65:3d:c9:9a:
8b:b2:d0:5a:95:19:d8:b5:eb:2e:78:2e:e9:f3:8e:
6c:82:d5:d6:17:7c:ee:ef:64:8e:3b:97:8e:83:37:
63:ea:4a:f9:71:5d:67:fb:31:0f:76:c0:9f:e7:d6:
fb:4b:2b:17:5d:bc:46:d8:85:b5:8a:c3:e7:5a:87:
28:ef:bd:1a:bf:66:cb:9d:61:85:72:ee:00:bb:4d:
9b:03:a3:88:9e:bc:30:66:64:5a:a0:f2:dd:69:4b:
0c:39:aa:d6:fa:fb:9f:6e:81:18:f8:84:dd:c6:cd:
07:2f:0c:77:d6:91:9d:da:77:d3:e7:3a:c9:be:02:
72:91:2b:86:69:42:a2:88:c4:85:ad:09:de:d0:95:
e4:16:99:8e:8a:a7:41:a2:e0:0a:6f:44:34:6b:23:
bd:15:6c:3e:48:23:92:d1:be:33:11:b5:bf:79:cc:
f8:0e:5f:3b:88:8f:90:5c:94:96:d4:3d:a1:da:01:
2c:c1:de:91:fa:d2:e3:67:e5:34:19:65:7d:b7:32:
90:d0:d0:36:35:20:71:d6:b4:32:aa:c5:e3:9d:6c:
b1:f8:b6:d4:4b:52:16:dc:0e:b0:9f:44:e7:4d:1f:
ed:5e:fb:e7:19:b9:f7:b1:e5:ff:e1:ae:23:04:a2:
52:fb:ce:79:eb:7c:58:8a:b8:b6:83:88:82:08:6a:
92:25:80:ae:d5:e2:79:2c:c1:ea:21:e5:08:ae:de:
0a:69:c1:2f:5c:e2:8b:e6:4b:21:57:0a:be:d2:86:
39:de:e0:8a:c3:58:c8:ec:07:28:aa:3f:12:27:d5:
50:ae:7b:75:c0:b3:74:04:03:73:df:62:94:cf:d7:
49:ee:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
B8:AB:F9:BC:B2:A2:11:23:D4:3B:03:5E:59:B4:98:80:FF:51:16:DD
X509v3 Authority Key Identifier:
keyid:D0:2E:01:19:01:25:E3:0C:6B:98:DC:8E:11:49:4F:AD:F9:2C:71:5F
DirName:/C=DE/ST=Berlin/L=Berlin/O=so36.net/OU=so36.net/CN=so36.net CA/name=so36.net/emailAddress=support@so36.net
serial:AB:96:E1:EE:E5:38:A8:C1
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
X509v3 Subject Alternative Name:
DNS:ckubu-gateway
Signature Algorithm: sha256WithRSAEncryption
09:1b:bb:a3:38:8f:69:09:0a:00:b3:f3:4e:ab:55:66:c7:d1:
61:19:5b:a1:57:de:2d:30:58:31:08:a9:5f:c7:bf:7d:29:ef:
26:0b:54:98:a6:61:4d:42:d6:12:6f:4f:59:40:67:be:e0:14:
21:1e:ed:0d:e3:d4:9a:38:c4:a2:d4:c6:94:1b:c3:6e:a4:4e:
13:cf:7b:0c:66:1f:b3:f5:eb:33:d9:50:10:01:cd:eb:62:ae:
04:3a:d2:2f:16:e4:e9:b6:b1:1f:83:b5:21:6f:0c:72:87:60:
10:a8:84:66:e8:18:29:b0:ca:26:5e:63:ba:25:59:24:42:ef:
9d:5c:5e:66:3e:ce:72:ae:2b:a4:e6:bd:f1:8d:3e:dc:10:f2:
1b:e4:1c:d9:66:6f:8d:58:d1:6d:60:e9:75:21:da:dd:14:41:
87:d2:f8:18:05:db:9c:8d:7e:8b:d4:05:3d:3a:26:fd:a6:2a:
2d:73:47:dd:59:7a:ff:e3:b2:b6:59:1c:6d:c1:a8:0c:b4:d7:
bb:75:69:54:cb:05:7b:5d:be:ba:a3:8e:f1:d6:06:2b:85:23:
96:59:a9:ad:b9:c9:71:d9:35:cd:86:da:0b:f6:19:d3:c4:81:
5c:20:22:32:fb:6a:68:2c:12:0b:09:37:11:80:9c:b3:0e:16:
45:8a:71:63:fb:64:a0:f3:b3:c1:de:7c:33:eb:67:a7:40:f0:
98:bd:6b:d4:02:bc:4e:51:80:2b:cb:27:4f:00:97:32:51:f3:
b1:33:2b:bd:c3:f2:0d:6b:7d:95:5e:8f:b9:96:d1:43:59:d6:
8e:39:3d:fd:12:51:2f:30:bf:e1:d4:9b:44:67:0e:b0:c1:d5:
1b:58:28:11:4b:a2:a3:68:e6:ce:70:6f:79:9d:ac:ee:54:71:
67:dd:61:1c:97:9b:5b:ed:d4:ec:76:20:60:bf:e9:8e:42:a0:
17:e7:ca:38:7d:e2:0c:77:e5:6b:e7:cc:4d:7f:b3:84:2a:8b:
08:6c:8a:f9:d5:6b:b0:43:59:c8:8a:69:4e:83:c4:42:3b:d9:
74:3f:a2:ac:66:52:e4:79:69:6c:a2:0f:2a:e7:49:60:a2:14:
12:23:73:1d:31:65:c9:09:38:97:af:fa:56:8e:8a:ed:0f:1c:
fa:da:6a:7c:28:90:64:ff:e4:ff:7c:29:cf:0a:78:a3:25:33:
0b:9b:73:18:5a:7e:03:16:4a:ff:dd:ec:0c:c9:57:56:d1:e7:
e1:df:1b:48:af:cd:93:05:cb:31:90:f7:14:ec:c3:22:c6:4b:
3c:fe:a3:d6:24:cb:a6:dc:70:1b:55:3a:e4:29:25:0c:65:0c:
de:3f:83:5f:9f:be:61:30
-----BEGIN CERTIFICATE-----
MIIHLzCCBRegAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBnzELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMREwDwYDVQQKEwhzbzM2
Lm5ldDERMA8GA1UECxMIc28zNi5uZXQxFDASBgNVBAMTC3NvMzYubmV0IENBMREw
DwYDVQQpEwhzbzM2Lm5ldDEfMB0GCSqGSIb3DQEJARYQc3VwcG9ydEBzbzM2Lm5l
dDAeFw0xNzA2MDcxOTM0NDlaFw0yNzA2MDUxOTM0NDlaMIGhMQswCQYDVQQGEwJE
RTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xETAPBgNVBAoTCHNv
MzYubmV0MREwDwYDVQQLEwhzbzM2Lm5ldDEWMBQGA1UEAxMNY2t1YnUtZ2F0ZXdh
eTERMA8GA1UEKRMIc28zNi5uZXQxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRAc28z
Ni5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDIv2zDkg3dgsOJ
AF9bjzDqZew1cvYkBYGKzmQ6k/H//ZoxQ0lTwD5jtReBUOl/efm5OvL63+spXi/5
yqrJB1YRWWpSQH0eIURl7v3js+cYmyW8MwW5tjnpCyB1UwHbeD0vveVQNc7WI7fZ
4NRy1YvrF53e9lgoN9sq/A+3p7CnobayEJw5lqgoVNrghSBdHrdi4/MsvsW9itdX
bBPAzVFIQEEXFXkcPQ7lZpxWJZAdaVy7pcVtFBDpR0f4UAmkZT3Jmouy0FqVGdi1
6y54LunzjmyC1dYXfO7vZI47l46DN2PqSvlxXWf7MQ92wJ/n1vtLKxddvEbYhbWK
w+dahyjvvRq/ZsudYYVy7gC7TZsDo4ievDBmZFqg8t1pSww5qtb6+59ugRj4hN3G
zQcvDHfWkZ3ad9PnOsm+AnKRK4ZpQqKIxIWtCd7QleQWmY6Kp0Gi4ApvRDRrI70V
bD5II5LRvjMRtb95zPgOXzuIj5BclJbUPaHaASzB3pH60uNn5TQZZX23MpDQ0DY1
IHHWtDKqxeOdbLH4ttRLUhbcDrCfROdNH+1e++cZufex5f/hriMEolL7znnrfFiK
uLaDiIIIapIlgK7V4nksweoh5Qiu3gppwS9c4ovmSyFXCr7Shjne4IrDWMjsByiq
PxIn1VCue3XAs3QEA3PfYpTP10nuswIDAQABo4IBcDCCAWwwCQYDVR0TBAIwADAt
BglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G
A1UdDgQWBBS4q/m8sqIRI9Q7A15ZtJiA/1EW3TCB1AYDVR0jBIHMMIHJgBTQLgEZ
ASXjDGuY3I4RSU+t+SxxX6GBpaSBojCBnzELMAkGA1UEBhMCREUxDzANBgNVBAgT
BkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMREwDwYDVQQKEwhzbzM2Lm5ldDERMA8G
A1UECxMIc28zNi5uZXQxFDASBgNVBAMTC3NvMzYubmV0IENBMREwDwYDVQQpEwhz
bzM2Lm5ldDEfMB0GCSqGSIb3DQEJARYQc3VwcG9ydEBzbzM2Lm5ldIIJAKuW4e7l
OKjBMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDAYBgNVHREEETAP
gg1ja3VidS1nYXRld2F5MA0GCSqGSIb3DQEBCwUAA4ICAQAJG7ujOI9pCQoAs/NO
q1Vmx9FhGVuhV94tMFgxCKlfx799Ke8mC1SYpmFNQtYSb09ZQGe+4BQhHu0N49Sa
OMSi1MaUG8NupE4Tz3sMZh+z9esz2VAQAc3rYq4EOtIvFuTptrEfg7Uhbwxyh2AQ
qIRm6BgpsMomXmO6JVkkQu+dXF5mPs5yriuk5r3xjT7cEPIb5BzZZm+NWNFtYOl1
IdrdFEGH0vgYBducjX6L1AU9Oib9piotc0fdWXr/47K2WRxtwagMtNe7dWlUywV7
Xb66o47x1gYrhSOWWamtuclx2TXNhtoL9hnTxIFcICIy+2poLBILCTcRgJyzDhZF
inFj+2Sg87PB3nwz62enQPCYvWvUArxOUYAryydPAJcyUfOxMyu9w/INa32VXo+5
ltFDWdaOOT39ElEvML/h1JtEZw6wwdUbWCgRS6KjaObOcG95nazuVHFn3WEcl5tb
7dTsdiBgv+mOQqAX58o4feIMd+Vr58xNf7OEKosIbIr51WuwQ1nIimlOg8RCO9l0
P6KsZlLkeWlsog8q50lgohQSI3MdMWXJCTiXr/pWjortDxz62mp8KJBk/+T/fCnP
CnijJTMLm3MYWn4DFkr/3ewMyVdW0efh3xtIr82TBcsxkPcU7MMixks8/qPWJMum
3HAbVTrkKSUMZQzeP4Nfn75hMA==
-----END CERTIFICATE-----

52
CKUBU/openvpn/client-confs/so36/ckubu-gateway.key Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDIv2zDkg3dgsOJ
AF9bjzDqZew1cvYkBYGKzmQ6k/H//ZoxQ0lTwD5jtReBUOl/efm5OvL63+spXi/5
yqrJB1YRWWpSQH0eIURl7v3js+cYmyW8MwW5tjnpCyB1UwHbeD0vveVQNc7WI7fZ
4NRy1YvrF53e9lgoN9sq/A+3p7CnobayEJw5lqgoVNrghSBdHrdi4/MsvsW9itdX
bBPAzVFIQEEXFXkcPQ7lZpxWJZAdaVy7pcVtFBDpR0f4UAmkZT3Jmouy0FqVGdi1
6y54LunzjmyC1dYXfO7vZI47l46DN2PqSvlxXWf7MQ92wJ/n1vtLKxddvEbYhbWK
w+dahyjvvRq/ZsudYYVy7gC7TZsDo4ievDBmZFqg8t1pSww5qtb6+59ugRj4hN3G
zQcvDHfWkZ3ad9PnOsm+AnKRK4ZpQqKIxIWtCd7QleQWmY6Kp0Gi4ApvRDRrI70V
bD5II5LRvjMRtb95zPgOXzuIj5BclJbUPaHaASzB3pH60uNn5TQZZX23MpDQ0DY1
IHHWtDKqxeOdbLH4ttRLUhbcDrCfROdNH+1e++cZufex5f/hriMEolL7znnrfFiK
uLaDiIIIapIlgK7V4nksweoh5Qiu3gppwS9c4ovmSyFXCr7Shjne4IrDWMjsByiq
PxIn1VCue3XAs3QEA3PfYpTP10nuswIDAQABAoICAQCq510/Om6XcKXrUufb2RH5
2/+2mUK39AAPHhryS9Ww7ESDQBeDN51l4Vw7eZjwL/XMHkWSE2Pu+gK6FDJFpvs9
FfSQRdq+9e93IHoBir1pk1wS1xU+v8aZgiGGAL8KC1l79ZzuJoEKiaoR0XjMssTF
xntewDbZNoReGe1/m0Gn1OLmwYFe/cX3YBZfIrckz+usQwhZxagu767Y/Gfssl9K
tXk0n9FVmx29axgZtyzz/Sk3j69+Z6DmGQtKeUlcLdzmb64S85LKcRCv/6K2Kqp9
8XisAkScBn6cS+1TCnoHd/aWFnI6cxz9Gw1hOihohfu2SN9Bq/Jcj6i4lIO37G2J
+ImYSi5lku22e5lpWPkecBcPVxS7epnRHG67x9Dm2E2uVbIvtmEKt70Dkt89aVaQ
i6BujajwO4n4i/EOF/a3ZbWpNCHNsA2XOdSQtYKxQE8bREM7YZ8TzWMtiAftTxvX
NXuiTt8y+WT6bfQEs7MkW9509EMGYnH8HCtBCI/BE1Tpk9P1kgZieuj9WnNJqeWk
0gXKnKlStpf0EB5FRJelt+6xYbuGct096ro0VtXu4/+h3Az6PUXvQ65FYBCySLVc
xUpdjZvzzSOM8aUDzs8BJlN8XUhaQNwlSluxn5tkh5hRtKJsmpF6PH3Ms9HqNC3b
qjqwEfgaz0Vc9FxhWxNCgQKCAQEA+gMMFmFCNucF2hDoxd1XpxuTlU7DndHNpyb8
bZiQiR/OqcB67hGRUFZCLlj2BvZj08za7kTucbEuEUgc/zAmsDQRJuA+oOREBRNY
1k//vtROpEVPzwWgZqWF2BZQxlfcmOwAzUUc45Di6U6i3UtSbMdCLSRggB44bcBi
dxLagxwgZDgXwY23OiQWm33EO6LhzOAcUu4eYxYJIXSXtzzGYSP9kRxxnBuW1Mr6
ICyNXIJ7Yea1y/KErLzvwkuyGaNb5gvQ5gLFTAMr7Dgab8cHzrbHbg7nGO/t4Ydl
K89Ynl2UFSNn6Z9bhRfc+0NMVO2fpIRwWA3cmblNe/79lMnW0wKCAQEAzY5QRZ7g
AEWlIb0pwujZudVkuWK9MrPUDA4dsiTsGzT2lZw7I+DY31EKJjclTF4ZtYaCwzL6
DLoGP1MrlzaYMBcOSZ7aPGbrRWAa4vh5xUUSu9POnfYoEmSx/Ekf2L4EPC22Rw3u
yiXOONNPUgtfoYtGQMvB4exltya2P2spWmT/O4SffyA+GBGyJWdPwZCW3FoxX0Te
plILfz08ObwFFhE21Yk/dQynCsLz1o2gBF3lbqRG6s57L1AYZWrRBdqxkiygDe7D
XIzhU3FYf12IBLmL4Ax8GHGXkcNLcm0vndHX3LzeTCAsUWSIbs6Lma1qsnbG9jUs
v1rgCnWtTIJcoQKCAQAZeLgBi7UoTM8+0Vw11IA6qUeW/ahWauqt7f3n2JRZNCFl
EBQ2LxoD+lXRzQR73xx6lrNzdRhqAugzoIo7wZcfep6IvG4FDFyVu8vgQdRHh+/f
MqSX7fXSn2iMhHGEU61I8zp9r13rHXbQ2E8lhqgGJyLp4HvocavEGsatZQFYPERc
kY5yDNMvHEAlZWHZxZWFvwuDs3jrFXKmsu9GHu4DNZx+7Uvx4Km0Ul27a26Xjz+s
0MmS1smHo9Q1kmq5y/fv7yJAXOXnAae28FxZKQj1mY+l+eS3mLI+uQGovf5EXDpb
EPlkRvUXEUBVZRzgxjjulQOxJPBlxQhM6sTBJPM7AoIBAFaayz9J/N6geT6J0HqK
WJFvUwy4iTY/heu+VsyjucaMvgey10f6h+Uu47POMCzIyNQuZBGR/MA38EHl7Mu8
+MnqLN7fytsAEcgdAbb3MXbn70irqLXs7F0zh7nfpUdQZ8BjEhVFzYHmA8j1XsoW
eKg7YdITBxEE5KYR7V8y6y1muBJ/giOxlffWHNSdfoDzRlx4s6yL+7LfhnCJgEJi
8VGm1w+Iz++k8Qwbr1iKOw0b8np3RFnRvRzmBiFUq9Rnm8EWhCjam/z2bkkVzE99
PL2g30n6eJ5j3ZRQUA1Z62H285fRC2fPdlykmsb0xuRsqDOgz5sUNFI7G4HMqsM9
eYECggEAEgTE3vFElm1lwohqD9ipJ4BiIxyO7WwKcE6cMDf0gL6j/W1mO8V5LNmE
VZGICH0cfr/aNBczncT2GedAdUCyGYGM045tX+oR8jkHItzO0NqRV4owMH6EOOjB
NybTZqW0ojA9eF3azqxyYmsLTO+jFQ2GkMKAGZ2gNgHCzHiF+oszBubiiMd08aBE
chw0zyHJASJpH+o6CTMQ0soBgT01q7C7MmWD30lENdeFeZqDzd/tdSaDvAEZms4a
OmAQ36dqC9d8naP/3LexNt3uJuSXRIBnTXROYs0SVzXhvy97ib72ikcjiWOSyr+w
XSkDYBzAon2ExAAnOyVaHMd1Hjt9RA==
-----END PRIVATE KEY-----

138
CKUBU/openvpn/client-confs/so36/client.conf Normal file
View File

@ -0,0 +1,138 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 83.223.85.170 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/so36/ca.crt
cert /etc/openvpn/client-confs/so36/ckubu-gateway.crt
key /etc/openvpn/client-confs/so36/ckubu-gateway.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/so36/ta.key 1
status /var/log/openvpn/status-so36.log
log /var/log/openvpn/so36.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

21
CKUBU/openvpn/client-confs/so36/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
2123228b19ae0734476f0c93a174ce69
6a45377c25c0be0eee565817c8a256cc
a1c45878b98c45673289dce0f7d500e1
bcb35e7a873de37f3e35ec8c5f831052
359d725daa58bbebe00db87101e13241
3166eb7e9e34c3e6dc204c45e17d4521
d3ab157e9d991b992ed58855ddff1cfa
3f4f7edaf8c093f427e8b6fc27f0d783
d2c41272edcb23b8bcd9d0f9d298c6e9
38cef17f95c56186513a6e066bfc788d
14e56795ff0cd54da1726ded95e89b43
465a368fa0621388fbda13598190071e
81fb21d93c4864ae8d5754a05489f46b
6a03f3e07455e9db47c9f94a6223c7b3
27d969cfc9b2b1adacde7f374709a442
a4626075275ed4a1e07461ca4d0df2d6
-----END OpenVPN Static key V1-----

270
CKUBU/openvpn/client-confs/spr/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,270 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-spr.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIGzDCCBLSgAwIBAgIJAMzhic2M9z96MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMH
VlBOLVNQUjEQMA4GA1UEKRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGUwIBcNMTgwMzE4MTM1NDAzWhgPMjA1MDAzMTgxMzU0MDNaMIGeMQsw
CQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzAN
BgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UE
AxMHVlBOLVNQUjEQMA4GA1UEKRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJn
dXNAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDU3Y3K
UW+th51pqc+MttFyQNVQ+TwGUFptpoES5KIDqXifbqQfTLNUch1us+C0e6qt6B/t
ZSotqwAqBgA9bT4ws02sMP2U7U0+sn+rxvb9H/6Q0H4KixfsyTTxqrstEphEE2aF
eC9L3Z4QlJuafsuUWIxT9LW1KnaPV5CIDz/cJZIO/Xc7/TRyiO0ylgf6+br2zAFH
Rm8Tnr1TDUm2ftB0ukG2wsmGhd/+lXPBrXWwC83NBYjFi0o9OZZmAUekyNWUTHQY
UJ1fLJAPLdpoVuxbV0BK6HQdpRvj4KyMBt/kEcGMXSLuAr1/848wI1EI8AuFyaZV
RQdnS6yHxZ4+Mi8YSdXEj+nb/SwBGxz9kmmVUQCTlPm/B4Y5I+3ivS9PxihpSwHo
zJkr8tr+xwfnFXSXB3wPdYu9rD8KmY3/uDYy9iWLg0/xW6keL4luDCVNjltMjc0x
03MOpv9cjN2eBwGyU2dHyyfDPSqSsQi9FZeWmgCzwJ0rL4WywDRc5paXbaWtzdqQ
98gVox7lFbmQIE5VoFc4VTKEIY9D/cLdmZpWzPHOn3vPEc5eAFKb5qZv2IlN420Q
CSCFJAb5orrIj9ALAIvFXfvTv5o7G+ZEvk4eMP39nK1ZXc6/cL7/IapPfy3/vUs0
tEph6pRHP39bcH9pxVAA7WkTS5ZEUshA7NrUEwIDAQABo4IBBzCCAQMwHQYDVR0O
BBYEFHHdskSE3v+RJciX4ZEOWD5SJZ+qMIHTBgNVHSMEgcswgciAFHHdskSE3v+R
JciX4ZEOWD5SJZ+qoYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQ
TmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLVNQUjEQMA4GA1UEKRMHVlBO
IFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQDM4YnNjPc/ejAM
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQB1cA8o2Fo78xQ8jRdyfbvK
GFH8+SMoOh/8qxj9prk0kLYAro5QnzEBmftHhf3sXevEAUWpr77VL1FxhTXgKUp2
S06S/meC24M/KclxM+W/7AuG9yrJuW122l61OuWUcDWA24oj0KG896Mbw13ieeWS
7XmC1YU5Lix3wiWnjD7QZ+E4dg09z722+zwUi1UwRekzJZmB8pTHHmbX4Yig/K27
STnxQEiVZzlzcvjY6QvC3Sj/aA3YCSNl0bsSwH6GwXXJZ3BEKmm6w+ZRQMTz7+72
q0ybGf43XH4sj2OBm1YvCD8LehygPy2uJYlDxG8zRq2kxYxiWLbncs1x9Acusd7l
Te+k8YArRTqsWLN5Q47sGO4H1clz4ay80TTuz4Vc6JQ3banHDmMFV2nMsR2YtKX6
lKD3lXvMU04ZvZe2SolP1uTto3Jw3cNarigj/nHjn5s16uvy6Q3x4TyVUqyAOqrG
cuGrbYAEqtVnMrrovGZTj73HSwAx2PD+3jJKZH+suwBIijNL90wbkNlsNHlNcQeQ
zQAlYRBdCYWFU+7d86kUWYYrActGZc2MJmBZzZ/Tt7YoOIw6NMnWcpMMTUV+zToP
WWrD5OMDc7EX9BmMg7uif46UF6ol2puGXpQIF/yVRbFk1IiPwhc1ZyCuh+1ugh5+
CZSTeKgLDVjfXlqH1ErAvQ==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHLjCCBRagAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEDAOBgNVBAMTB1ZQTi1TUFIx
EDAOBgNVBCkTB1ZQTiBTUFIxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRl
MB4XDTE4MDMxODIyMTMwNloXDTM4MDMxODIyMTMwNlowgacxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5v
cGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tU1BS
LWd3LWNrdWJ1MRAwDgYDVQQpEwdWUE4gU1BSMR0wGwYJKoZIhvcNAQkBFg5hcmd1
c0Bvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANmowNDa
f1Pz+ACS/w8DzUiRIu7i6yfteeWBnVTh4pF0wmmbIV6sq7nFXHefINYYju/szU5D
jqm1750YUPKVmJi7c+CNKkQt2kNa80qPENaZ50TuQAWjHgIgVC1IPpkjk/+2dIk4
rVKPwC0B2qolvH8lj1VXgt6ieRU6CwLCuB5JtvKbOEz0wCS2sCKPscz0R+/9jf+9
DAB6Cr1t4MkawJ7h3mn17N3tmfDUqyGr3hf8nvJgMFBTJsRLKcgdNEfDUGYT1cJ5
8rqNlBjssx24T2Kv/V72tvgv0Y88jDQLJIAO/swqWcYaqKHQAvvmg3zYfri10V9M
sExKswfEvGLgly+3EkMhPuEU9Jqi+c5m4awKGx6Ww0YgJJkhgHw+D8/7/EjiaXM2
sVwSWijStYRmf/LmYlS2Ts38MHAC0WjTd2j8iOB1a4djDv2jGSv0iq3zpv63I0FC
DqVqTWhzJGkMsUowk4AyWrnKNsMfC4ZHG2c8DThAAuKW/OOu+hamGAkUuNC6SYMh
GZus/VoPJudF5vp+5AkthAo/N5wPxIm/nWJXV8Nr9Cd24TIb7TeX6ESWCkZMs/O3
1BWxJZ93n5Pv6uEPlBp1bh5oj69F2vVm9kal8YmpO8jkuwzuwJgs7f300aiG+JJF
+Pz68w/5B170pguuybyq8UQNJJhYMyo9L9nBAgMBAAGjggFqMIIBZjAJBgNVHRME
AjAAMC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNh
dGUwHQYDVR0OBBYEFBNSxrpHA9HfrvuHjvuKZnTXkdN2MIHTBgNVHSMEgcswgciA
FHHdskSE3v+RJciX4ZEOWD5SJZ+qoYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0G
A1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZ
MBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLVNQUjEQMA4G
A1UEKRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQDM
4YnNjPc/ejATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0R
BAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAEDGKiwnx2nlVB4VpK+H
4fE6KYLjqGCpZLliRxXD2V/zLwXt63hYGMPUxUmqq+nnQAIzbReOf4/3avwuaoMc
h8PGmbTdoZic5Qxu0FwN7f24eemYuEtC8R6jrLVHffuCmNX+n94T9Fw8dh5Z4BY9
W3JHr62y5CkRE03VTWgiu4nRluknwyJFYFcj8p8h6kt9qIoSpcaOTfyrhUUgxu4n
jECCw7ZjZbLvaWq4k5Sea9zBL/5p9phJVvgmZBfioMXKbYrg9MUunWxMDJ2+DRdL
vV7wWwByHrMhfbZ71KPAeJF8MsXR6WHaHTzckqOh0l8O5BPzU07IJxhKh2HI2joa
ZfEf5df99ARtH7yUi9qb2/OgqUe2uF/Z6MDUuuipoK95PACf8yvGGEprzqAEusoS
kvXJAkTHBajNPZf3M909Wqy0C8rRVC06+y9AT1Toba3yTb2wUEOFQ4vwJK+Iwi3d
16za6vzZArEgpij2me5RVblwVoSDlqbTTKN/obTOm3Vr2tBX1NCdVaQuwwWTcAmj
zuMd+bluEOOnlBfATuLdnRdgZAA0LbtQAxOcpdUsxR6KxyXFqlo7wPefx7GJKeTa
At0U50Jw76gTAwxTgdgyBuol998pZheyuFavjH9KmWY/q1N+WyOtPgF30VjbpDNf
GXH8zFh56LyFtBxdpjuVSUEj
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJpDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIsMy/MytYtzsCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM8bcaVcNffeBIIJUNOSqKmf153a
NBjm25drvNrgo+bEd2kxywgcjqIyl/csUjkbx3WWANZZAdRIFgtM2mN6xiGPAzpB
AMU+0FhbMeSC4aaoE6kbu0QREcHxgLemoA1+3c/VMfzTXJQ5xtr84pyBfj7lwYTh
uOC8k5WYV0VCWWwj39TAAfF/eqIzfuN4L2ybSgQyHHyWQPvCgfEPMZi5lBcPtZT5
OQgS30tFTgNOmz+wTex6uOJi0Qqo6MvH3rWv5rRwO17FZU6v+SLXcopvZfrO4WLN
AMHzjIvvfwmO+7/ypLnVdBYCd+CpvBUwcEbPVqrddWhNgidlOkoQzVnK34wexRvm
eDjmm8JbTHFQP8+DMEAODlMPNxMD1vCC/vM7bKMjCNYGjRwrxtL9Z8drp1wgzULJ
8AY3J72+lL1yMQNoch0Niuda3RDBs68FeVvGaFmGCPlzDdfTlex0Pi+BFeuTao0Q
7Y9zfcjyv+p4HxMg6YoIIQYOEogWO58GF1UL0zOJD81j4ihkT7HTWtOskw5E6Kfq
WEWyW5Oe4xR0PZpHNrYVURNg6kIxEBwRFfskFofGac36tKJ2fJseESkuqvXLenNt
Y0Epi/AxwEZa0E+G2ewNPNoBAIvRlOx0CBWWQKeCVaOgsOD0zyqYPsCGFWDl+2d5
i8afGhTw/8oqhwNwr25tWhW1xKbMEGchycywGGQloGvquv7kchJb6lDADZtF1++v
4wgRwtiBYOvkqXSLOpFiZinvmUMmqXD7PqG9yWF7XlnRV8JJ61RP2cuKCTXXCGfI
dtzLnet/4lUV7S0Wd3g1US2iPz6LJ+ngOBQEbAqFvInBiZFyduPwQJo0yswDyJYd
WNhmHumuFSSCdnAF6qVjuKhsNhftY5w+xww6RhAqst1idoVqYSt1LLODwKVQfIPs
uctF108LBYPBGf5tEC5Z1KRpDQO41q3F91eTZTVEH8Su1pW7IbMGt8XTUVRJESbQ
SYH5ELMdd+tb1ccD2fZZV3R6V7vI7ejAzOWdmjqaITtPGsFcMevc36YmJ18OQVBe
mTZJjdx28sGrsoqCSvgc7ii0DFLWZrRs4WRrgoxQq/G0zKLuuGXhlEgVw9QhIfeo
fMj1ebR0oElSimcqwPJYI/DDfhYZUA5Mx2Ewnfs1NS+CGoo+UcDKNHQRR3uEmP7T
1Mhg+MQ3b6ssZ8uZQut1E6bALf9ipH5xkN6rgniJsBL3lzvkN+/5XiE5qz16bmkN
gpF1+8G0/pjDi7a0Fw602ffdD1XAfcV6SMobDgTyMmjybgZHzf6cFy9gKrRa6WV0
do4Oc+uv0Nmj6wrAYO4s/nuJnpeTY0wbuHJgcYnTmUX15kIw+bPJ2UIGjyS8QpkF
evX8XeN48U9mknoQv1OfC6+kE6jgqQiDzigy9nSHFc4kIQWsihO6NKDEia11RWCn
QN3t8sHDNZdFY3dy7nnQRIhFNEy6InjLnUbfhuzgZVaVoaqULH8EmoE78z25zi0H
Xt6P+hkW8zZthYHsucVvyiNqZmIb50MK/5VHuORXsepWD9hX/rEyFxsv71AyBl9x
TSHjk4cgBqVh3uRH8NxNNvWnx7Th03Zk4/2dzNUc5taj3WX2jCH1vaKBMI1BBHJD
QWNIrwCExUOIAbYJLGkyihnTv4PCRlZrYQtMyx0laxYRdWR6lsIk83jcMWkWfhPf
YbYd/XIIR+hOFrUIM28Y2TTPHpJhbuORP7z18o2heUV0ZD3LdMi27/JtsSZHlbOu
nqdP9reWG8Kx6mjEdSFe5hTD0VmZ3Yks1jGp3QBcxQivAbLoXsP5VOMOPr7zXmb1
m9uWqtC+/1L6lAg5iH0YNyvrmRL02uzMiEXBQQDx0CYqcWJY+hwaXU6MnSyUMH7F
H7wAW2cqq1XCBVFWUIPI6P63LUlgewzmseaAGgD7tfbGSsx7BwseMXUwtdOYt+Rp
H8/3QeLLAfgD2Kl7Mv8F8l+KsBRNpaSJVYCqYH5ogzjRiuwDwsOmRdHKRh+r825g
fAJsI3grgZOd7poDQSisRZKOAF/ytTclreostJGfwLEE7IpUA/R7yLPCTI/mdPwT
4zRZ2N0fovkApA6hvhIpnhaA5XXuY7gmN8E0tgokZ7NsiL0JgFUFevEwzvZhlCJI
7edh2kPl379+bT1lgy37Z0V8ntU0S3I/g+6RsepDuWtCGsW434Z+iAAv7aKPJz0H
UqNHS4vElG8tQKBkO+qWRdC19hmM5itQoy/nD935hyZgRBZKFTmO3kNPPyvHVTdJ
hYTN/WAuXAMrP5HvkMv4AXZLQSk/YJCcJsPN5p8Kd40oEuwMumI8HCwXlSnpHnro
prdZrrCCUQ2232zCw5qQ4KZl7i5LB8AkLmNXtMUscHf6Nge3GSTILFaKoFYrDPF5
P6u21fO1R2HcA+b7xKzK6ecpPZA25ggxPMqvRwCnT/gueVSXjOIhd3f2pEs3yVWM
W0HenWuiWcbryuzcPAJytianU1KqtrEYhqFTxcdJAYa4xvFbCtGrmVuJ8NRomSg3
BdL8lOfdYxE5R8VYfVxw2jcLiK4o2Bqjt17kHTzzP95E8Eybkzgo5vycmMedOBsn
rBOUJXYFSo6hONNiMR1vlIxNi2Tdo9w5wKHUerVdXhVSLgvC7SeJeArN6+To+MVR
n73jBAA48VcA8d5miDNnfwEDguP/Fg3+vo9VAWccR3lq9tHT1GkNyz0gyYLxmwoV
2w+QkNYM2SzbrsDJ0GEN7s8gEkeQHuwcXHsdyJnLJQJsTrZaaHDd65BMXseE9dwu
Lgf0zuiq2DCDTJEvabd9siS7wDOxJAKzd3atP1O4ylnzSHgvi7DNQJ8Xeu8FF43L
Sn6KmWhdtfIhL3uNAvI2/6434qWKU4WE5Ro/TjI4uMxmfkTTQPmffJTGnH9nYJjJ
aURTTNSKQGbeyBS9KEUjSyQAAXBaDka4zP93eOi66aeUNaMcod1aKLo9r1LpjVqe
3qLBy7cCP56qaMTJChhwhYWtwyu5AqX2fk4LRAOrm7olFNlbJ/QMYEahztZzFuiO
hCCGNebRqk7IYmXnvoA1gJ7VJEov1QYeLX9xnZqF+qwHzs29pNZwADtvBlWn+MT4
yCy2JxLwIwfVuMsJWRzvHcpeOzmgtDIgUkqGzpjPB5bdtbr7GFbFkpms29DmGLtT
Ujfylfy4W1TZtS1ryCsskAiOrTpXH0G7
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
#
;ns-cert-type server
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
50c09d4cd2d32cbfadcc9ebff8e624d2
f7a5730ff6b708aad8a6bb14b3a7619d
e32764bbe875f11ce46213a35500cc2c
fd0b6bf2e7b8cc2392a478ad7f4e7c7a
3fbe2e50a781ea9a4fd83cfaf64725db
98b4740b145e2d948b3b09975866c03b
a268f82e767fa2517b469ec3e563d321
8156f8f192f75bf8385697aeed6b9f33
fd74e02426437c42dc7a85afd828012a
911e7d8e837249d33a4209dbd0a2c017
c0ee31207a0e5ba05e736fa1c9af1cbb
0b39dab31939eb37df367d1eccf61ff3
28135f42ba70344179186cdd0cac5058
9cb4bac7dd08436d1efbd452b72416e8
59bc9118c2c6aba6107faca0604d947f
ff8569318b234e4ddbb68189b1504969
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
;comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

22
CKUBU/openvpn/client-confs/wf.bak/ca.crt Normal file
View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDqzCCAxSgAwIBAgIJAIlzPeW78XsvMA0GCSqGSIb3DQEBBQUAMIGWMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xEjAQBgNV
BAoTCXdhcmVuZm9ybTEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczESMBAGA1UE
AxMJV0YtVnBuLWNhMSIwIAYJKoZIhvcNAQkBFhNhZG1pbkB3YXJlbmZvcm0ubmV0
MB4XDTA4MDUxOTE1NDA1N1oXDTE4MDUxNzE1NDA1N1owgZYxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjESMBAGA1UEChMJd2Fy
ZW5mb3JtMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRIwEAYDVQQDEwlXRi1W
cG4tY2ExIjAgBgkqhkiG9w0BCQEWE2FkbWluQHdhcmVuZm9ybS5uZXQwgZ8wDQYJ
KoZIhvcNAQEBBQADgY0AMIGJAoGBANuLDmTY+5mYLbm9Pml3RwzxtTJ2NiLzAocR
sfxqux6P0ns1qCXOYmrdP8/+iCvZqw432htmyV+lSFdwh8lRe/hzklpr0Eq7PRVa
+D7Y4zlFtrz3j2w7WbYVUdSjC1/nQC0RiUbR6LdL389rnAeN/EOCCPOmilikLXSu
wtMXFbr7AgMBAAGjgf4wgfswHQYDVR0OBBYEFBL216mxa4JrWCNvx4pPQRJOcTeE
MIHLBgNVHSMEgcMwgcCAFBL216mxa4JrWCNvx4pPQRJOcTeEoYGcpIGZMIGWMQsw
CQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xEjAQ
BgNVBAoTCXdhcmVuZm9ybTEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczESMBAG
A1UEAxMJV0YtVnBuLWNhMSIwIAYJKoZIhvcNAQkBFhNhZG1pbkB3YXJlbmZvcm0u
bmV0ggkAiXM95bvxey8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQC9
FU3NZa7dpiLVvvUQ7jWbl0LDI97jP8ScAzc/JWTrh5Pa45Fae28BQkU2NmelyL0T
yMVy/9UdpdU0H3RpOAfd02z1thxZqr3wR5rEURzwR6uYmdwHyPNYfMhdmXVIfXcp
pLHN2t3YBwKP5UCgULPDO8n7rVzYBs3MtfaCiQgXrQ==
-----END CERTIFICATE-----

137
CKUBU/openvpn/client-confs/wf.bak/client.conf Normal file
View File

@ -0,0 +1,137 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote wf.oopen.de 1195
topology subnet
#push "route 192.168.82.0 255.255.255.0"
#route 192.168.82.0 255.255.255.0
# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Downgrade privileges after initialization (non-Windows only)
# user nobody
# group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings
# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /etc/openvpn/client-confs/wf/ca.crt
cert /etc/openvpn/client-confs/wf/gw-ckubu.crt
key /etc/openvpn/client-confs/wf/gw-ckubu.key
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1
tls-auth /etc/openvpn/client-confs/wf/ta.key 1
status /var/log/openvpn/status-wf.log
log /var/log/openvpn/wf.log
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Silence repeating messages
;mute 20
pull
#up /etc/openvpn/client-confs/anw-km/openvpn-up.sh
#down /etc/openvpn/client-confs/anw-km/openvpn-down.sh

73
CKUBU/openvpn/client-confs/wf.bak/gw-ckubu.crt Normal file
View File

@ -0,0 +1,73 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=DE, ST=Berlin, L=Berlin, O=warenform, OU=network services, CN=WF-Vpn-ca/emailAddress=admin@warenform.net
Validity
Not Before: Sep 24 01:00:16 2013 GMT
Not After : Sep 22 01:00:16 2023 GMT
Subject: C=DE, ST=Berlin, L=Berlin, O=warenform, OU=network services, CN=WF-Vpn-gw-ckubu/name=VPN Warenform/emailAddress=admin@warenform.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:d2:b6:81:f7:48:97:39:5f:c3:c5:c4:9f:54:95:
34:65:2b:4d:5c:02:bb:4a:34:3e:36:d2:7e:b3:d0:
74:6d:6b:ea:c7:a3:73:1c:a8:0b:78:fc:cc:13:d2:
a0:a3:38:ea:f8:9a:b0:6c:fe:51:32:aa:39:77:f5:
26:27:a4:de:79:bb:4c:3b:1b:48:86:90:a2:13:6e:
b1:44:20:c0:73:98:e1:c7:eb:de:5b:75:20:e5:66:
9f:30:f3:c2:53:be:f8:2f:c5:23:5e:71:f2:34:37:
44:65:7b:a0:9a:23:3c:ba:96:5d:83:e3:f3:da:3d:
72:aa:fc:f0:59:7c:23:2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
EB:59:09:B5:2B:F3:62:60:75:4F:71:74:AF:9D:6F:C4:02:DC:D2:2C
X509v3 Authority Key Identifier:
keyid:12:F6:D7:A9:B1:6B:82:6B:58:23:6F:C7:8A:4F:41:12:4E:71:37:84
DirName:/C=DE/ST=Berlin/L=Berlin/O=warenform/OU=network services/CN=WF-Vpn-ca/emailAddress=admin@warenform.net
serial:89:73:3D:E5:BB:F1:7B:2F
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha1WithRSAEncryption
b9:18:88:3c:c7:d0:11:e5:a2:f9:01:2c:6d:52:38:a4:10:bd:
c0:da:ba:9e:5c:72:4a:2e:11:80:4c:a6:95:13:2c:f3:bc:d9:
31:06:a3:0f:78:7e:a7:06:03:17:56:8c:c0:f2:45:7d:33:19:
5a:85:e1:b0:7c:37:c1:a4:08:e1:4e:be:57:cd:2a:d9:95:34:
26:ea:88:ab:b1:09:c7:29:6d:3e:0b:36:a7:37:be:78:17:22:
8c:c1:64:38:55:6c:69:07:af:9e:f2:07:1f:ba:57:66:60:21:
85:9b:59:71:df:34:8c:03:38:b5:0a:8f:77:67:2a:2a:0b:d4:
9c:76
-----BEGIN CERTIFICATE-----
MIIEETCCA3qgAwIBAgIBEDANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRIwEAYDVQQKEwl3YXJl
bmZvcm0xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEjAQBgNVBAMTCVdGLVZw
bi1jYTEiMCAGCSqGSIb3DQEJARYTYWRtaW5Ad2FyZW5mb3JtLm5ldDAeFw0xMzA5
MjQwMTAwMTZaFw0yMzA5MjIwMTAwMTZaMIG0MQswCQYDVQQGEwJERTEPMA0GA1UE
CBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xEjAQBgNVBAoTCXdhcmVuZm9ybTEZ
MBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEYMBYGA1UEAxMPV0YtVnBuLWd3LWNr
dWJ1MRYwFAYDVQQpEw1WUE4gV2FyZW5mb3JtMSIwIAYJKoZIhvcNAQkBFhNhZG1p
bkB3YXJlbmZvcm0ubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDStoH3
SJc5X8PFxJ9UlTRlK01cArtKND420n6z0HRta+rHo3McqAt4/MwT0qCjOOr4mrBs
/lEyqjl39SYnpN55u0w7G0iGkKITbrFEIMBzmOHH695bdSDlZp8w88JTvvgvxSNe
cfI0N0Rle6CaIzy6ll2D4/PaPXKq/PBZfCMrxQIDAQABo4IBTTCCAUkwCQYDVR0T
BAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmlj
YXRlMB0GA1UdDgQWBBTrWQm1K/NiYHVPcXSvnW/EAtzSLDCBywYDVR0jBIHDMIHA
gBQS9tepsWuCa1gjb8eKT0ESTnE3hKGBnKSBmTCBljELMAkGA1UEBhMCREUxDzAN
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRIwEAYDVQQKEwl3YXJlbmZv
cm0xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEjAQBgNVBAMTCVdGLVZwbi1j
YTEiMCAGCSqGSIb3DQEJARYTYWRtaW5Ad2FyZW5mb3JtLm5ldIIJAIlzPeW78Xsv
MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDANBgkqhkiG9w0BAQUF
AAOBgQC5GIg8x9AR5aL5ASxtUjikEL3A2rqeXHJKLhGATKaVEyzzvNkxBqMPeH6n
BgMXVozA8kV9MxlaheGwfDfBpAjhTr5XzSrZlTQm6oirsQnHKW0+CzanN754FyKM
wWQ4VWxpB6+e8gcfuldmYCGFm1lx3zSMAzi1Co93ZyoqC9Scdg==
-----END CERTIFICATE-----

18
CKUBU/openvpn/client-confs/wf.bak/gw-ckubu.key Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,37AB2C6A648F9B51
//7pxmUNAeKIEUpYC68megc6A52uE+0wYP+R6Wgr+LlZo9OMmgloxVCB4UBbh5dG
yhQm14DDwr0Wwsx/TCT44PvUM6At4londgCScVLf5oG6G3zMiXAwDvW2Y5f3Q9Ur
8h1VV4jtmuFnah+IwLixkdJ8RK7BuBgUk0w8ifDFRUKRA5vmAjI5cw75JHl3HLsM
Cdcx2+utLB84iDSox0GADkCqZpdiMpxpfin4qzec6IrZtyf3wG7mZpbPTLjOhWcP
JpYFegM0VzAjaaPV1e9MB1MDFK5D0hiwiN0FQuJN0AP88cNrOIx8qYoDAjEbnuFz
egarxVZuO9qrjU/ZwkTU/5MRG2g5cB/0z35r6lA02jLQQRLYovq/5BxFpSpU4dMO
gJ6DUthCwh27LUKI4vwZ9r3tHTsVntylCE0T+5MKcbjZcdIcfTd/G6MvR8u66M8K
PG7tuXQJ1+/ibqMKP/C7bRCOojVf336J2Qf2phIXtnfq5b+OrlURr72E2X5/P7KD
Pl+aI48IngqQ8t1YYlXoPWg2A+w7/wHI8CmT2lEy5Vi/U/yeP/fHRIQTQdOCoPdV
pwtmQDC67W347RHHvxebSMHJFQhJJxR6oJeNho5yAJ7FqOcyUb9kNTaVujQ3BYhu
4RZ+D0/N/2V7IZ0hh+WtWw68DbP0WaPGxipYZXkk5sbTjnGs1OmFfbwIJ0QTu/8J
SRl4EWCkzm1ourCYzWLQmRfkcYsJ2btnh1WNz7J+N98cO9lR6mJagQU2gZvcL3PH
XmrtVsUlfkoVQpxKjqg1y9slUn0bnGd3nDghYsSt9zSxVYSPjmI9SA==
-----END RSA PRIVATE KEY-----

21
CKUBU/openvpn/client-confs/wf.bak/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
487f0b0b91c11fc48fd4ff982521d467
203219c102195d26fc58585619060699
1891b99c2d6d314ba08a35256c901e1b
a916cf8c9e9b43f2219d66cba4cf9bd9
843e45c6bb28224cd4a69fe863d45d05
b1260969b01939384a4ac77d7ef8be24
6eca30bd6e7c2f493d0bb798becab038
5525e0f54c3cac4a2886ee7a6350a182
733528cdcf7d84959209e73339c235d3
0bf58b8509dca56278b6289b94b45585
4d734f7c553c047f06a7fc60b19c2ac4
2e7b82683114377d003be670fe2f52d8
6a075c16de4301fc2ce65cb8fee4d6b0
d23938abfaaf35456b3784719528b35b
2b864497880d3a92540a8698d10d9299
edf5e74ba8378ca58a90909c5aedf05e
-----END OpenVPN Static key V1-----

270
CKUBU/openvpn/client-confs/wf/client-gw-ckubu.conf Normal file
View File

@ -0,0 +1,270 @@
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote wf.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIGxjCCBK6gAwIBAgIJANI5OJTs0bx/MA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEPMA0GA1UEAxMG
VlBOLVdGMQ8wDQYDVQQpEwZWUE4gV0YxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
cGVuLmRlMCAXDTE4MDUwNDIyMDQzNVoYDzIwNTAwNTA0MjIwNDM1WjCBnDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMT
BlZQTi1XRjEPMA0GA1UEKRMGVlBOIFdGMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
b3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK+Qg+M2wuVE
xG3mDM6abF2wyU7bVeIVgbdU3L+aleso8IyCwyZS3JTWafR2HzHGBIRvmmxNVehs
EAM8AtkxMqKSGTv3HgnaHy6XSNlMqmO78rCUifFs24Uw2vbnbrytxEGGr7aFVaiy
f+nZ6uc+KT4sJzzxc4UV3BxH6aBt/itNCrx/mPrQ6JBsH1U0pJp8O35UNmgPxRTW
A96LMxvupC4K5MWCK/ZMgJ+zaKuHY2Zn09vmxIOEkzGY0MSQynLaIa/W6TLlGXpn
UKRArd098gS6IF3TNLeTHKwwEMdQREguL+C3I4m9a9uCFs9AUGmKx93prRG38RL7
TrdJTG5J2642xBQae/M4NjjPZ8yiNKMiO5CM6RiINtC3NykwlR+74LmDz0wxvxoz
zsNdpYKH9eaqE7xmRhpXPYc41oCT7QOg8kh1k11dx7awx1edD+5MBklyr23yph7I
p4j2aA2Ce4PKgH9p4pPNDuMI7o6AFpQZC/YaKO315PIvkGbI2FPvkD6WAFo6ol4K
P4Qs8l3dek6cqys5tkq5G1vh61P33hnRqIOlDjZ/03gtsZKjndY+WSR+ilcTb+dP
I2dYXqX+Cy6xY4bHVxpHg7MXYDZoXtVnjLcC5EviwiShqDBReH1CFCfDlleWjkob
vlLjvCO19SEzHWK7lAUvSuOk+XFlPwgRAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQU
0PJ0ICpJa0iXvNFbAFu9khFc+mkwgdEGA1UdIwSByTCBxoAU0PJ0ICpJa0iXvNFb
AFu9khFc+mmhgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3
b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tV0YxDzANBgNVBCkTBlZQTiBXRjEd
MBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQDSOTiU7NG8fzAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQA1PlBb6rHJnwpZwfY0Uvb1CVbCuVF2
4C54AMdWKTORs8U9fVKTwVxzV+aeHiEztxOoKLhIq8EN3+0HkDdXBKHagHXjzEoe
h91n/5nfc9IqR4WVO9AqFaqiIQmSOFqtryoG8ZgHtAz65YCGruG3BS95IIooeXQW
r1sH3L/2rb0ea11zP3CtBy2pKlHiu6289JiLyObKFaQFu7PCJzWARV4pIJf1XgZl
qk2YundPpKxtxHUhe0UObYFrcgo1ccBnKEsEcMANk7nz27QXML1dSSRMFc/AInpJ
EMrInTaGI5rGusgbGrPSVAnuLMkmDdNE6r6l4L9cd5m867CUfp89m4BCU8Cjv+UP
5bnBU9DgUqMs0jlOqbfy27FOsPXBhsyR4QdddJCAg+yYuYdBgVo8XRZiSPYTi55G
M29n92ma9HVU95WA4cR9d3IlgNk40RhgAVMcGAOgk/sQFfp43DssBtcY5wweva7B
a9M34o0f4HslXDm6xV8y9P+zcScbs9B9WXE+2HvMwVTrXnM/EhpyL0MlZ5NXcHld
cBqNwRu84Rw2iw54sQDb8R0a3NJ3ZxHbQG8crgUD80xgZe1ds9k6YoCr4c4wh7SP
ru1i2v9bdCskC/vsGOR7BNUvVfJFcfk6PcqynHjvGgz8tWWdEkbRA29UZM0paAwZ
Ic3ZiGwAJvoitQ==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnDELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxDzANBgNVBAMTBlZQTi1XRjEP
MA0GA1UEKRMGVlBOIFdGMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Blbi5kZTAe
Fw0xODA1MDUwOTQyMzFaFw0zODA1MDUwOTQyMzFaMIGlMQswCQYDVQQGEwJERTEP
MA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3Bl
bjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEYMBYGA1UEAxMPVlBOLVdGLWd3
LWNrdWJ1MQ8wDQYDVQQpEwZWUE4gV0YxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9v
cGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAspSsnUm1LQ7b
8RkbTcnOZbkY5nrCxuUS48TTR5xldAqAIE4dcBiOt4bk4Owq+Ga/ahSPRE4bzWGg
sxMPAOwrTQbIzTTSa+hE88yb/Yex+ajFF3l5P8UFDnuhsktYKTO5gmm/s7ylUXkD
229PVWJSZPDkoyCk6X9dePIr1Y5bp9hVsu+kAbgv+hqDKVs2t9SEz9sR1D3bPBSo
Qq922A+uAB8TuMO7+Qa56SN3TNeppDbZ8sMJDACo4n6kuGiiwGKwQisuClWc4Ztk
lyxRyk4nX3tazoZ5/HhnWAVIyDtKJLoGTtuJQPTrg6u73L8dZ/Xdzs44JtcVgFyX
c/tYfpa0qwOaEjY4eIZbR8fnE1aDVKOxpF6+dT687g2ejZnk7xat7nQ1xO0dOpuU
nGcHoj6xS/qelJdREhoSmBcM+s47AcChvLQcnYxoMUttGa1IwMQ+JLKAkoe6SxY5
O/RFc7ikFtxqTjoYhEaeOEdpylddkls2GgY+zhr19Q7fQG4GJAzcaX8kZNW9lCsL
bnVNKs0NPqSzlH1V8fRW8qbGLBYo4psmv9ZSVz4uSvjeiztxDXacrn/mk6QaCsBU
iGL5W10SMVzdoCDhZaXLpbav3TqSdO8McJgOrRw4oj6ub4FeRD1PjLfLUJNT4yQU
xaM4cJrrOREcZrZ/QzFb50A5wPj3XmECAwEAAaOCAWgwggFkMAkGA1UdEwQCMAAw
LQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
BgNVHQ4EFgQUC1o/4VMVvM1Vd/5aZ/6VotQG7/IwgdEGA1UdIwSByTCBxoAU0PJ0
ICpJa0iXvNFbAFu9khFc+mmhgaKkgZ8wgZwxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
EwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYD
VQQLExBOZXR3b3JrIFNlcnZpY2VzMQ8wDQYDVQQDEwZWUE4tV0YxDzANBgNVBCkT
BlZQTiBXRjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQDSOTiU7NG8
fzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoII
Z3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAF5Lkr5dmfn07fwGHbjBYQcGapqI
r4GEBG9E52PFBL432FLlaLy9HrpQfIj+6aCpO6/M7u5GSQH9/2Bo1COQDenWVJdD
4oAkCcuBFwY2xIMMF4RkWXKrKEVCc+hZsgHl5/ZFKQdx/XYLrJc4s+ZUFgiESfmX
NpP9d2T5kB/SuxxXIP+1wVe7sbKMsa2VZDTe1KI7c1xgb5Z+azGmED3MyfLf+jS2
jOPhJZAxpiGhBC8SvTzmaysGkakAEBzgIuPz3a6rKn3lPFKNp1zoALGVRMwkRYdu
ufdoBlwGq9Vt6WKlih9XFBcuFbKLH20ZG9oPrElMnkMdDucoQZ6hx6WNdvVs5TNb
+kaDaWu4dQqr4VrY1Xx96VctvvkbLT9BWzFBMlOAXJi4Ndox+P9W0z9oq++bOVpN
7H9qrdIG83tN7El4elemvXeyHfq+4vVgrPvLJ3blhuoZKONauXu/0D3Vt3mB2Gv2
JL2oYFMa7reU+IYBZ6HzR0AOTmy/9emA6h5jf27WSWY9JYzvflzIRg6i9eH/goDs
vAYjExeG8UelahsS2XhVhnYzimigBfPE2CkBXCTX9KnEumF/Tk6kb7u9Pqs7Sw+u
w9dpCWspa9+H75kl/I5k52mJpxg0tbG3GP65DpwnGtIYvTFs0DSywlh/5hnoN5Go
Ww26mZRoHwHAtAHo
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI59wBCS9KufACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECMafpEYThPSNBIIJSMfS/Nhh6rKg
wYowIdjqeXtALfdMjYM1VPFesantrtCGxxZgyvGhT8GJylJvyKlHpaGKXnqib9k9
vtmLEwgte4gfKQ4DfBLKSx59tMWOubFkP0UipolhJeksCzyq8Jz+vqITr8ZIHm3F
+Rw6Vmf/tH6+tl4E+K9RsC6y9DV+3LT8nApLJw1jFCOPTYJ4MGMXyacrQ0s6uluB
vL0T47A9OVemH9dAJhxIeYXP6oNM5/bbMe7ipAQDmwzAU4YGn3VR7hRdFjhcsw9G
3MiQQc3/vBKYmIwDKdRhkNr6BWU6kj00aHShchQQB3igc/C0T+OdYjbV395+AoeW
N2elVKmVR+jPmQCngb4adE13PqzAil29SMNGCYUmrr6w9beof1lkNgaPGMlizSrj
dyViCIfyKUZIyHoTM2tkWZnvwvTAiLnq/KLb3xeFEz1P52dXNa+iaaT+2/CMJK8y
/K3tI3LelE4GlJ0pqPeBbgPdJtDjti5eLAzlpVt36FXYIauNHPqdudD2gkU1uyQ+
UczS0aiHp/HyR35OhOtjTq9WjL6rNcQydYxKZkQS6SftqC9B3ulG6miI1qykoQRt
7mCOE4hdRLb4qU7ZbuLh3ysX90FgSaCTRkn/WLLRdXL9rnp18/i1o628449p+sCQ
1Y1BaMSiwBKHu5kvFCUiZ/9gS71rZvz2fWYvZult9hM9++XXwGjmaQFTO/O/YAKA
PMnsS7XZZLF8kvWp7kXU94ws+Bozhbfd3Owpktr7oe5pnUz3JoIuZZN7kq99u8+c
0n9hIBrMKcMWbyDOVwlNJ8GvR8QkEcXwzfNjEqawHpjZ4I3FV+nyVuCOt0Ap7ic3
GqEkpfUQavLyxxYanchf04/obbiW63+r2LbLeouvk44LjOdjP1cD9Q72jdEfYTeS
bnqeqA7LtNJ334SsetLyfPpf5StF59HGAlOLRQ5zCM2UW8HPGK+BRn5FWw6lfp9x
8wCIYs8QDzq8PwRNpi5z1YgXGM0GV15uk4JRPphSD0GdB4bDjIufhG1WzAMgHd3K
99ppEmtguBXQwjt3KnRed+sjbhnPEsdfAKlvGhtHgMlxa9Pt+4HY6BapcVrcpE1U
yx72S3BrWgY1b+4E6DEkAZurGcqNeBf+3kXzQb/bgZ089oSkcULayx3qMv9I8pWk
SQ/KiWz0w7LhPcxOHtyLEjn1z/FMnc/H+HYL7nVLHvPQI1QqN6QVDBXMnzWe/LYm
pRlKnFXL8DSQ+U3Y32CsCGmRFoHnC5IOJ9AyLcH8Cf1mGHtq2AUR6A+5fnDnzs4W
wneYMYE+chjoEBhyrbhaBmzMsZn1EQeRSWnKFUv380OeBTQvA6UEX2NbYe96Sm8/
5vym3c9js8SioBiM5nT1IO5w3ySjnaF3UmUldlk3JUCOey7HiuCXBGNiDq06laPX
Gy3cAy9zasaPdsPaPcOjNyHurSp23qXua446IyBZTdzQewE5AcfQMyJIwzuck/oq
UDZvHZUbiqcaWtEcquyLRSQPSRj8zAN0+VJoO88ptfC423ye3SV/bsIJV/dlys0W
NqkfK4e7sqXlbESlxMfhTqKHD0JgC/mvlfWcQi7zQ3KTjWQGKGgkZgPe5YKa9XNy
r1iA0sVKrvJcFWNb64wXUN5KKP+7j+jnkLdsQKrDDrQcdkFZI3TTjB61We8xG4EK
vEkhpxf3DG6QOYpC5xpKGKIKDvb3PlxDw2zLoRghlLOYcrzrCKCRpykVdPa2/WtY
ImvtspFedb1erVuObp7KJtfhnKsiT6D2QXX1YceYwmC+6tbpdyi1/SsnwOnP1vyD
2Kt+l10ISuDIE50NtEmwWjluSHenQXwgkM57YrYi2cwOB8tPxUiFevpFcQpErVyd
7Ocgd7n+NEM0Wk2+9Ap8+uAqIGnwy1og41/EzpaSybhMHhI4W8o7ocTIU+P4o3+5
Lpq67MLebA0nJ2UFK0/CsJFH0mqL+MyYbON5T7IimS5f+dxBTX80zZeyIcV/uf4d
w5T79/5ltjQ61MYS6nxnuEFVsO+S4iQZPV8lyszucRXhK9czJ7DULvbOcUqFgVU/
wkkmIeGRiqntohas7mLzl/GIExt6e/yK40jTbIq0wGt2fXncVZ9yLn5Piap0kjTn
SrDcvBHR2yOjvt/hSiIhB/8Stxfspc+a0gPMWzaFzw5IFxzihA6FI+wnRmLTAIY3
niq6ORveC/9iZLe0tJ6AAG4vw6oDi9wQPqdqMfwcmiFDqT+lpNd0aWOpTvTnVt07
ibNVRV7H1DRomeUodkwcnvlONBWyt30WOE46C6zRGnIpfKO8NSUG5CTJd3YKUo2b
wqSd2N/jhQ5is+vHIxqhHl53p3DvO/OMSb9vYtBoUlHUhxU+4dJa3T1qibKtHXHa
2gsG64/AFt2OQqq9KS9Zi8Hc2MyI3tPeAy4xMctYM2b1fjE9UHWRfbcVZTOPWbz8
PWfvyNwc4c8pqeojmMaMyUPYMsoM+yhj8tHRpoTNUSZx2I9VrhrAMQQt5HIThY0n
/MSWjaWOH1CPbgIyJaBY8WLL1Kz/QsAPV7PgeG5YJVvuqM0uo+iDhf4fHXR4TYqS
baeXV8sXQg+6WDmBESsPOGpL7jMRg0Ay6HHnAmZHWWC+9J4trVerJct621A26y9V
3Bh2r1zbL8dkC3WHvBu1uVlWam1z4Qj+sS66HCDlPWsgQZzBOX3JPRn7IUjCFzWM
q0wZPSNO1outCFEs/uW8nelWr3EOeYBtpJZU81rXSYHvDa0mWZCroabNcgDiHbcj
DwhtAewmLeJhYUPUkU7SoqZLJy/RRymEO1vaNutQtm61vlbnAatcM6y1v51/vLRl
xe5fpp9/EZGXMfnjgKApAO0WFYPk6FhZydm4KrXTQueLS63GGCuSmaAVP3aLWt06
qn5FfIqupymn8xqNkmToUhE4559j7Z+//tvvdNppsD1YY6x6S0NfWreGhArL0uYu
er9iXtrbb0QCitzXdWh90+CEFvENzeYOqE1T4C7pq1Nhoqu6qCzFk63TPBBhlFm9
R002jRL/UcjqDy7L4L4hE6TCQqlnVuPl1Ru8uCpRAUARPbmWNBVi+yUeGTh3YFOa
yPuYDrvQEjzXl16q+U/5MNQ4S0MZzEDtjMYKqLyGsVh503jKO6XH3UmMAFlrWf7J
1xr8RI04RwGrFDkPkuw1dQ==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
#
;ns-cert-type server
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
3e5606d9c9b42920092f825f6a23844f
2f37246d81d815ac43de66f4ecfd7237
5c7a90624fce693c8b98330f067e3fb0
3a7e09895d73d7567f1054b54882d4c6
72b6d4b075c817d6304a2928a03af610
89090caccd14025b83683285228bb280
8255101ec75398ec183f14d3ecb45fe7
e26e6fdb81e7d5ac8a81965acd7094a5
5b99d8b392a9998f7468e553a049c539
876925b61b9fc07ebeefad3f672e6baa
538e516961f37ca0e09666cdd6f67d37
89a39089fed07e8755a410b86ca40061
cdb81e6fa11b17b2b5dd74eca1447aa8
b2611b543751b2d53fc79fddbc26f91f
4d9ded064e9ea85b882475aa965950d0
7ee0cd2ce141eb6678d23a7bfa832536
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
;comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull

18
CKUBU/openvpn/client-confs/wipe.so36.net/as250oob.key Normal file
View File

@ -0,0 +1,18 @@
-----BEGIN OpenVPN Static key V1-----
c9434047b9f0191c50a8a49a81a2cb22
4c0a197ae768f6f9754b34cce526245e
ca10ad7d8068bd73ce6560a15d23d72f
c6cc5eb12a47a5fa1d7dfee09db0b1d6
e349ac98e759d2845129d1e907575f90
a41c055815d50e6890107f9677c2884d
46eaefca8050bbfbd3b9fa386a998e2d
6da1b1b38496248a280211868e271dda
163e81c342a1279d848de32864394f1a
10486ec963189d236b4237aa396eaefb
bb64cf9749a3f0d11b75eb1d90772cbc
8edaac9bd760d1d51060ea910404f0de
fc924e923644c94082db0751844c4af6
a4eb385827e62af0e77134608bd237f7
d9e1e52d4d1595181a21b54d01f1db8b
abb34d551b204876ebc703c3e325dc11
-----END OpenVPN Static key V1-----

14
CKUBU/openvpn/client-confs/wipe.so36.net/client.conf Normal file
View File

@ -0,0 +1,14 @@
dev as250oob
rport 65001
proto udp
secret /etc/openvpn/client-confs/wipe.so36.net/as250oob.key
dev-type tun
remote 212.42.242.221
persist-tun
persist-key
verb 0
ping 5
ping-restart 30
ping-timer-rem
ifconfig 10.250.134.1 195.85.254.134
script-security 2