Install OpenVPN on Debian

source
First check whether your server supports the device dev/tun

• # ls -al /dev/net/tun
• You'll get results like the following if it supports
  # ls -al /dev/net/tun
  crw------- 1 root root 10, 200 Aug  1 14:12 /dev/net/tun

Then check if the device dev/tun is enabled

• cat /dev/net/tun
• You'll get results like the following if it is enabled
  # cat /dev/net/tun
  cat: /dev/net/tun: File descriptor in bad state

If it is enabled you should contact the VPS provider
Install OpenVPN

• apt-get update to update the OS
• apt-get install openvpn

Install OpenSSL

• apt-get install openssl
• mkdir /etc/openvpn/easy-rsa to make new directory
• cp -rp /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa to copy the files to the new folder
• cp -rp /usr/share/doc/openvpn/examples/sample-config-files/ /etc/openvpn/sample

Edit vars and change variable

• cd /etc/openvpn/easy-rsa/
• vi vars to edit the file named "vars"
• OPTIONAL: Change KEY_SIZE to 2048

Run vars to export variable

• sh vars
• source ./vars to execute vars script

Make the certificate authority

• ./clean-all to remove any previous keys
• ./build-ca to build the certificate authority.
• Press enter for each line it asks to confirm your details, but where it asks for "Common Name" change to your server name

Make server key

• Type ./build-key-server <server hostname>
• Press enter for fields to confirm and leave the "A challenge password" and "An optional company name" fields blank

Create VPN client .key and .crt

• ./build-key <client hostname>
• Press enter again for fields to confirm and leave the "A challenge password" and "An optional company name" fields blank. A different key is needed for each VPN client
• ./build-dh This allows sharing between peers

Now copy relevant files and place in the correct folder

• cd /etc/openvpn/easy-rsa/keys
• cp <server hostname>.key /etc/openvpn/
• cp <server hostname>.crt /etc/openvpn/
• cp ca.crt /etc/openvpn/
• cp dh1024.pem /etc/openvpn/  or dh2048.pem for 2048 encryption

Create OpenVPN server config and edit

• cd /etc/openvpn/sample
• gunzip server.conf.gz
• vi server.conf
• Change server.crt to <server hostname>.crt
• Change server.key to <server hostname>.key
• Change "dh1024.pem" to "dh2048.pem" if using 2048 encryption
• Uncomment max-clients 100

Create OpenVPN client config

• cd /etc/openvpn/sample
• vi client.conf
• change my-server-1 to your IP address of your VPS
• Change "client.crt" to "<client hostname>.crt"

Export these 4 OpenVPN client config files to C:\Program Files (x86)\OpenVPN\config

• /etc/openvpn/easy-rsa/keys/<client hostname>.key
• /etc/openvpn/easy-rsa/keys/ca.crt
• /etc/openvpn/easy-rsa/keys/<client hostname>.crt
• /etc/openvpn/sample/client.conf (Rename to client.ovpn)

Start OpenVPN as a service and start

• service openvpn start
• Query service  ps -aux | grep openvpn or ps –wwwaux
• Make the service be started with init.d scripts by editing /etc/default/openvpn  AUTOSTART="all"

Review of Master lock combination lock

Quote:

 

This lock can be opened in seconds by anyone without a tool. Find some good light and take a look in the crack above the numbers. Spin the dial until you see a notch on the silver bar in the crack. Line each one up with the dots and there you go. I don't expect a lock like this to be extremely good, but this is just ridiculous. Unfortunately I leave on a very long trip tomorrow and don't have time to find something different.