S-a | Rock'n Root

How to configure the openvpn client on linux (debian, ubuntu, mint)

and also make the prohibition of traffic leaks past vpn

!!
in Debian: everything needs to be done as root
in Ubuntu and Mint, you need to add sudo to all commands.

1. Setup openvpn client

apt-get install openvpn

2. Make sure that the openvpn clien version is 2.1 or above

openvpn --version

3. Start
although the easiest way is to run from the line with the specification of the configuration file

openvpn --config client.ovpn

but we will do it in the Debian way
– move the client files (crt, key, ovpn) to the /etc/openvpn directory

mv dir-with-crt-key-ovpn-files/* /etc/openvpn

(after that you need to check that the configuration file is called client.conf – if not – rename)
– start the service

/etc/init.d/openvpn start

With the following command you can see the process

ps aux | grep openvpn

You can also check by going to the sites that define ip
now works, there is a little bit to adjust

4. Configuring startup on reboot
install sysv-rc-conf package

aptitude install sysv-rc-conf

run the command sysv-rc-conf and set or disable from 2-5 levels of the mark on the service openvpn
(Similarly, you can disable the network manager, if necessary)
Exit the utility with the “q” command

5. In order for the traffic not to go past vpn, we’ll run openvpn with the script:

create and fill the script:

echo '#!/bin/bash' > /etc/openvpn/openvpn.sh
echo '/etc/init.d/openvpn restart && sleep 5 && ip r d `ip r s | grep default`' >> /etc/openvpn/openvpn.sh

make it executable:

chmod +x /etc/openvpn/openvpn.sh

Now you can run it from the command line by simple typing

/etc/openvpn/openvpn.sh

sh /etc/openvpn/openvpn.sh

as well as double-clicking

How to add an S/MIME certificate to Mozilla Thunderbird

To do this, open the mail client, right-click on the user “settings”:

Further – it’s easy:

choose “security”
then specify the path to the s/mime certificates files
press “OK”.

Use, as shown in the picture (when composing the letter):

Free S/MIME certificate (comodo secure email)

Of course, honest citizens have nothing to hide. However, you will agree that it is unpleasant when personal or confidential information becomes available to someone else. Modern mail clients support wonderful S/MIME. We can take advantage of this function in order not to send mail on the Internet as postcards.

To do this, we will do the following steps:

[1] You can get free s/mime certificate for your email with this url: https://www.comodo.com/home/email-security/free-email-certificate.php

[2] Then carefully fill out the form, come up and remember/write your new recovery password:

[3] Then to the specified email address we receive a message with the subject “Confirm Your Subscription to COMODO Information & Newsletter“. The email confirmation link, which in the letter, needs to be opened in the browser in which you initialized the registration. After confirmation, the certificate must be saved in the repository.

[4] Then in your favorite browser (I have a chromium in the screenshot), you need to extract the received certificate to use it in the mail client:

[5] As you can see in the pictures, in the settings you need select “show additional settings” and find the “certificate management” section, select the certificate from comodo certificate and export it.

Everything, now you can embed in email clients.

p.s. You must export the entire certificate tree, and, possibly, the private key.

Pages:‹1...6 7 8 91011 12 13 ›