Difference between revisions of "Tinc"
From Tmplab
Samneurohack (talk | contribs) (→==) |
Samneurohack (talk | contribs) (→All Nodes Configuration Directory Structure) |
||
(16 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | = | + | = Plan = |
− | == Configuration Directory Structure == | + | * here is the most basic setup |
+ | * we assume the virtual network is 192.168.22.x. | ||
+ | * Change it to whatever you like as private IPs. | ||
+ | |||
+ | = Linux style Basic tinc-vpn setup = | ||
+ | |||
+ | == All Nodes Configuration Directory Structure == | ||
/etc/tinc/ | /etc/tinc/ | ||
Line 9: | Line 15: | ||
tinc-up | tinc-up | ||
tinc-down | tinc-down | ||
+ | rsa_key.priv | ||
hosts/ | hosts/ | ||
− | + | client1 | |
− | + | client2 | |
− | + | ... | |
+ | tincserver | ||
== nets.boot == | == nets.boot == | ||
Line 18: | Line 26: | ||
networkname | networkname | ||
− | == tinc.conf == | + | == tinc.conf for client1 == |
− | Name= | + | Name=client1 |
Device=/dev/net/tun | Device=/dev/net/tun | ||
− | ConnectTo= | + | ConnectTo=tincserver |
AddressFamily = ipv4 | AddressFamily = ipv4 | ||
− | == tinc-up == | + | == tinc-up for client1 == |
#!/bin/bash | #!/bin/bash | ||
− | ifconfig $INTERFACE 192.168.22. | + | ifconfig $INTERFACE 192.168.22.1 netmask 255.255.255.0 |
− | == tinc-down == | + | == tinc-down for client1 == |
#!/bin/bash | #!/bin/bash | ||
ifconfig $INTERFACE down | ifconfig $INTERFACE down | ||
+ | |||
+ | == Keygeneration == | ||
+ | |||
+ | * to be run for each client | ||
+ | tincd -n networkname -K4096 | ||
+ | * private key goes to /etc/tinc/networkname | ||
+ | * public key goes to /etc/tinc/networkname/hosts | ||
+ | * add the first two lines as shown below according to client or server function | ||
+ | |||
+ | == hosts/client1 == | ||
+ | |||
+ | Name=client1 | ||
+ | Subnet=192.168.22.1 | ||
+ | -----BEGIN RSA PUBLIC KEY----- | ||
+ | .... | ||
+ | -----END RSA PUBLIC KEY----- | ||
+ | |||
+ | == hosts/client2 == | ||
+ | |||
+ | Name=client2 | ||
+ | Subnet=192.168.22.2 | ||
+ | -----BEGIN RSA PUBLIC KEY----- | ||
+ | .... | ||
+ | -----END RSA PUBLIC KEY----- | ||
+ | |||
+ | == hosts/tincserver == | ||
+ | |||
+ | Subnet=192.168.22.254 | ||
+ | Address=SERVERPUBLICIP |
Latest revision as of 10:19, 25 May 2016
Contents
Plan
- here is the most basic setup
- we assume the virtual network is 192.168.22.x.
- Change it to whatever you like as private IPs.
Linux style Basic tinc-vpn setup
All Nodes Configuration Directory Structure
/etc/tinc/ nets.boot networkname/ tinc.conf tinc-up tinc-down rsa_key.priv hosts/ client1 client2 ... tincserver
nets.boot
networkname
tinc.conf for client1
Name=client1 Device=/dev/net/tun ConnectTo=tincserver AddressFamily = ipv4
tinc-up for client1
#!/bin/bash ifconfig $INTERFACE 192.168.22.1 netmask 255.255.255.0
tinc-down for client1
#!/bin/bash ifconfig $INTERFACE down
Keygeneration
- to be run for each client
tincd -n networkname -K4096
- private key goes to /etc/tinc/networkname
- public key goes to /etc/tinc/networkname/hosts
- add the first two lines as shown below according to client or server function
hosts/client1
Name=client1 Subnet=192.168.22.1 -----BEGIN RSA PUBLIC KEY----- .... -----END RSA PUBLIC KEY-----
hosts/client2
Name=client2 Subnet=192.168.22.2 -----BEGIN RSA PUBLIC KEY----- .... -----END RSA PUBLIC KEY-----
hosts/tincserver
Subnet=192.168.22.254 Address=SERVERPUBLICIP