Deals u Szh isearchgt 106 i 39305 searchr Curl csearchs Mmm , Curl y Package u 39305 w Szh l 106 esearchpr Traveldealspackage msearchtsearch s Szh asearchcosearche Curl rsearchha 106 u Traveldealspackage l Package s Mmm searchrsearchv Mmm l Deals e
searchmsearch Curl 
305search39305 search 
urlsearcha m search 
0 Szh s Travel 1 Deals 6 39305 a
esearchr Deals h 39305 39305 ur
t T
a Deals e
dsearcha 106 s Www asearchksearchg
Traveldealspackage Mmm z 106 e
Mm 106 106 
lsearcho Deals i Traveldealspackage gsearcht Travel o Www q 106 esearcht Deals o Mmm ssearch
You have to allow apt to create a tun/tap device for use by OpenVPN software. If you click No here, your tunnels will not be created, and your tunnel software won't work.
The second question raises a security issue: OpenVPN software should be stopped during an update, so you have to select YES and hit return.
You have to stop the old tunnel software when an update is running. All tunneling will be stopped, and your users may not be able to connect to your system during this time. From now on, all tunnels are created by the new OpenVPN software including patches and bugfixes. This is the safe way to go.
However, if you choose No, you risk that the old software and libraries is still running, even after installation of new OpenVPN software. Bugfixes and patches of the new version may not apply to existing tunnels, until they are started again. You may run into serious inconsistencies on your system, if you have several tunnels and they are running different versions of your software. Thus it is safer to have a short time where users may not be able to connect.
Software packages for debian systems are provided in the so-called deb file format. Deb files are usually stored in online repositories on ftp or web servers, and every Debian system holds a list of reposititories to be used for installation. You will find this list in /etc/apt/sources.list. The setup program base-config provides a menu-based configuration interface for apt.
If you want to add source repositories to your debian installation, type base-config and change to the menu configure apt. Select the country you live in and the repository of your choice. Conform with OK. Now all software packages of this server can automatically be installed on your system, as simple as apt-get install <package>.
A debian package contains the software and information about it like name, version, description, contents, prerequisites, dependencies and configuration scripts to be started after installation.
Debian systems offer some very powerful programs with which you can control software installation very specifically. Because listing all programs and options would go far beyond the scope of this article, but here is a short overview over handy package management commands:
| command | function |
|---|---|
| apt-get install <package> | installs the selected package from repostitories listed in /etc/apt/sources.list |
| apt-get remove <package> | removes the selected package from your system |
| apt-get update | updates the list of available packages on the repositories listed in /etc/apt/sources.list |
| apt-get upgrade | installs the latest available versions of all your installed software |
| apt-get dist-upgrade | installs the latest available plus new software related to your config. |
| dpkg-reconfigure | (re)start the configuration script inside the package. This will bring up the menu-based dialogs like after installation. |
| apt-cache show <package> | prints detailed information about the software package |
| dpkg -l <package> | prints information on the installed software package |
| dpkg -L <package> | lists all files installed by the software package |
| dpkg -i <file> | install a local (.deb) file to your system |
| dpkg -S <file> | prints information about the software package owning <file> |
| apt-cache search <string> | searches apt database for packages containing <string> in their name and description |
These programs should solve all possible questions, issues and problems about the installation of software on debian systems. Just try these commands with the freshly installed openvpn package on your system. Type apt-cache show openvpn to receive information about the installed package:
debian:~# apt-cache show openvpn Package: openvpn Priority: optional Section: net Installed-Size: 744 Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org> Architecture: i386 Version: 2.0-4 Depends: debconf, libc6 (>= 2.3.2.ds1-21), liblzo1, libssl0.9.7 Filename: pool/main/o/openvpn/openvpn_2.0-4_i386.deb Size: 293492 MD5sum: dcc638e084f7b3143c614a33b26d5750 Description: Virtual Private Network daemon An application to securely tunnel IP networks over a single UDP or TCP port. It can be used to access remote sites, make secure point to point connnections, enhance WiFi security, etc. . OpenVPN uses all of the encryption, authentication, and certification features of the OpenSSL library (any cipher, key size, or HMAC digest). . OpenVPN may use static, pre-shared keys or TLS-based dynamic key exchange. It also supports VPNs with dynamic endpoints (DHCP or dial-up clients), tunnels over NAT or connection-oriented stateful firewalls (like Linux's iptables). Tag: security::cryptography, interface::daemon debian:~#
Although the Debian command line tools are very powerful, there are more programs that help you retrieve and install software. Probably the most common software for this purpose is aptitude. Type aptitude in a command line to start the menu-based installation interface.
Note. If aptitude is not installed on your system, type apt-get install aptitude.
Aptitude consists of a menu at the top of the screen, a list of packages and a window showing details on the software selected in the package list. If you have console mouse support, you can click on menu entries.
Click on the menu entry Search, or hit the F10 key and navigate to the menu Search. Select the entry Find. You will be prompted with a search mask. Enter openvpn. While you are typing, aptitude is steadily updating the main window. Click OK and have a look at the output.
Aptitude will find the OpenVPN version you have installed previously, the entries in the menus Action and Package help you select and install software. Depending on the selection of repositories you have added to your sources.list during installation, aptitude can also help you choose different versions of openvpn.
The following table gives an overview over the files installed by the debian package management system:
| Full Path and file installed by openvpn | function |
|---|---|
| /etc/openvpn | directory containing configuration files |
| /etc/network/if-up.d/openvpn
/etc/network/if-down.d /etc/network/if-down.d/openvpn | start/stop openvpn when the network goes up/down |
| /etc/init.d/openvpn | start/stop script for services |
| /sbin/openvpn | the binary |
| /usr/share/doc/openvpn | documentation files |
| /usr/share/man/man8/openvpn.8.gz | manual Page |
| /usr/share/doc/openvpn/examples/sample-config-files | example configuration files |
| /usr/share/doc/openvpn/examples/sample-keys | example keys |
| /usr/share/doc/openvpn/examples/easy-rsa | easy rsa a collection of scripts useful for creating tunnels |
| /usr/share/doc/openvpn/changelog.Debian.gz
/usr/share/doc/openvpn/changelog.gz | version history |
| /usr/share/openvpn/verify-cn | verify-cn function (revoke command) |
| /usr/lib/openvpn/openvpn-auth-pam.so
/usr/lib/openvpn/openvpn-down-root.so ) | libraries for PAM-Authentication and chroot mode |
FreeBSD and BSD in general are UNIX systems of outstanding stability and security and are therefore very popular among network administrators. Unfortunately the price for the FreeBSD philosophy concerning security that this system is rather conservative concerning new software versions. In practice this means that you do not have to worry much about security issues of the software you install, but you may not always get up-to-date versions.
FreeBSD also has a modern software management. Simply type pkg_add -vr openvpn, and OpenVPN software is installed on your system. Calling pkg_add with the parameter -r installs software from remote servers, similar to apt-get or rpm. If you run into problems, increasing verbosity with the parameter -v can be helpful.
The following excerpt shows the output of pkg_add,
freebsd# pkg_add -vr openvpn
looking up ftp.freebsd.org
connecting to ftp.freebsd.org:21
setting passive mode
opening data connection
initiating transfer
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest/openvpn.tbz...x +CONTENTS
x +COMMENT
(...)
x share/doc/openvpn/sample-scripts/verify-cn
tar command returns 0 status
Done.
Package 'openvpn-1.6.0' depends on 'lzo-1.08_1' with 'archivers/lzo' origin.
setting passive mode
opening data connection
initiating transfer
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/All/lzo-1.08_1.tbz...x +CONTENTS
(...)
tar command returns 0 status
Done.
Finished loading lzo-1.08_1 over FTP.
extract: Package name is lzo-1.08_1
(...)
'lzo-1.08_1' loaded successfully.
(...)
extract: Package name is openvpn-1.6.0
(...)
Package openvpn-1.6.0 registered in /var/db/pkg/openvpn-1.6.0
### ---------------------------------------------------------------------- ###
### To use the tap driver, you may need to do: kldload if_tap ###
### See ${}/etc/rc.d/openvpn.sh.sample for how to do this ###
### automatically at system boot-up time. ###
### ---------------------------------------------------------------------- ###
### To retain backwards compatibility of OpenVPN 1.3.0 with OpenVPN peers ###
### that run older versions (back to 1.1.0), you will have to set the MTU ###
### explicitly by command line options since OpenVPN 1.3.0. ###
### ###
### When connecting to 1.4.X or older peers with a TAP-style tunnel, set ###
### --tun-mtu 1500 --tun-mtu-extra 32 on the peer. ###
### ###
### When using TLS security and your peer runs OpenVPN 1.3.X, the PEER ###
### must use --disable-occ. This version of OpenVPN cannot use TLS mode ###
### to peers running OpenVPN 1.2.x or older. ###
### ###
### Note: use at most --verb 4 for regular use, --verb 5 is for debugging ###
### ---------------------------------------------------------------------- ###
freebsd#
aWww Traveldealspackage Travel Deals Package Curl Szh Mmm 106 39305 Travel Deals Package OpenVPN - Guoshuang e z Travel Deals Package v v Travel Deals Package Travel Deals Package Travel Deals Package
gWww Traveldealspackage Travel Deals Package Curl Szh Mmm 106 39305 Travel Deals Package OpenVPN - Guoshuang c Package