Difference between revisions of "Tinc"
From Tmplab
Samneurohack (talk | contribs) (→Keygeneration) |
Samneurohack (talk | contribs) (→All Nodes Configuration Directory Structure) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | = Plan = | ||
| + | |||
| + | * here is the most basic setup | ||
| + | * we assume the virtual network is 192.168.22.x. | ||
| + | * Change it to whatever you like as private IPs. | ||
| + | |||
= Linux style Basic tinc-vpn setup = | = Linux style Basic tinc-vpn setup = | ||
| Line 9: | Line 15: | ||
tinc-up | tinc-up | ||
tinc-down | tinc-down | ||
| + | rsa_key.priv | ||
hosts/ | hosts/ | ||
client1 | client1 | ||
Latest revision as of 10:19, 25 May 2016
Contents
Plan
- here is the most basic setup
- we assume the virtual network is 192.168.22.x.
- Change it to whatever you like as private IPs.
Linux style Basic tinc-vpn setup
All Nodes Configuration Directory Structure
/etc/tinc/
nets.boot
networkname/
tinc.conf
tinc-up
tinc-down
rsa_key.priv
hosts/
client1
client2
...
tincserver
nets.boot
networkname
tinc.conf for client1
Name=client1 Device=/dev/net/tun ConnectTo=tincserver AddressFamily = ipv4
tinc-up for client1
#!/bin/bash ifconfig $INTERFACE 192.168.22.1 netmask 255.255.255.0
tinc-down for client1
#!/bin/bash ifconfig $INTERFACE down
Keygeneration
- to be run for each client
tincd -n networkname -K4096
- private key goes to /etc/tinc/networkname
- public key goes to /etc/tinc/networkname/hosts
- add the first two lines as shown below according to client or server function
hosts/client1
Name=client1 Subnet=192.168.22.1 -----BEGIN RSA PUBLIC KEY----- .... -----END RSA PUBLIC KEY-----
hosts/client2
Name=client2 Subnet=192.168.22.2 -----BEGIN RSA PUBLIC KEY----- .... -----END RSA PUBLIC KEY-----
hosts/tincserver
Subnet=192.168.22.254 Address=SERVERPUBLICIP
