Chaosvpn 简单配置过程

###ChaosVPN配置方法

引用chaosvpn 官方档案来介绍一下:
*ChaosVPN is a VPN to connect Hackers and Hackerspaces -
这是官方文档 有兴趣同学直接参看官方档案了解更多。

简单介绍一下配置方法,以及可能遇到的错误和解决方法:

废话不多说:
以下操作均在Linux下完成

安装依赖

apt-get install tinc iproute2
apt-get install build-essential git bison flex libssl-dev zlib1g-dev debhelper devscripts 

//如果tinc已经自带可以直接跳过安装
可能会遇到错误:


E: 软件包 bison 没有可安装候选

不要管,继续

添加chaosvpn的软件源:

vi /etc/apt/sources.list:

添加:

deb http://debian.sdinet.de/ stable chaosvpn
deb-src http://debian.sdinet.de/ stable chaosvpn

然后

apt-get update

可能会提示GPG 错误

    apt-get install chaosvpn

如果提示错误无法安装

    vi /etc/apt/sources.list

添加:

    deb http://security.debian.org/debian-security wheezy/updates main 

    apt-get update
    apt-get install libssl1.0.0

然后

apt-get install chaosvpn

进行tinc和chaosvpn的对接操作

mkdir -p /etc/tinc/chaos
tincd --ne=chaosvpn --generate-keys=2048

可能会提示

    Error opening file `/etc/tinc/=chaosvpn/rsa_key.priv': No such file or directory

输入

mkdir  /etc/tinc/chaos/ecdsa_key.priv

再执行

tincd --ne=chaosvpn --generate-keys=2048

两次选择路径保存公钥和私钥(写信时候需要)

之后:

vi /etc/tinc/chaosvpn.conf

都有英文提示修改一下就ok,保存退出,注意一下ip地址要改为172.31.x.x。到此配置文件结束。


ps:你要加入他们还必须写一封介绍信来表明你的动机,发送邮件到

chaosvpn-join@hamburg.ccc.de 

如果成功加入,在终端输入chaosvpn,可以看一些信息(由于我懒得写介绍信了这里就不截图了有兴趣同学可以自己搞)

介绍信的内容为:

[<nodename>]

sponsor=
# Name a person/nickname/nodename or organisation/hackerspace already on ChaosVPN that will
# vouch for you getting access.

gatewayhost=<clienthost>
# This should be the external hostname or ip address of the client host, not a VPN address.
# If the client is not reachable over the internet leave it out and set hidden=1 below.
# If possible supply a hostname (even dyndns) and not an ip address for easier changing
# from your side without touching the central config.

network=<ipv4 subnet in the vpn>
network6=<ipv6 subnet in the vpn>
# (mandatory, must include)
# this may be more than one, IPv4 or IPv6, network6 with  IPv6 is optional
#
# These subnets must be unique in our vpn,
# simply renumber your home network (or use something like NETMAP) with a network block that is still free.
#
# Please use the list of assigned networks on ChaosVPN:IPRanges, and add yourself there.

owner=
# (mandatory, must include)
# Admin of the VPN gateway, with email address - a way to contact the responsible
# person in case of problems with your network link.

port=4712
# (optional)
# if not specified tinc works on tcp+udp port 655
# it is better if everyone chooses a random port for this.
# either this specified port or port 655 should accept TCP and UDP traffic from internet.

hidden=0
# (optional)
# "I cannot accept inbound tunnel connections, I can only connect out."
# (e.g. behind a NAT)
silent=0
# (optional)
# "I cannot connect out, but you can connect to me."
# Only ONE of hidden=1 or silent=1 is possible. 

Ed25519PublicKey=<something>
# (optional)
# tinc 1.1pre11+ only, contents of your /etc/tinc/chaos/ed25519_key.pub

-----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY-----
# (mandatory)
# rsa-public-key - contents of your /etc/tinc/chaos/rsa_key.pub

ps:你要删除那些#号开头的行,那些只是介绍。

最后

启动chaosvpn

/etc/init.d/chaosvpn start

提示ok即代表启动成功

查看chaosvpn网络接口

route -n

//由于个人水平很菜,难免有疏漏。欢迎大家补充和指出错误。


1赞

http://debian.sdinet.de/ 网络打不开的话。是否可以安装

搞不懂为什么你用旧debian源

新源是多少。可以发下吗

我查了一下,如果你非要编译的话,必须用这源才行,其他都不可以用。我推荐你使用一点shad科学(ow)上网socks之类的工具。


服务器资源由ZeptoVM赞助

Partners Wiki IRC