本文主要為在Ubuntu環境上建立在開機時自動連線上OpenVPN的服務機制,本範例透過帳號與密碼的方式,假設連線的設定檔名為pf-UDP4-1194-uwb-config.opvn,而連線的帳號與密碼均為uwb。且檔案放在預設的使用者目錄下。

第一步:安裝OpenVPN

sudo apt-get install openvpn

第二步:更動OpenVPN設定(設定檔如下)

sudo nano /etc/default/openvpn
# This is the configuration file for /etc/init.d/openvpn

#
# Start only these VPNs automatically via init script.
# Allowed values are "all", "none" or space separated list of
# names of the VPNs. If empty, "all" is assumed.
# The VPN name refers to the VPN configutation file name.
# i.e. "home" would be /etc/openvpn/home.conf
#
# If you're running systemd, changing this variable will
# require running "systemctl daemon-reload" followed by
# a restart of the openvpn service (if you removed entries
# you may have to stop those manually)
#
AUTOSTART="all"
#AUTOSTART="none"
#AUTOSTART="home office"
#
# WARNING: If you're running systemd the rest of the
# options in this file are ignored.
#
# Refresh interval (in seconds) of default status files
# located in /var/run/openvpn.$NAME.status
# Defaults to 10, 0 disables status file generation
#
#STATUSREFRESH=10
#STATUSREFRESH=0
# Optional arguments to openvpn's command line
OPTARGS=""
#
# If you need openvpn running after sendsigs, i.e.
# to let umountnfs work over the vpn, set OMIT_SENDSIGS
# to 1 and include umountnfs as Required-Stop: in openvpn's
# init.d script (remember to run insserv after that)
#
OMIT_SENDSIGS=0

第三步:將設定檔複製到OpenVpn的設定檔目錄下

sudo mv /home/{你的使用者}/pf-UDP4-1194-uwb-config.opvn /etc/openvpn/pf-UDP4-1194-uwb-config.conf

第四步:建立帳號與密碼的筆記本(第一行為帳號,第二行為密碼)

sudo nano pass.txt
uwb
uwb

第五步:更改連線的設定檔使其可以自動讀取上面的帳號與密碼

sudo nano /etc/openvpn/pf-UDP4-1194-uwb-config.conf
僅需要更動如下的程式碼部分
auth-user-pass pass.txt
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote r710.csie.nuu.edu.tw 1194 udp
verify-x509-name "PFVPNServer" name
auth-user-pass pass.txt
remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
MIIDwTCCAqmgAwIBAgIBADANBgkqhkiG9w0BAQsFADBKMQ4wDAYDVQQDEwVWUE5D
QTELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEMMAoGA1UEBxMDTWxjMQww
CgYDVQQKEwNOVVUwHhcNMTkwNDEyMTgxNjI5WhcNMjkwNDA5MTgxNjI5WjBKMQ4w
DAYDVQQDEwVWUE5DQTELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEMMAoG
A1UEBxMDTWxjMQwwCgYDVQQKEwNOVVUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQD0cETyHnNK+r6oI6T3hNpyJlb55H2oqHHCF5hWEUBfBH/ypp62Wjja
tDsCPPH/H/K7+zuvEYT30iGDs/v9s0uejSl314h5teWLadKzoiIkZ5fBXvoEXkAJ
bfuVhfGll2FXzhZ7tolOmcJvZMV5uI7jt1qbSSd3Z6AQyV/Bok2sUfLAKHLn7aJP
v2VdTW0tqvB6k5X2fC5Ex04DCfg8jNjB2gx2iXddXYsdEIGvCFDhgSNOGecm+Khz
Pmf6LifkBHNQWAlMPN46s88d9Z3G0CgWrK6ebKysC9wo241tAbrMWvX+pF+UlvSw
DgAOxJGzEtP3q4YkyX7Pc6NpaKoCNHPFAgMBAAGjgbEwga4wHQYDVR0OBBYEFEQG
RG9+5WubuddVAxCqnEGtUOL+MHIGA1UdIwRrMGmAFEQGRG9+5WubuddVAxCqnEGt
UOL+oU6kTDBKMQ4wDAYDVQQDEwVWUE5DQTELMAkGA1UEBhMCVFcxDzANBgNVBAgT
BlRhaXdhbjEMMAoGA1UEBxMDTWxjMQwwCgYDVQQKEwNOVVWCAQAwDAYDVR0TBAUw
AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHQ2J4UZNea0ZHB3
L9WyXAixoG9SIRHv9gakEPaPq8xEaIYOrZgm9TPG2xc8iR2FXvOrP7dZEvOLgYFd
HCcn+pCj3VlsQlzTETmxo0ewBH1tvIxJ+b/9GM6KkSf+o0+HTdEzv7sBIQZmo44Q
5C7u3xCkkKXzqdDcIh6ZFlNmIEArUT742kgcFZFNVs108BUkWRnY8W71PV44JOXQ
4cgw6MEmplQkMjfd/XHa6os0TtBIyj1oPBquChQE9KmD+nZ7PLXh6WF7ShAqpiZu
TZDV+Dfb6XoI+v5laPXRqVsfOf8gCtMXzjhP55fjNKse2OlhLs9DQpsaw4TbgOo+
gqHc5zw=
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIEHDCCAwSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBKMQ4wDAYDVQQDEwVWUE5D
QTELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEMMAoGA1UEBxMDTWxjMQww
CgYDVQQKEwNOVVUwHhcNMTkwNDI2MTczODQwWhcNMjkwNDIzMTczODQwWjBLMQsw
CQYDVQQGEwJUVzEPMA0GA1UECBMGVGFpd2FuMQwwCgYDVQQHEwNNbGMxDDAKBgNV
BAoTA05VVTEPMA0GA1UEAxMGMjA4MHRpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEArR/spAEWYxuoZpqVgFpy06cQzgQnkQsq5bx5I0c3EvCiDVALAbb9
Cm0qKJCY1U1ABxRu9PkwtEAMUI5eLQKmUOEvasSofSu5+lEb9DjhT+ifR/km9+cW
YYay9uNGsVcyf8ob0UnEMlQzyHZFWkC4I/8BSQDcwka/DQTS5wuisx6XXu9zzh/b
xbRxhfgJTRsJjuzzlxtzou1Wnz3Yov9WIGkfmYIxsnFOtMOj2iNDU+Gg0Jc/zLX5
UIP3F1xy+BdJGuqlkx2QQPxQ3RL8XbXUD4pMKcJsIVTL1Vn7C7yNFMZoEkOhGpfs
/NvQvgbJY7ezv62VLVCq6t9Air6sL5kLFQIDAQABo4IBCjCCAQYwCQYDVR0TBAIw
ADALBgNVHQ8EBAMCBeAwMQYJYIZIAYb4QgENBCQWIk9wZW5TU0wgR2VuZXJhdGVk
IFVzZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPaXrNq91dUHp8NfhlIMTLef8za/
MHIGA1UdIwRrMGmAFEQGRG9+5WubuddVAxCqnEGtUOL+oU6kTDBKMQ4wDAYDVQQD
EwVWUE5DQTELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEMMAoGA1UEBxMD
TWxjMQwwCgYDVQQKEwNOVVWCAQAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwEQYDVR0R
BAowCIIGMjA4MHRpMA0GCSqGSIb3DQEBCwUAA4IBAQAqe1C1ZHpS4oXSKb879cX5
rlAxYl2Kb/GruQRofG9s7lAgMXR2CWKMrtK5dYGYRis+tiuX3dMO5Wj8FfR5dyns
sP16nTmq+GLV+23DgiVqnTnqjycNNYIXkGUdvgMN2brk8XwBlxfGp+kLc9nlmUl+
cN2JxKcpHTgz76m3XS7smBPcxB5nJIpWXrmlPNDzPkDyyDYRCCuqGeKYr62uGmxU
nnEc8BqWngP2B5IdMxPl9AD0E8y4bcBShplmhQFusJGvymIB806gZ70mN5csdO92
lPUgqC3K98oWn6aTifcUc7mC9ZFqzhSbiTSSqFTnKpNvfWIBZf08Tj4l7JHsIMSX
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCtH+ykARZjG6hm
mpWAWnLTpxDOBCeRCyrlvHkjRzcS8KINUAsBtv0KbSookJjVTUAHFG70+TC0QAxQ
jl4tAqZQ4S9qxKh9K7n6URv0OOFP6J9H+Sb35xZhhrL240axVzJ/yhvRScQyVDPI
dkVaQLgj/wFJANzCRr8NBNLnC6KzHpde73POH9vFtHGF+AlNGwmO7POXG3Oi7Vaf
Pdii/1YgaR+ZgjGycU60w6PaI0NT4aDQlz/MtflQg/cXXHL4F0ka6qWTHZBA/FDd
EvxdtdQPikwpwmwhVMvVWfsLvI0UxmgSQ6Eal+z829C+Bsljt7O/rZUtUKrq30CK
vqwvmQsVAgMBAAECggEANffzvxSPtAmVL5cU79RCY3R7Kp3k77Q5hTCB2tuCcacN
/XRsWfZ/X1a0g7y/yA6y3QIjrL5ZzncA38Ph28otqpzoOTJhC9Qrv7q1KibpJg3w
SXGEEle5hGGHPKuRCAuUtH1+unlybfYNxnoIGKCARshh0C4yo2WGfTp5vIjGCWwG
oFQqlt9R59wtJ3J+M0CKHC6qEooFWXAyUaBlWMSSX8NTQ4fqX5G5TtjeoGV/OwQb
CHaPNWEmogdRVxA6T+rttiLrCejMBAhbyvXeicsz+9nTsP6PnorO8Th/BBUUNo7R
0Ko0V4JvBkEZ7NFoivu1yWjrWJgoWCo+Uql+6v/iwQKBgQDWpEIttpqukUkCjaWA
ocQKN0x4rDyIOHDYipRV7wcKnb2DSpVbvNzKDPMkfY0cdaDxG64uVMQ4X2AuDo0m
1tHLXJIJj7X5E2UzHiMvkylhydrVqNk/XAPJvcBuW5D+XOwBeadnapt8SjA4fkuB
JPWV2etnClTFlgQsxAww25T5nQKBgQDOe70ALudIB89KIoE6LkzhdddJJ+stCG11
dj3PedQ3tTj3xVl6KqiUyat9HYfyYjVIbCNKG4oM4ztAHtGiyisU0vauP1piXSBt
uYCvWTmlomoGK0YLQAkjn6n8mqqdLtsSn2BkRR2QffCi02aCG0S53UEBYitgAH4R
r0rVffu52QKBgDa9iYszCNwAfYhDK7RUjTS1ybD07DMpgc4X+aC45yjT9eMoAFN3
JS/6gYAK7RQXA8a58oAqaiieWl8koucG3lZo822w0w4E3khdJUga1fD0k/TtrQo1
o1muJQeAHshgVmhB6Gm9jI30NbwSqZr0HBXtj9Wlkt0ZV1M7ZIiJV8MZAoGBAKnQ
Je3ipR8eHSJxIipBLcU2bumhRM5yYeL6bXcWUKvIBKPwz9ejAaXr/XcWNFno3r1D
AfrOj0huEKp5LhtdfPTRU0KWo7TFtgfHScfr73cDDYMpT5+s+Fct1lUCtlIy2MSG
AnY0SU4t5RtkFKfn2SuqhO2oWNfJT+UnbroJtF5xAoGAIlGQqqd8P25tUi4We1jh
0mRMCV1gPHzwCs+EXeMMBbhBpk0GGL5ZjPODFmdCcWlq1vSfLlnztOKgdjxFOZeX
N4yiXmJ2iBvEXds0Ps3Q5p17kow1uxLvZgIBV6BkWl5wAWRTfDjkmUNyjRRAT7j2
ZI0NSWcd37sOjfW1kQOowPw=
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
d008905c888d7aec7de2821b9348830b
04f26ad3cec36b4f4670c7d5da4e9e07
ee6b2de6aa552ac5c8c519c28f1857b7
825cc4c6cd18777838b3e1a9d3b95d10
6735089b04e789c85466951e3fb00e17
d6652579f6a16277f5156d27f0e86b05
fc80fffbe4a117da2f3c588186665a15
9b7b5dc1633d611f12a0faabc4f25108
bae7c45b1cd49f29421de029307055be
78b50f915f7ca2c2d50837b8bc926921
0acb4fcc6564194b01db97615db775df
06d9caa4df340b922b43fe7ea3e51de0
94535caa248acd79a6c16d56400085e1
de18d4f3a4c0e3725e7ec0bdbc8cc836
4a1c8ad4952069772f2d3f8a325896de
dc4e941310bec5315e5f8f2f6b02c2af
-----END OpenVPN Static key V1-----
</tls-auth>

第六步:設定服務後即可完成

systemctl daemon-reload
sudo service openvpn restart
sudo service openvpn status