curveprotect software (experimental)

SECURE VPN WITH CURVECP AS TRANSPORT LAYER

VPN client configuration

use administration interface:

  • http://127.10.10.10/vpn.dynhtml

    • VPN server configuration

    Replace domain, IP, extension, CurveCP key directory with Your domain, IP, extension, CurveCP key directory.

  • domain vpn.mojzis.com
  • IP 31.31.73.154
  • port 1009
  • extension 00000000000000000000000000000000
  • CurveCP key in directory /etc/vpn/key

    • prerequisites:

  • install daemontools
  • install curveprotect

    • as a root create user vpn:

    /opt/curveprotect/sbin/_creategroup vpn
/opt/curveprotect/sbin/_createuser vpn vpn

    as a root create VPN directory and configure:

    /opt/curveprotect/bin/vpn-conf vpn /etc/vpn /etc/vpn/key
/opt/curveprotect/bin/curvecpmakekey /etc/vpn/key
echo "31.31.73.154" > /etc/vpn/env/IP
echo "1009" > /etc/vpn/env/PORT
echo "00000000000000000000000000000000" > /etc/vpn/env/EXTENSION
echo "vpn.mojzis.com" > /etc/vpn/env/NAME

    as a root tell svscan about the new services and use svstat to check that the service is up:

    ln -s /etc/vpn /service/vpn
sleep 5
svstat /service/vpn

    insert the key and the extension into the DNS record:

  • how-to do is found here

    • as a root configure VPN database and create data.cdb:

  • VPN data file format is found here
    • cd /etc/vpn/root
vi data
make