You are not logged in.
I am following the openvpn wiki which led to the easy-rsa wiki, in that wiki it has the line
# source ./vars
I have done some looking around but cannot seem to find a way to get the command "source" anyone want to help me out?
Last edited by Never (2014-02-16 08:46:00)
Offline
It is a shell builtin. If you use bash, do:
man bash | less -p "source filename"
Offline
I tried that, looks like a manual entry, also tried
man bash | less -p "source vars"
that basically returned pattern not found (press return), because it is a manual entry.
Something of note, changing the ownership of the easy-rsa folder to an actual user instead of root allowed the
source ./vars
command to run since,
sudo source ./vars
returns sudo: source: command not found.
Running
$ ./build-key-server <server name>
gave an unable to write 'random state' near the end of the output and no Write out database with 1 new entries
Data Base Updated. Fortunately a quick solution was found by doing
sudo chown <user>:users ~/.rnd
and starting from the top, all the output appeared normal and I have my keys. Someone should really adjust the wiki for people who no longer have actual root accounts, which I assume is why
sudo source /.vars
failed. However, for anyone else following the previously mentioned wikis and just wants a solution that, theoretically so far, works, then may this search result work for you too.
Offline
I tried that, looks like a manual entry...
Yes, it is the relevant part of the man page; where the source builtin is explained.
Offline
I tried that, looks like a manual entry, also tried
man bash | less -p "source vars"
that basically returned pattern not found (press return), because it is a manual entry.
It's not "source vars", but "source filename". That will give you the entry in the bash manual explaining what the bash builtin "source" command does.
Someone should really adjust the wiki for people who no longer have actual root accounts, which I assume is why
No, if it's really something that requires root access because it can't be done through sudo, then you are supposed to switch to the root account. Also judging from your post it sounds like you changed ownership of your root home folder, which doesn't make sense and can potentially be a bad thing to do.
It looks rather suspicious to me that the key creation has to be done as root. Technically any user should be able to create key's.
Offline
It looks rather suspicious to me that the key creation has to be done as root. Technically any user should be able to create key's.
From the wiki:
---
In this article the needed certificates are created by root in root's home directory. This ensures that the generated files have the right ownership and permissions, and are safe from other users.
---
Basically, since only the root has the right to setup OpenVPN, these keys are being generated as root. It should be possible for other users to do so too, but not relevant in the context of the article.
Offline
Basically, since only the root has the right to setup OpenVPN, these keys are being generated as root. It should be possible for other users to do so too, but not relevant in the context of the article.
I looked it up and indeed you are correct (see https://openvpn.net/index.php/open-sour … howto.html). The VPN server needs it's own set of key's because the authentication happens both way's: the client authenticates the server and vice versa, whereas for instance for ssh it's only the server that authenticates the client key.
@Never: if you made the key's as your own user then your setup might not work correctly. Also if you changed the ownership of the /root folder (and any folders and files within) then you should really change the ownership back to root.
You will need to switch to the root account to be able to generate the key's.
Last edited by Neburski (2014-02-16 13:40:20)
Offline