|
Dimensione: 6554
Commento:
|
Dimensione: 6644
Commento:
|
| Le cancellazioni sono segnalate in questo modo. | Le aggiunte sono segnalate in questo modo. |
| Linea 2: | Linea 2: |
| Linea 14: | Linea 13: |
| Linea 37: | Linea 35: |
| Linea 39: | Linea 36: |
| create the file is {{{/etc/tinc/ninux/hosts/guinness}}} | 6a) Create the file is {{{/etc/tinc/ninux/hosts/guinness}}} |
| Linea 51: | Linea 50: |
}}} And modify {{{/etc/tinc/ninux/tinc.conf}}} |
}}} 6b) Modify the file {{{/etc/tinc/ninux/tinc.conf}}} |
| Linea 62: | Linea 59: |
| Linea 66: | Linea 61: |
| 8) Create che file {{{/etc/tinc/ninux/tinc-up}}} | 8) Create the file {{{/etc/tinc/ninux/tinc-up}}} |
| Linea 75: | Linea 70: |
| Linea 78: | Linea 72: |
| Make the file executable {{{chmod +x /etc/tinc/ninux/tinc-up}}} |
Make the file executable {{{chmod +x /etc/tinc/ninux/tinc-up}}} |
| Linea 84: | Linea 77: |
| Linea 87: | Linea 81: |
| Linea 91: | Linea 84: |
| Linea 108: | Linea 100: |
}}} Because you configure tincd manually, use this code in /etc/config/network to bind the vpn interface to the ninux tap interface created by tinc. This way you can use the vpn interface when configuring with UCI other programs like olsrd |
}}} If you want to use 'ip' command for tinc-up you need to install ip package with {{{ opkg install ip }}} Because you configure tincd manually, use this code in /etc/config/network to bind the vpn interface to the ninux tap interface created by tinc. This way you can use the vpn interface when configuring with UCI other programs like olsrd |
| Linea 116: | Linea 110: |
| option proto none option ifname ninux }}} |
option proto none option ifname ninux }}} |
| Linea 122: | Linea 114: |
| Linea 135: | Linea 126: |
| Linea 141: | Linea 131: |
| Linea 151: | Linea 140: |
| Linea 162: | Linea 150: |
| Linea 169: | Linea 156: |
| Linea 177: | Linea 163: |
| Linea 193: | Linea 177: |
| Linea 198: | Linea 180: |
| Linea 201: | Linea 184: |
| Linea 207: | Linea 189: |
| Linea 213: | Linea 194: |
| Linea 216: | Linea 198: |
Connect to Ninux Network with Tinc VPN
1) Install tinc on your Linux (e.g. apt-get install tinc) MAKE SURE YOU HAVE AT LEAST TINC 1.0.13
2) mkdir /etc/tinc/ninux
3) Create /etc/tinc/ninux/tinc.conf
Name = yournickname ConnectTo = Norimberga Mode = switch
Please pick a unique yournickname. Norimberga is our hub server. Mode switch is required because tinc will operate with a tap interface, needed to run olsr on it.
4) Create the hosts folder mkdir /etc/tinc/ninux/hosts/
5) Generate a Keypair tincd -n ninux -K
6) Create the file /etc/tinc/ninux/hosts/Norimberga
This file has the address and the public key of the server
Address = svn.ninux.org -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEA30bZWtIej9kj837Eb8C+nxvEXfy4Jly41tuJYfzpJiP/pTQGaPyF XDEdfwAq8qJpfLaRfKl0pQ9rbDo4zjSlNW8e/5BxTnobXHcvSD9sm8bNAME2qBkI plmeWt4RvDmEKDrJWyUIoyKyaTcCkXpfHslTJSBBj7TSjYX9SCfTkSS3GjNDWMjc C02i2+ZB3balcR+Ea046l/GVFp0htxrUFxew5RDXPmmaiQRF6cpm3fMNtdq9ixz+ uJNjmfHW/lHk4KMUj6KMLca9mS4TWsFxLYmP0jZi7lD2hA3dNCW4nua8HHYPwj+X Mh/vucAMckowzaf+51bGD+o8HVuM1hm4TwIDAQAB -----END RSA PUBLIC KEY-----
If you want also a backup link use also our secondary server
6a) Create the file is /etc/tinc/ninux/hosts/guinness
Address = hispanico.ninux.org -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAp2VqrJOPTubK+I6lineZZ0QcgsuxtPaGqlEHbCis2I03Tv2KQ8ka JQOdyuPcn/1KJE5Ys0JUgl67W5fneicQOSei/+9e/AbuzcPA35/Ldu/sfv+SP2/T XSU+W681zyfUFk8fQqbaU6XXSYMJX1ZEWAv5sWWRSA0612xIkzKZoG628mwBYoGG d9kjnkZRpqFJd2ZFyn+/wyX5yof/3TZ7UIntnUVgljOn6cscDFzOh+zAqbrPXyaD ha8pP9ZvOILlK55ZDx1NLoMWiS1x4L8J0u+vUsTgjvo466J5AuYrwt4HpLvULUQq Pgvk/5z4OPLWUi7jgjQAQ/GO7hg69ybDyQIDAQAB -----END RSA PUBLIC KEY-----
6b) Modify the file /etc/tinc/ninux/tinc.conf
Name = yournickname ConnectTo = Norimberga ConnectTo = guinness Mode = switch
7) Get an IP address in the subnet 10.0.1.0/24 and add your self in the table on this wiki page: GestioneIndirizzi
8) Create the file /etc/tinc/ninux/tinc-up
ip link set dev ninux up ip a a dev ninux HEREYOURIPADDRESS/24 broadcast 10.0.1.255 #Adjust MTU ip link set mtu 1280 dev ninux iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Where in place of HEREYOURIPADDRESS you must put the IP address choosen at point 6 of this guide
Make the file executable chmod +x /etc/tinc/ninux/tinc-up
9) Send an email to contatti@ninux.org with your Nickname choosen at point 3 and your generated public key so we can authorize you in the VPN main and backup server.
10) Once you received notification that your public key is authorized you can try to connect
tincd -n ninux
If everything worked out you can ping 10.0.1.1. Now configure olsr to use the interface "ninux"
OpenWRT and TincVPN
Tinc package for OpenWRT is very minimal. init.d script is missing, you can use this one:
#!/bin/sh /etc/rc.common
START=50
start() {
tincd -n ninux
}
stop() {
killall tincd
}If you want to use 'ip' command for tinc-up you need to install ip package with
opkg install ip
Because you configure tincd manually, use this code in /etc/config/network to bind the vpn interface to the ninux tap interface created by tinc. This way you can use the vpn interface when configuring with UCI other programs like olsrd
config interface vpn
option proto none
option ifname ninux
Connect to Ninux Network with Tinc VPN for Mac
You need to have XCode and MacPorts.
1) Install XCode from Apple site or it can also be obtained from original OSX installation DVD.
2) Install MacPorts (http://www.macports.org/)
3) After Macports is installed, close and reopen your terminal. Update the ports system and ports list.
sudo port selfupdate sudo port sync
This command will install tinc and all the necessary dependancies.
sudo port install tinc
Configuration files are located in /opt/local/etc/tinc
Tinc can now be configured and executed.
3) Tinc on OS X looks for configuration files in /usr/etc/tinc but we will place the configuration for Ninux VPN into /Library/tinc directory. Navigate to your home directory and create configuration folders for Ninux so type:
mkdir -p Library/tinc/ninux
4) You will need to create the following files and folders within:
Tinc.conf in which you have to put this lines:
Name = yournickname ConnectTo = Norimberga Mode = switch Device = /dev/tap0
tinc-up in which you have to put this lines:
ifconfig $INTERFACE HEREYOURIPADDRESS/24 netmask 255.255.255.0 broadcast 10.0.1.255 ifconfig $INTERFACE mtu 1280
Where in place of HEREYOURIPADDRESS you must put the IP address choosen on http://wiki.ninux.org/GestioneIndirizzi
tinc-down in which you have to put this lines:
ifconfig $INTERFACE down
hosts/Norimberga in which you have to put this lines:
Address = svn.ninux.org -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEA30bZWtIej9kj837Eb8C+nxvEXfy4Jly41tuJYfzpJiP/pTQGaPyF XDEdfwAq8qJpfLaRfKl0pQ9rbDo4zjSlNW8e/5BxTnobXHcvSD9sm8bNAME2qBkI plmeWt4RvDmEKDrJWyUIoyKyaTcCkXpfHslTJSBBj7TSjYX9SCfTkSS3GjNDWMjc C02i2+ZB3balcR+Ea046l/GVFp0htxrUFxew5RDXPmmaiQRF6cpm3fMNtdq9ixz+ uJNjmfHW/lHk4KMUj6KMLca9mS4TWsFxLYmP0jZi7lD2hA3dNCW4nua8HHYPwj+X Mh/vucAMckowzaf+51bGD+o8HVuM1hm4TwIDAQAB -----END RSA PUBLIC KEY-----
hosts/yournickname in which you have to put your public key (see below)
5) Make sure tinc-up and tinc-down are executable:
chmod +x tinc-up tinc-down
6) You will also need to generate pair of keys (private/public) for your client. Do it only after the above files are configured properly! You will be asked for locations of certain files. The default locations are fine.
sudo tincd -c ~/Library/tinc/ninux -K
put your public key into your /hosts/yournickname file.
7) Once you are done send an email to zioproto@gmail.com with your Nickname choosen at point 4 and your generated public key so we can authorize you in the VPN server.
10) Once you received notification that your public key is authorized you can try to connect
sudo tincd -c ~/Library/tinc/ninux --pidfile=/var/run/tincd.pid -D --debug=1
If everything worked out you can ping 10.0.1.1. Now configure olsr to use the interface "tap0"
To stop the client you can kill it be executing:
kill -9 'cat /var/run/tincd.pid'