Find the answer to your Linux question:
Results 1 to 8 of 8
Hello, Is there a way I can automate for a given remote machine (for example, use the knock daemon and knock a series of ports) to establish an OpenVPN tunnel ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! Pyrobisqit's Avatar
    Join Date
    May 2011
    Posts
    29

    Request OpenVPN connection


    Hello,

    Is there a way I can automate for a given remote machine (for example, use the knock daemon and knock a series of ports) to establish an OpenVPN tunnel to a given server?

    The idea is if I leave my PC at home, connected, but not plugged into the VPN (so that download/upload speeds are good), but at some point in time, while I'm away, I want to fetch files, or do something securely over OpenVPN, I want the machine to be able to connect to me instead of the other way around.

    Thanks!

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,752
    Running the openvpn client is simple, but you need to provide the connection information (keys, passwords, etc) that it needs to connect. I keep those in files in my local .vpn directory. Here is an example:

    openvpn --config /root/.vpn/gl-client.ovpn --auth-user-pass /root/.vpn/gl-pwd &

    The gl-client.ovpn file is the openvpn configuration file with keys and connection information, and the gl-pwd file is the user ID and password to use for the connection. Also, you generally need to start the connection as the root user, or with sudo.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined! Pyrobisqit's Avatar
    Join Date
    May 2011
    Posts
    29
    Quote Originally Posted by Rubberman View Post
    Running the openvpn client is simple, but you need to provide the connection information (keys, passwords, etc) that it needs to connect. I keep those in files in my local .vpn directory. Here is an example:

    openvpn --config /root/.vpn/gl-client.ovpn --auth-user-pass /root/.vpn/gl-pwd &

    The gl-client.ovpn file is the openvpn configuration file with keys and connection information, and the gl-pwd file is the user ID and password to use for the connection. Also, you generally need to start the connection as the root user, or with sudo.
    I'm aware of the complexity of the OpenVPN tunnel, and all that. What I was requesting, however, was something like a daemon that searches for a specific signal, or port knock, and then, is able to launch a script when those conditions are met. Any ideas?

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,752
    Hmmm. Sort of a "wake on network access"? You could write a simple TCP (C/C++) application that listens on a port for connection requests (knock, knock), and when received, forks off the openvpn client. Without more information, that is about as good as I can give you right now. A shell script would be difficult to do that, but other scripting languages, such as perl or python could handle it as well as C. Myself, I would use C, but that's because I am an old-fashioned kind of guy!
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #5
    Just Joined! Pyrobisqit's Avatar
    Join Date
    May 2011
    Posts
    29
    Quote Originally Posted by Rubberman View Post
    You could write a simple TCP (C/C++) application that listens on a port for connection requests (knock, knock), and when received, forks off the openvpn client.
    I can't code I'm just a simple man, give me a break!

    I was wondering if there was an application that could do that. I'm pretty sure a combination of knockd and expect ( expect(1) - Linux man page ) should work, but I wanted to know other people's points of view.

  7. #6
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,752
    Quote Originally Posted by Pyrobisqit View Post
    I can't code I'm just a simple man, give me a break!

    I was wondering if there was an application that could do that. I'm pretty sure a combination of knockd and expect ( expect(1) - Linux man page ) should work, but I wanted to know other people's points of view.
    Coding is pretty much like driving. Once you learn, you never forget - just stay on the road! Scripting languages such as Python are perfect for such learning exercises, and you'll have a much better appreciation of how your computer works!
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  8. #7
    Just Joined! Pyrobisqit's Avatar
    Join Date
    May 2011
    Posts
    29
    Quote Originally Posted by Rubberman View Post
    Coding is pretty much like driving. Once you learn, you never forget - just stay on the road! Scripting languages such as Python are perfect for such learning exercises, and you'll have a much better appreciation of how your computer works!
    I know this man I'll learn to code... Eventually. For now all I can code are bash scripts :P

  9. #8
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,752
    Quote Originally Posted by Pyrobisqit View Post
    I know this man I'll learn to code... Eventually. For now all I can code are bash scripts :P
    Ok. You are already ahead of most. I think python would be a good next step. Lots of resources for learning are to be found on the net.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •