ProHoster > Nyocha ihe abụọ na OpenVPN na Telegram bot

Nyocha ihe abụọ na OpenVPN na Telegram bot

Akụkọ ahụ na-akọwa ịtọlite ​​​​sava OpenVPN iji mee ka nyocha ihe abụọ na bot Telegram ga-eziga arịrịọ nkwenye mgbe ị na-ejikọta.

OpenVPN bụ ihe nkesa VPN ama ama, efu, mepere emepe nke a na-ejikarị ahazi ndị ọrụ nwere nchekwa ịnweta akụrụngwa nhazi nke ime.

Dị ka nkwenye maka ijikọ na sava VPN, a na-ejikarị nchikota igodo na nbanye/paswọọdụ onye ọrụ. N'otu oge ahụ, paswọọdụ echekwara na onye ahịa na-atụgharị setịpụ dum ka ọ bụrụ otu ihe na-enyeghị ọkwa nchekwa kwesịrị ekwesị. Onye na-awakpo, ebe ọ nwetagoro kọmputa onye ahịa, na-enwetakwa ohere na sava VPN. Nke a bụ eziokwu karịsịa maka njikọ sitere na igwe na-agba Windows.

Iji ihe nke abụọ na-ebelata ihe ize ndụ nke ịnweta ikike na-enweghị ikike site na 99% ma ọ dịghị agbagha usoro njikọ maka ndị ọrụ ma ọlị.

Ka m mee ndoputa ozugbo: maka mmejuputa iwu ị ga-achọ ijikọ ihe nkesa nyocha nke atọ multifactor.ru, nke ị nwere ike iji tarifu efu maka mkpa gị.

Olee otú o si arụ ọrụ

  1. OpenVPN na-eji ngwa mgbakwunye openvpn-plugin-auth-pam maka nyocha
  2. Ngwa mgbakwunye ahụ na-enyocha paswọọdụ onye ọrụ na sava wee rịọ ihe nke abụọ site na protocol RADIUS na ọrụ Multifactor.
  3. Multifactor na-ezigara onye ọrụ ozi site na Telegram bot na-akwado ohere
  4. Onye ọrụ na-akwado arịrịọ nnweta na nkata Telegram wee jikọọ na VPN

Ịwụnye ihe nkesa OpenVPN

Enwere ọtụtụ akụkọ na ịntanetị na-akọwa usoro nke ịwụnye na ịhazi OpenVPN, yabụ anyị agaghị emegharị ha. Ọ bụrụ na ịchọrọ enyemaka, enwere ọtụtụ njikọ nkuzi na njedebe nke akụkọ.

Ịtọlite ​​​​Multifactor

Gaa na Multifactor akara usoro, gaa na ngalaba "Akụkụ" wee mepụta VPN ọhụrụ.
Ozugbo emepụtara, ị ga-enwe nhọrọ abụọ dị gị: NAS-ihe njirimara и Ekekọrịtara Nzuzo, a ga-achọrọ ha maka nhazi na-esote.

Nyocha ihe abụọ na OpenVPN na Telegram bot

Na ngalaba "Groups", gaa na ntọala otu "Ndị ọrụ niile" wee wepụ ọkọlọtọ "All Resources" ka ọ bụrụ naanị ndị ọrụ nke otu otu nwere ike jikọọ na sava VPN.

Mepụta otu ọhụrụ "ndị ọrụ VPN", gbanyụọ ụzọ nyocha niile ma e wezụga Telegram wee gosi na ndị ọrụ nwere ohere ịnweta akụrụngwa VPN mepụtara.

Nyocha ihe abụọ na OpenVPN na Telegram bot

Na ngalaba "Ndị ọrụ", mepụta ndị ọrụ ga-enwe ohere ịnweta VPN, tinye ha na otu "VPN ọrụ" wee ziga ha njikọ iji hazie ihe nke abụọ nke nyocha. Nbanye onye ọrụ ga-adabarịrị na nbanye na sava VPN.

Nyocha ihe abụọ na OpenVPN na Telegram bot

Ịtọlite ​​​​sava OpenVPN

Mepee faịlụ /etc/openvpn/server.conf ma tinye ngwa mgbakwunye maka nyocha site na iji modul PAM

plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn

Ngwa mgbakwunye nwere ike ịdị na ndekọ /usr/lib/openvpn/plugins/ ma ọ bụ /usr/lib64/openvpn/plugins/ dabere na sistemụ gị.

Ọzọ ị ga-etinye pam_radius_auth modul

$ sudo yum install pam_radius

Mepee faịlụ maka ndezi /etc/pam_radius.conf ma kọwaa adreesị nke ihe nkesa RADIUS nke Multifactor

radius.multifactor.ru   shared_secret   40

ebe:

  • radius.multifactor.ru - adreesị nkesa
  • shared_secret - detuo site na oke ntọala VPN kwekọrọ
  • 40 sekọnd - oge agwụla maka ichere arịrịọ nwere oke oke

A ghaghị ihichapụ ma ọ bụ kwupụta ihe nkesa ndị fọdụrụ (tinye semicolon na mbido)

Na-esote, mepụta faịlụ maka ụdị ọrụ openvpn

$ sudo vi /etc/pam.d/openvpn

ma dee ya n'ime

auth    required pam_radius_auth.so skip_passwd client_id=[NAS-IDentifier]
auth    substack     password-auth
account substack     password-auth

Ahịrị nke mbụ jikọtara modul PAM pam_radius_auth yana paramita:

  • skip_passwd - gbanyụọ nnyefe nke paswọọdụ onye ọrụ na sava RADIUS Multifactor (ọ chọghị ịma ya).
  • client_id - dochie [NAS-Identifier] jiri oke kwekọrọ na ntọala akụrụngwa VPN.
    A kọwapụtara paramita niile nwere ike ime akwụkwọ maka modul.

Ahịrị nke abụọ na nke atọ gụnyere nkwenye sistemụ nke nbanye, paswọọdụ na ikike onye ọrụ na sava gị yana ihe njirimara nke abụọ.

Malitegharịa ekwentị OpenVPN

$ sudo systemctl restart openvpn@server

Nhazi onye ahịa

Tinye arịrịọ maka nbanye na paswọọdụ n'ime faịlụ nhazi ndị ahịa

auth-user-pass

nnyocha

Mepee onye ahịa OpenVPN, jikọọ na sava ahụ, tinye aha njirimara na paswọọdụ gị. Bot Telegram ga-eji bọtịnụ abụọ ziga arịrịọ nnweta

Nyocha ihe abụọ na OpenVPN na Telegram bot

Otu bọtịnụ na-enye ohere ịnweta, nke abụọ na-egbochi ya.

Ugbu a ị nwere ike chekwaa paswọọdụ gị n'enweghị nsogbu na onye ahịa; ihe nke abụọ ga-echebe nke ọma na sava OpenVPN gị na ịnweta enweghị ikike.

Ọ bụrụ na ihe anaghị arụ ọrụ

Nyochaa n'usoro na ọ nweghị ihe tufuru gị:

  • Enwere onye ọrụ na sava nwere OpenVPN nwere akara mbanye
  • Ihe nkesa ahụ nwere ohere site na ọdụ ụgbọ mmiri UDP 1812 gaa na radius.multifactor.ru adreesị
  • A kọwapụtara ihe NAS-Identifier na ihe nzuzo ekekọrịtara nke ọma
  • Emepụtara onye ọrụ nwere otu nbanye na sistemụ Multifactor ma nye ya ohere ịbanye na otu ndị ọrụ VPN
  • Onye ọrụ ahazila usoro nyocha site na Telegram

Ọ bụrụ na ịtọbeghị OpenVPN mbụ, gụọ nkọwa zuru ezu.

Ejiri ihe atụ mee ntuziaka a na CentOS 7.

isi: www.habr.com

Tinye a comment