ProHoster > Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Chinyorwa chinotsanangura kumisikidza sevha yeOpenVPN kuti igone kugonesa-zvinhu-mbiri kuvimbiswa neTeregiramu bot iyo inotumira chikumbiro chekusimbisa kana uchibatanidza.

OpenVPN inozivikanwa, yemahara, yakavhurika-sosi yeVPN server iyo inoshandiswa zvakanyanya kuronga yakachengeteka yevashandi kuwana kune zvemukati zvesangano zviwanikwa.

Sehuchokwadi hwekubatanidza kune server yeVPN, musanganiswa wekiyi uye mushandisi login / password inowanzoshandiswa. Panguva imwecheteyo, iyo password yakachengetwa pamutengi inoshandura iyo yese seti kuita chinhu chimwe chete chisingapi nhanho yakakodzera yekuchengetedza. Anorwisa, awana mukana kune mutengi komputa, zvakare anowana mukana kune VPN server. Izvi ndezvechokwadi kunyanya kune zvinongedzo kubva kumichina inoshandisa Windows.

Kushandisa chinhu chechipiri kunoderedza njodzi yekuwanikwa isina mvumo ne99% uye haiomese nzira yekubatanidza yevashandisi zvachose.

Rega ndiite chengetedzo ipapo: kuti ushandise iwe uchafanirwa kubatanidza yechitatu-party authentication server multifactor.ru, umo iwe unogona kushandisa yemahara mutero kune zvaunoda.

Ainoita

  1. OpenVPN inoshandisa openvpn-plugin-auth-pam plugin yekusimbisa
  2. Iyo plugin inotarisa password yemushandisi pane sevha uye inokumbira yechipiri chinhu kuburikidza neRADIUS protocol muMultifactor sevhisi.
  3. Multifactor inotumira meseji kumushandisi kuburikidza neTeregiramu bot inosimbisa kuwana
  4. Mushandisi anosimbisa chikumbiro chekuwana muTeregiramu chat uye anobatana neVPN

Kuisa OpenVPN server

Pane zvakawanda zvinyorwa paInternet zvinotsanangura maitiro ekuisa nekugadzirisa OpenVPN, saka hatizozvidzokorora. Kana iwe uchida rubatsiro, kune akati wandei ma link kune tutorials pakupera kwechinyorwa.

Kugadzira iyo Multifactor

Enda ku Multifactor control system, enda kuchikamu che "Zviwanikwa" uye gadzira VPN itsva.
Kana wangosikwa, uchave nesarudzo mbiri dziripo kwauri: NAS-IDdentifier ΠΈ Yakagovaniswa Chakavanzika, ivo vanozodiwa kune inotevera configuration.

Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Muchikamu che "Mapoka", enda kune "Vashandisi Vese" marongero eboka uye bvisa iyo "Zvose zviwanikwa" mureza kuitira kuti vashandisi verimwe boka chete vabatane neVPN server.

Gadzira boka idzva "vashandisi veVPN", dzima nzira dzese dzechokwadi kunze kweTeregiramu uye ratidza kuti vashandisi vanokwanisa kuwana iyo yakagadzirwa VPN sosi.

Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Muchikamu che "Vashandisi", gadzira vashandisi vachawana mukana weVPN, vawedzere kuboka re "VPN vashandisi" uye vatumire chinongedzo chekugadzirisa chechipiri chechokwadi. Kupinda kwemushandisi kunofanirwa kuenderana nekupinda paVPN server.

Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Kumisikidza OpenVPN server

Vhura faira /etc/openvpn/server.conf uye wedzera plugin yekusimbisa uchishandisa PAM module

plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn

Iyo plugin inogona kuwanikwa mudhairekitori /usr/lib/openvpn/plugins/ kana /usr/lib64/openvpn/plugins/ zvinoenderana nehurongwa hwako.

Tevere iwe unofanirwa kuisa iyo pam_radius_auth module

$ sudo yum install pam_radius

Vhura faira rekugadzirisa /etc/pam_radius.conf uye tsanangura kero yeRADIUS server yeMultifactor

radius.multifactor.ru   shared_secret   40

kupi:

  • radius.multifactor.ru - server kero
  • shared_secret - kopi kubva kune inoenderana VPN zvigadziriso parameter
  • 40 seconds - nguva yekumirira yekukumbira ine margin yakakura

Masevha asara anofanira kudzimwa kana kutaurwa (isa semicolon pakutanga)

Tevere, gadzira faira yebasa-rudzi openvpn

$ sudo vi /etc/pam.d/openvpn

uye nyora mukati

auth    required pam_radius_auth.so skip_passwd client_id=[NAS-IDentifier]
auth    substack     password-auth
account substack     password-auth

Mutsetse wekutanga unobatanidza PAM module pam_radius_auth nemaparamita:

  • skip_passwd - inodzima kuendesa password yemushandisi kune RADIUS Multifactor server (haafanire kuzviziva).
  • client_id - tsiva [NAS-Identifier] neparameter inoenderana kubva kuVPN zviwanikwa.
    Zvese zvinogoneka parameters zvinotsanangurwa mukati zvinyorwa zvemodule.

Yechipiri uye yechitatu mitsetse inosanganisira kusimbiswa kwehurongwa hwekupinda, password uye kodzero dzevashandisi pane server yako pamwe neyechipiri yekusimbisa chinhu.

Tangazve OpenVPN

$ sudo systemctl restart openvpn@server

Client setup

Sanganisira chikumbiro chekushandisa mushandisi uye password mune iyo mutengi yekumisikidza faira

auth-user-pass

kuonorora

Tanga OpenVPN mutengi, batanidza kune sevha, isa zita rako rekushandisa uye password. Iyo Telegraph bot inotumira chikumbiro chekuwana nemabhatani maviri

Zviviri-zvinhu chokwadi muOpenVPN ine Telegraph bot

Bhatani rimwe rinobvumira kupinda, rechipiri rinorivharira.

Iye zvino iwe unogona kuchengetedza password yako zvakachengeteka pamutengi; chechipiri chinhu chichachengetedza nekuvimbika OpenVPN server yako kubva kune isina mvumo.

Kana chimwe chinhu chisingashande

Sequentially tarisa kuti hapana chawapotsa:

  • Pane mushandisi pane sevha ine OpenVPN ine password set
  • Sevha inokwanisa kuwana kuburikidza neUDP port 1812 kune kero radius.multifactor.ru
  • Iyo NAS-Identifier uye Yakagoverwa Chakavanzika paramita inotsanangurwa nemazvo
  • Mushandisi ane login yakafanana akagadzirwa muMultifactor system uye akapihwa mukana kune boka revashandisi reVPN
  • Mushandisi akagadzira nzira yechokwadi kuburikidza neTeregiramu

Kana usati wamisa OpenVPN kare, verenga chinyorwa chakadzama.

Iyo mirairo inogadzirwa nemienzaniso paCentOS 7.

Source: www.habr.com

Voeg