Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

initial release 0.1

  • Loading branch information...
commit 53432d37406ddbf805ec8b84fd751191c5206dec 0 parents
@troydm authored
Showing with 98 additions and 0 deletions.
  1. +37 −0 README
  2. +61 −0 ovpnauth.sh
37 README
@@ -0,0 +1,37 @@
+OpenVPN sh authentication script with simple user db
+for use withauth-user-pass-verify via-file option
+
+It's a simple sh shell script that is target at consumer routers that dont't
+have perl or any other scripting languages installed on them,
+but need a simple ovpn authentication
+
+LICENSE
+-----------------------------------
+NONE
+
+INSTALL
+------------------------------------
+1) copy ovpnauth.sh script to your server,
+make it executable (chmod +x) and make sure you can execute it
+
+2) create a file named ovpnauth.conf and put it inside for example
+ /usr/local/etc/
+
+3) for each user you want to register
+ 3a) compute md5 checksum using this ovpnauth.sh md5 password
+ 3b) add line in your ovpnauth.conf that reads like this:
+ username=[computed-md5-password]
+ where [computed-md5-password] is md5 checksum you computed
+
+4) edit ovpnauth.sh and make sure your conf path (path to ovpnauth.conf) is correct
+ 4a) (optional) you can change your logfile path
+
+5) now in your openvpn.conf add this options
+ script-security 2
+ auth-user-pass-verify ovpnauth.sh via-file
+ also you can replace ovpnauth.sh with full path to your ovpnauth script
+
+6) Enjoy sh shell based OpenVPN authentication
+ and don't forget to specify auth-user-pass option in
+ your openvpn client config
+
61 ovpnauth.sh
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+# Config parameters
+
+conf="/usr/local/etc/ovpnauth.conf"
+logfile="/var/log/ovpnauth.log"
+
+# End of config parameters
+
+if [ "$1" = "" ] || [ "$1" = "help" ]
+then
+ echo "ovpnauth.sh v0.1 - OpenVPN sh authentication script with simple user db"
+ echo " for use withauth-user-pass-verify via-file option"
+ echo ""
+ echo "help - prints help"
+ echo "md5 password - to compute password md5 checksum"
+ return 1
+fi
+
+md5(){
+ echo "$1.`uname -n`" > /tmp/$$.md5calc
+ sum="`md5sum /tmp/$$.md5calc | awk '{print $1}'`"
+ rm /tmp/$$.md5calc
+ echo "$sum"
+}
+
+if [ "$1" = "md5" ]
+then
+ echo `md5 $2`
+ return 1
+fi
+
+log(){
+ echo "`date +'%m/%d/%y %H:%M'` - $1" >> $logfile
+}
+
+logenv(){
+ enviroment="`env | awk '{printf "%s ", $0}'`"
+ echo "`date +'%m/%d/%y %H:%M'` - $enviroment" >> $logfile
+}
+
+envr="`echo `env``"
+userpass=`cat $1`
+username=`echo $userpass | awk '{print $1}'`
+password=`echo $userpass | awk '{print $2}'`
+
+# computing password md5
+password=`md5 $password`
+userpass=`cat $conf | grep $username= | awk -F= '{print $2}'`
+
+if [ "$password" = "$userpass" ]
+then
+ log "OpenVPN authentication successfull: $username"
+ logenv
+ return 0
+fi
+
+log "OpenVPN authentication failed"
+log `cat $1`
+logenv
+return 1
Please sign in to comment.
Something went wrong with that request. Please try again.