summaryrefslogtreecommitdiffstats
path: root/source/n/openvpn/README
diff options
context:
space:
mode:
Diffstat (limited to 'source/n/openvpn/README')
-rw-r--r--source/n/openvpn/README26
1 files changed, 26 insertions, 0 deletions
diff --git a/source/n/openvpn/README b/source/n/openvpn/README
new file mode 100644
index 000000000..cf2c6602f
--- /dev/null
+++ b/source/n/openvpn/README
@@ -0,0 +1,26 @@
+OpenVPN is a full-featured SSL VPN which can accomodate a wide
+range of configurations, including remote access, site-to-site VPNs,
+WiFi security, and enterprise-scale remote access with load
+balancing, failover, and fine-grained access-controls.
+
+OpenVPN implements OSI layer 2 or 3 secure network extension using the
+industry standard SSL/TLS protocol, supports flexible client
+authentication methods based on certificates, smart cards, and/or
+2-factor authentication, and allows user or group-specific access
+control policies using firewall rules applied to the VPN virtual
+interface.
+
+This build of OpenVPN depends upon having openssl (not just
+openssl-solibs) and lzo installed on your computer.
+
+Please note that there is no default config file for OpenVPN. This is
+by design. OpenVPN can technically use any config file in any location.
+However, this script does create an /etc/openvpn/ directory with certs/
+and keys/ subdirectories. Feel free to place config files, keys, and
+certificates in these directories. certs/ and keys/ are owned by user
+root and group nobody and are not world readable nor writable.
+Additionally, they are not writable by group nobody. It is recommended
+that you run openvpn nobody:nobody, but you may use another
+non-privilaged user and group at your option. Just change the
+permissions on these permissions to reflect that if you do.
+