openvpn的认证有良多体例,好比证书认证,用户名密码认证,而用户名密码认证也可用经由过程两种体例实现,一是使用pam_mysql实现openvpn操作mysql认证,二是使用radius实现openvpn操作mysql认证,网上这种设置装备摆设都良多。可是照着做会呈现良多问题,这边就记实一下,使用pam_mysql实现openvpn操作mysql认证;尝试情形:os:centos 5.5openvpn:openvpn-2.1.4mysql:mysql-5.1.50pam_mysql:pam_mysql-0.7RC1openssl:openssl-1.0.0dlzo:lzo-2.02-3.el5.kb.i386.rpm、lzo-devel-2.03-6.el5.i386.rpm以上使用的软件,除lzo外都使用源码包安装。轨范记实:1.安装openssl:tar -zxvf openssl-1.0.0d.tar.gzcd openssl-1.0.0d ./configure –prefix=/usr/local/opensslmake make intstall2.安装lzorpm -ivh lzo-2.02-3.el5.kb.i386.rpmrpm -ivh lzo-devel-2.03-6.el5.i386.rpm3.安装openvpntar -zxvf openvpn-2.1.4.tar.gzcd openvpn-1.0.0d ./configure –prefix=/usr/local/openvpn –with-openssl=/usr/local/opensslmake make intstall4.安装mysqltar -zxvf mysql-5.1.50.tar.gzcd mysql-5.1.50 ./configure –prefix=/usr/local/mysql –with-mysqld-ldflags=-all-static –with-client-ldflags=-all-static –with-charset=latin1 –with-extra-charsets=utf8,gbkmake make intstall5.安装pam_mysqltar -zxvf pam_mysql-0.7RC1.tar.gzcd pam_mysql-0.7RC1如不美观直接./configure;make make install最后会发现client无法操作mysql认证链接openvpn 好错年夜致如下:BACKGROUND: *** failed … 继续阅读
openvpn的认证有良多体例,好比证书认证,用户名密码认证,而用户名密码认证也可用经由过程两种体例实现,一是使用pam_mysql实现openvpn操作mysql认证,二是使用radius实现openvpn操作mysql认证,网上这种设置装备摆设都良多。可是照着做会呈现良多问题,这边就记实一下,使用pam_mysql实现openvpn操作mysql认证;尝试情形:os:centos 5.5openvpn:openvpn-2.1.4mysql:mysql-5.1.50pam_mysql:pam_mysql-0.7RC1openssl:openssl-1.0.0dlzo:lzo-2.02-3.el5.kb.i386.rpm、lzo-devel-2.03-6.el5.i386.rpm以上使用的软件,除lzo外都使用源码包安装。轨范记实:1.安装openssl:tar -zxvf openssl-1.0.0d.tar.gzcd openssl-1.0.0d ./configure –prefix=/usr/local/opensslmake make intstall2.安装lzorpm -ivh lzo-2.02-3.el5.kb.i386.rpmrpm -ivh lzo-devel-2.03-6.el5.i386.rpm3.安装openvpntar -zxvf openvpn-2.1.4.tar.gzcd openvpn-1.0.0d ./configure –prefix=/usr/local/openvpn –with-openssl=/usr/local/opensslmake make intstall4.安装mysqltar -zxvf mysql-5.1.50.tar.gzcd mysql-5.1.50 ./configure –prefix=/usr/local/mysql –with-mysqld-ldflags=-all-static –with-client-ldflags=-all-static –with-charset=latin1 –with-extra-charsets=utf8,gbkmake make intstall5.安装pam_mysqltar -zxvf pam_mysql-0.7RC1.tar.gzcd pam_mysql-0.7RC1如不美观直接./configure;make make install最后会发现client无法操作mysql认证链接openvpn 好错年夜致如下:BACKGROUND: *** failed to authenticate: Permission denied所以,良多伴侣会在这里纠结,网上找了良久,发现这个原本是pam_mysql的一个bug ,解决法子是在编译之前,建树一个文件vim patch.in将如下内容复制到琅缦沔:— Makefile.in.chold 2008-07-14 10:25:53.000000000 +0200+++ Makefile.in 2008-07-14 10:26:06.000000000 +0200@@ -110,7 +110,7 @@ CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ LIBS = @LIBS@-pam_mysql_la_LIBADD = +pam_mysql_la_LIBADD = -lpam pam_mysql_la_OBJECTS = pam_mysql.lo CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)=================================膳缦沔的===不要复制进去,然后patch -p0 patch.in./configure –with-mysql=/usr/local/mysql –with-openssl=/usr/local/opensslmakemake install这是重启一下opven,client就可以链接openvpn了。写的斗劲仓皇,有时刻必然写一份完整的设置装备摆设文档!
No comments:
Post a Comment