User Tools
Sidebar
technical:vpn:tinc
Table of Contents
Tinc VPN
Install Tinc
Arch Linux
sudo pacman -S tinc
Slackware Linux
wget https://slackbuilds.org/slackbuilds/15.0/network/tinc.tar.gz tar xzvf tinc.tar.gz cd tinc source tinc.info wget $DOWNLOAD sudo ./tinc.SlackBuild sudo installpkg tinc-1.0.36-x86_64-1_SBo.tgz
Generate Keys
tincd -n <netname> -K
Config
Copy keys to /etc/tinc/<netname>/
sudo mkdir -p /etc/tinc/<netname>hosts cp rsa_key.* /etc/tinc/<netname>/
Create tinc-up and tinc-down scripts.
/etc/tinc/<netname>/tinc-up
#!/bin/bash TUN="<interface>" SUB="<network_address/subnet_mask>" IP="<ip_address/subnet_mask>" ip link set $TUN up ip addr add $IP dev tinc0 ip route add $SUB dev tinc0
/etc/tinc/<netname>/tinc-down
#!/bin/bash TUN="<interface>" SUB="<network_address/subnet_mask>" IP="<ip_address/subnet_mask>" ip link set $TUN down ip route del $SUB dev $TUN ip addr del $IP dev $TUN
Create tinc configuration
/etc/tinc/<netname>/tinc.conf
Name = <hostname> Device = /dev/net/tun AddressFamily = ipv4 ConnectTo = <peer> Interface = <interface> Mode = router Port = <port>
Add tinc peers
/etc/tinc/<netname>/hosts/<peer>
Subnet = <peer_ip_address> Address = <peer_wan_address> <Peer's RSA Public Key>
Startup
Start tincd
VPN=$(ls /etc/tinc/) for VPN in $VPNS; do echo "Starting tinc daemon for $VPN..." /usr/sbin/tincd -n "$VPN" -d1 --logfile=/var/log/tinc."$VPN" done
Shell Script
#!/bin/sh VPNS=$(ls /etc/tinc) start () { for VPN in $VPNS; do echo "Starting tinc daemon for $VPN..." /usr/sbin/tincd -n "$VPN" -d1 --logfile=/var/log/tinc."$VPN" done } stop () { for VPN in $VPNS; do echo "Stopping tinc daemon for $VPN..." /usr/sbin/tincd -n "$VPN" -k done } restart () { stop sleep 1 start } case "$1" in ("start") start ;; ("stop") stop ;; ("restart") restart ;; (*) echo "Usage: $0 <start|stop|restart>" exit 1 esac exit 0
technical/vpn/tinc.txt · Last modified: 2023/05/13 18:14 by 127.0.0.1