In Cyber Security Intelligence Couse, one of the first topics in networking was Tinc VPN.
I coded a little script that will setup your encrypted VPN connection.
Tinc is very useful when you need to set up a VPN quickly.
It is a easy to use, and user friendly :)
I coded a little script that will setup your encrypted VPN connection.
Tinc is very useful when you need to set up a VPN quickly.
It is a easy to use, and user friendly :)
#!/bin/bash
# Tinc VPN Setup script.
# Be sure, that your system is accessible from outside your LAN. Otherwise it's waste of time :)
# By Alexander Korznikov.
#there are text coloring variables
bldred='\e[1;31m' # Red
bldgrn='\e[1;32m' # Green
bldylw='\e[1;33m' # Yellow
txtrst='\e[0m' # Text Reset
function usage()
{
echo ""
echo ""
echo -e "$txtcyn Be sure you've installed tinc previously, by$txtgrn apt-get install tinc$txtrst"
echo ""
echo -e "$bldred Please note, this stupid script will not check your input!! Check it twice!"
echo ""
echo -e "$txtwht By the way, you can view the source and get some useful stuff from it :) $txtrst"
echo ""
echo -e "$bldgrn Usage: sudo $0 install$txtrst"
echo ""
echo -e "$txtwht\t by Alexander Korznikov, @CSI-7$txtrst"
}
function install()
{
echo ""
echo -e "Enter your$bldgrn VPN Name$txtrst (default: myvpn) \c"
read myvpn
if [[ $myvpn != "myvpn" ]]
then
echo ""
echo -e "Your VPN Name: \"$bldgrn$myvpn$txtrst\""
myvpn=$myvpn
else
myvpn="myvpn"
echo ""
echo -e "Your VPN Name: \"$bldgrn$myvpn$txtrst\""
fi
mkdir -p /etc/tinc/$myvpn/hosts
tincconf="/etc/tinc/$myvpn/tinc.conf"
echo ""
echo -e "Enter your host name: \c"
read name
echo "Name = $name" > $tincconf
echo ""
echo "Setting AddressFamily to ipv4..."
echo "AddressFamily = ipv4" >> $tincconf
echo ""
echo "Setting Interface to \"tun0\"..."
echo ""
echo "Interface = tun0" >> $tincconf
# this checks if you using tinc in internet or local network
echo ""
echo -e "Do you setup your VPN on$bldgrn WAN$txtrst or$bldgrn LAN$txtrst network? [wan/lan] \c"
read answer
if [[ $answer == "wan" ]]
then
wget getmyipaddress.org -O ./inetip.txt -o /dev/null
myip=`cat inetip.txt |grep 'Your IP Address' | cut -d":" -f2 | sed -e 's, ,,g' |cut -d "<" -f1`
#rm inetip.txt
elif [[ $answer == "lan" ]]
then
myip=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`
else
echo "Incorrect answer...exiting!"
echo ""
echo "Cleanup..."
sleep 1
rm -r /etc/tinc/$myvpn
exit 0
fi
echo -e "For debug.. your IP Address is $bldgrn"$myip"$txtrst..."
echo ""
echo "Address = $myip" > /etc/tinc/$myvpn/hosts/$name
echo -e "Enter your$bldgrn VPN IP address$txtrst [ex. 5.0.0.22]: \c"
read vpnip
echo "Subnet = $vpnip/32" >> /etc/tinc/$myvpn/hosts/$name
echo ""
#checking if you already have private key for $myvpn
echo "Removing all previously generated keys for $myvpn..."
sleep 1
echo ""
if [ -e /etc/tinc/$myvpn/rsa_key.priv ]
then
rm /etc/tinc/$myvpn/rsa_key.priv
fi
echo ""
echo "Now, we'll generate public/private keys..."
echo ""
echo -e "Press Enter to continue... \c"
read blabla
tincd -n $myvpn -K4096
echo "Creating start-up script..."
sleep 1 #it's just for fun ;)
echo ""
echo "!#/bin/bash" > /etc/tinc/$myvpn/tinc-up
echo "ifconfig \$INTERFACE $vpnip netmask 255.255.255.0" >> /etc/tinc/$myvpn/tinc-up
chmod +x /etc/tinc/$myvpn/tinc-up
echo "Creating shutdown script..."
sleep 1
echo "!#/bin/bash" > /etc/tinc/$myvpn/tinc-down
echo "ifconfig \$INTERFACE down" >> /etc/tinc/$myvpn/tinc-down
chmod +x /etc/tinc/$myvpn/tinc-down
echo ""
echo -e "Enter the name you want to connect to [ex. john]: \c"
read connectto
echo "ConnectTo = $connectto" >> $tincconf
echo ""
echo ""
echo -e "Now, exchange public keys, and run $bldgrn\"tincd -n $myvpn\"$txtrst"
echo ""
if [[ $answer == "wan" ]]
then
echo -e "$bldred Be sure, if your system is accessible from outside.$txtrst"
echo ""
fi
nautilus /etc/tinc/$myvpn/hosts
echo "Good luck."
echo ""
}
if [[ $1 = "install" ]]
then
install
else
usage
fi
No comments:
Post a Comment