Previous: , Up: User  


Example usage

Let’s assume that there is some insecure link between your computer and WiFi-reachable gateway.

Install. At first you must install this software: download, check the signature, compile.

Prepare the client. Generate client’s identity and verifier for Alice as an example:

client% ./utils/newclient.sh Alice
Enter passphrase:
Your id is: 7012df29deee2170594119df5091d4a2

Place the following JSON configuration entry on the server's side:

    "7012df29deee2170594119df5091d4a2": {
        "name": "Alice",
        "up": "/path/to/up.sh",
        "verifier": "fb43255ca3fe5bd884e364e5eae0cd37ad14774930a027fd38d8938fd0b57425"
    }

Verifier was generated with:

    ./utils/storekey.sh /tmp/passphrase
    govpn-verifier -id 7012df29deee2170594119df5091d4a2 -key /tmp/passphrase

Prepare the server. Add this entry to peers.json configuration file.

Prepare network on GNU/Linux IPv4 server:

server% umask 077
server% echo "#!/bin/sh" > /path/to/up.sh
server% echo "echo tap10" >> /path/to/up.sh
server% ip addr add 192.168.0.1/24 dev wlan0
server% tunctl -t tap10
server% ip link set mtu 1432 dev tap10
server% ip addr add 172.16.0.1/24 dev tap10
server% ip link set up dev tap10

Run server daemon itself:

server% govpn-server -bind 192.168.0.1:1194 -mtu 1472

Prepare network on GNU/Linux IPv4 client:

client% umask 066
client% utils/storekey.sh key.txt
client% ip addr add 192.168.0.2/24 dev wlan0
client% tunctl -t tap10
client% ip link set mtu 1432 dev tap10
client% ip addr add 172.16.0.2/24 dev tap10
client% ip link set up dev tap10
client% ip route add default via 172.16.0.1

Run client daemon itself:

client% govpn-client \
    -key key.txt \
    -id 906e34b98750c4f686d6c5489508763c \
    -iface tap10 \
    -remote 192.168.0.1:1194 \
    -mtu 1472

FreeBSD IPv6 similar client-server example:

server% ifconfig em0 inet6 fe80::1/64
server% govpn-server -bind "fe80::1%em0"
client% ifconfig me0 inet6 -ifdisabled auto_linklocal
client% ifconfig tap10
client% ifconfig tap10 inet6 fc00::2/96 mtu 1412 up
client% route -6 add default fc00::1
client% govpn-client \
    -key key.txt \
    -id 906e34b98750c4f686d6c5489508763c \
    -iface tap10 \
    -remote "[fe80::1%me0]":1194

Previous: , Up: User