tls-auth: Enable tls-auth for security

* Enabling tls-auth improves security and helps protect against DDoS.
2014-06-04 15:34:42 -07:00 · 2014-06-04 15:34:42 -07:00 · bc4165e587
commit bc4165e587
parent 1751d00fc9
2 changed files with 6 additions and 6 deletions
--- a/bin/ovpn_getclient
+++ b/bin/ovpn_getclient
@ -37,10 +37,10 @@ $(cat $EASYRSA_PKI/ca.crt)
 <dh>
 $(cat $EASYRSA_PKI/dh.pem)
 </dh>
-#<tls-auth>
-#$(echo cat $EASYRSA_PKI/ta.key)
-#</tls-auth>
-#key-direction 1
+<tls-auth>
+$(cat $EASYRSA_PKI/ta.key)
+</tls-auth>
+key-direction 1

 <connection>
 remote $servername 1194 udp
--- a/bin/ovpn_init
+++ b/bin/ovpn_init
@ -44,8 +44,8 @@ key $EASYRSA_PKI/private/$cn.key
 ca $EASYRSA_PKI/ca.crt
 cert $EASYRSA_PKI/issued/$cn.crt
 dh $EASYRSA_PKI/dh.pem
-#tls-auth $EASYRSA_PKI/ta.key
-#key-direction 0
+tls-auth $EASYRSA_PKI/ta.key
+key-direction 0
 keepalive 10 60
 persist-key
 persist-tun