Next

eurephia 1.0

Administrators Tutorial and Manual

Installation and administration

Edition 5

David Sommerseth

dazo@users.sourceforge.net

Legal Notice

Copyright © 2010 David Sommerseth.

The text of and illustrations in this document are licensed by David Sommerseth under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.

Linux® is the registered trademark of Linus Torvalds in the United States and other countries.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.

All other trademarks are the property of their respective owners.

Abstract

eurephia is an advanced and flexible authentication and access control plug-in for OpenVPN. This manual will guide the user through installing and configuring OpenVPN and eurephia

1. Document Conventions

1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings

2. We Need Feedback!

1. What is eurephia? - A little overview

I. Installation

2. Distribution specific installation

2.1. Arch Linux

2.1.1. Using AUR helpers
2.1.2. Doing it manually

2.2. Debian

2.3. Fedora

2.4. Gentoo

3. Compiling and manual installation

3.1. Requirements

3.1.1. OpenVPN requirements
3.1.2. eurephia requirements

3.2. Compiling OpenVPN

3.2.1. Download and unpack the source code
3.2.2. Compiling and installing OpenVPN

3.3. Compiling eurephia

3.3.1. Getting the source code
3.3.2. Compile eurephia
3.3.3. Installing eurephia

4. Initial configuration

4.1. Preparing the database

4.1.1. SQLite3

4.2. Initialising the database

4.2.1. SQLite3 database

4.3. Initialisation of eurephia

4.3.1. Password parameters
4.3.2. Setting up the eurephia administrator account
4.3.3. Session parameters
4.3.4. Failed attempts limits
4.3.5. Firewall integration

4.4. Preparing eurephiadm - eurephia command line administration utility

5. Firewall integration

5.1. iptables - Preparations

5.1.1. Preparing for firewall based blacklisting
5.1.2. Save the iptables changes

5.2. Telling eurephia about iptables

5.2.1. Setting up firewall based blacklisting manually

6. Configure OpenVPN

6.1. The OpenVPN server

6.1.1. eurephia and SQLite3

6.2. The OpenVPN clients

II. Management and Administration

7. User and access management

7.1. Basics about user accesses

7.1.1. Restricting access via the firewall

7.2. Certificate basics

7.3. Registering user accesses

7.3.1. Method A: Doing it all in one operation
7.3.2. Method B: The advanced manual way
7.3.3. Activate and deactivate user accounts

7.4. Firewall profiles

7.4.1. Registering firewall access profiles
7.4.2. Assigning firewall profiles to user accesses

8. eurephiadm access management

8.1. Granting admin access
8.2. Revoking admin access

A. Configuration variables

A.1. Inspecting and editing configuration variables

A.1.1. Show the current configuration
A.1.2. Add or modify a configuration variable
A.1.3. Delete a configuration variable

A.2. Generic configuration variables

A.2.1. Password hash
A.2.2. Attempts settings

A.3. eurephia-auth OpenVPN plug-in

A.3.1. Firewall integration

A.4. eurphia utilities

A.4.1. eurephiadmin_autologout
A.4.2. eurephiadm_xslt_path

B. Revision History

NextPreface