OpenVPN is a full-featured SSL VPN which can accomodate a wide
range of configurations, including remote access, site-to-site VPNs,
WiFi security, and enterprise-scale remote access with load
balancing, failover, and fine-grained access-controls.
OpenVPN implements OSI layer 2 or 3 secure network extension using the
industry standard SSL/TLS protocol, supports flexible client
authentication methods based on certificates, smart cards, and/or
2-factor authentication, and allows user or group-specific access
control policies using firewall rules applied to the VPN virtual
interface.
This build of OpenVPN depends upon having openssl (not just
openssl-solibs) and lzo installed on your computer.
Please note that there is no default config file for OpenVPN. This is
by design. OpenVPN can technically use any config file in any location.
However, this script does create an /etc/openvpn/ directory with certs/
and keys/ subdirectories. Feel free to place config files, keys, and
certificates in these directories. certs/ and keys/ are owned by user
root and group nobody and are not world readable nor writable.
Additionally, they are not writable by group nobody. It is recommended
that you run openvpn nobody:nobody, but you may use another
non-privilaged user and group at your option. Just change the
permissions on these permissions to reflect that if you do.