The management of the tunnel broker may be complicated to handle manually. Therefore 6NET partners have written a very basic bash script that handles certificate creation, certificate signatures, server and client configurations and the creation of an archive file that may be given to users to set up the OpenVPN client on their machines. However, the script as of now can only be used to create client accounts, it cannot remove accounts and it does not handle the storage of client information in a user to set up local management. The script is released under the GNU GPL and may be modified to fit individual needs.

create-client-conf.sh is a script that is used to:

• create a client ID (e.g. user.name.ID),
• create an X.509 key and certificate for the client,
• sign the certificate using the CA's key,
• read routing relevant information from command line (hermit or subnet client, Linux or Windows host, prefix to use),
• create the server's configuration files and scripts,
• put all client relevant configuration files into an archive that is given to the user.

To facilitate debugging of the tunnel on the client's side, join-openvpn-sanity-check.sh can be run on a Linux subnet client. The script collects a number of different information and tries to analyse if the information makes sense. It tests the setup for potential errors and reports these errors back to the user.

The script does not modify the system; it is "read-only". It also does not send information somewhere;

it merely displays information on the console that can be used by the user to identify the source of a problem.

Both scripts may be freely downloaded and distributed under the terms of the GNU GPL, however it is important to note that the scripts should only be used as a reference for a local installation rather than as a full featured "all-in-one" package.

Note: Please make sure to read the README and INSTALL files that are included in the tarball because they contain important setup information for the scripts.