tls-auth with tunnelblick

[opens...@gmail.com]

Hi,
I'm trying to configure tunnelblick (3.3beta54) as openvpn server and I wondering how to create ta.key file with scripts provided by tunnelblick.
According to web site there should not be need for any other software "You don't need any other programs to use Tunnelblick. It comes with the OpenVPN program and all required drivers built into the Tunnelblick application itself."

I know I can create the ta.key file with command "openvpn2 --genkey --secret ./keys/ta.key" and I can install openvpn2 via macports but just wondering if I'm missing the procedure how to create it without installing openvpn2.

If anyone have a link to good howto it would be nice.

-Harri-

[jkbull...gmail.com]

There isn't need for any other programs. Tunnelblick includes easy-rsa (an offshoot of the OpenVPN project), which will generate all the PKI (Public Key Infrastructure) that's needed.

To start easy-rsa, launch Tunnelblick, triple-click the Tunnelblick icon in the menu/status bar to open the "VPN Details…" window, then click on the "Utilities" tab at the top of the window. Click the "Open easy-rsa in Termal" button to open a Terminal window already cd-ed to a copy of easy-rsa.

Follow the instructions in Setting up your own Certificate Authority (CA) and generating certificates and keys for an OpenVPN server and multiple clients to set up a PKI.

[opens...@gmail.com]

Thank you for the reply. I will give it a try without tls-auth but just to confirm it this is supported by tunnelblick?
http://openvpn.net/index.php/open-source/documentation/howto.html#security

[jkbull...gmail.com]

Yes. It isn't really anything to do with Tunnelblick -- it's an OpenVPN feature. Tunnelblick is mostly just a GUI for OpenVPN.