TincVPN Setup
You need at least 2 Server with Debian or Ubuntu for this Howto.
Server 1 & 2
apt-get install tinc && mkdir /etc/tinc/myVPN
Add
myVPN
into /etc/tinc/nets.boot below
## This file contains all names of the networks to be started on system startup.
Lets create tinc.conf
cd /etc/tinc/myVPN
Server 1 Add into /etc/tinc/myVPN/tinc.conf
Name = Server1 AddressFamily = ipv4 Interface = tun0 #ConnectTo = Server1 ConnectTo = Server2
Server 2 Add into /etc/tinc/myVPN/tinc.conf
Name = Server2 AddressFamily = ipv4 Interface = tun0 ConnectTo = Server1 #ConnectTo = Server2
Server 1 & 2
mkdir /etc/tinc/myVPN/hosts && cd /etc/tinc/myVPN/hosts
Server 1 Add into /etc/tinc/myVPN/hosts/Server1
Address = Server1_publicIP #Port = 665 Subnet = 10.0.0.1/32
Server 2 Add into /etc/tinc/myVPN/hosts/Server2
Address = Server2_publicIP #Port = 665 Subnet = 10.0.0.2/32
Server 1 & 2
tincd -n myVPN -K4096
Enter… Enter…
This generates/attaches the public and private key pair
Public Key: /etc/myVPN/hosts/Server1/2
Private Key: /etc/myVPN/rsa_key.priv
Server 1 Add into /etc/tinc/myVPN/tinc-up
#!/bin/sh ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0
Server 2 Add into /etc/tinc/myVPN/tinc-up
#!/bin/sh ifconfig $INTERFACE 10.0.0.2 netmask 255.255.255.0
Server 1 & 2 Add into /etc/tinc/myVPN/tinc-down
#!/bin/sh ifconfig $INTERFACE down
We need to make the scripts executable
chmod 755 /etc/tinc/myVPN/tinc-*
Server 1 We need to copy the Public keys now, you can use tons of methods for that
For Server 1 we need to copy /etc/tinc/myVPN/hosts/Server1 to Server2, /etc/tinc/myVPN/hosts/Server1
Server 2
For Server 2 we need to copy /etc/tinc/myVPN/hosts/Server2 to Server1, /etc/tinc/myVPN/hosts/Server2
Finish
Since Tinc is in nets.boot you can just reboot your boxes or sudo service tinc start.
For Debian 10 you can use:
systemctl enable tinc@myVPN systemctl start tinc@myVPN
If you have issues, you can debug if tinc is able to open a connection to the other server with
sudo tincd -n myVPN -D -d3
You need to enable TUN/TAP for OVZ