Install tinc package:
pkg_add tinc
apt install tinc
Choose name for your private network. I named it home.
Create directory for storing virtual networks configuration
test -d /etc/tinc/home/hosts || mkdir -p /etc/tinc/home/hosts
And put tinc config into it:
cat > /etc/tinc/home/tinc.conf << EOF
Name = client1
ConnectTo = orange.svyrydiuk.eu
EOF
Generate private/public key pair:
tincd -n home -K
It will show the message like this:
Generating 2048 bits keys:
..........................................................+++++ p
......+++++ q
Done.
Please enter a file to save private RSA key to [/etc/tinc/home/rsa_key.priv]:<Press Enter>
Please enter a file to save public RSA key to [/etc/tinc/home/hosts/client1]:<Press Enter>
Copy host configuration file from your VPN server host to the client host. In my case, VPN server host is orange.svyrydiuk.eu.
Configuration file is /etc/tinc/home/hosts/orange on both server and client.
Address = orange.svyrydiuk.eu
Subnet = 10.0.0.0/24
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAvpQDmw2xTwmBq65hBkoEIGjtfRfLGPDj1+Y0PbLLZQ/GZSdevcii
....
....
EyoSBS6xle/uvuoRDa57Pj366EZVzTm1a0dFLZmtQVOgxOPmpQ4jVTUCAwEAAQ==
-----END RSA PUBLIC KEY-----
Do the same with host configuration file you have on your client host. Copy it to VPN server.
Also create tinc-up and tinc-down scripts on client in /etc/tinc/home:
#!/bin/sh
# /etc/tinc/home/tinc-up
ifconfig $INTERFACE 10.0.0.100 netmask 255.255.255.0
#!/bin/sh
# /etc/tinc/home/tinc-down
ifconfig $INTERFACE down
chmod +x tinc-[ud]*
rcctl enable tincd
rcctl set tincd flags "-U _tinc --chroot --net=home"
rcctl start tincd
In case of errors have a look at log records or run tincd as a foreground process and debug enabled:
tincd --no-detach --config=/etc/tinc/home -d 3 --net home