How to set up an OpenVPN server on a Tomato router?

This is what I was trying to do: I have a Netgear WNR3500L V2 wifi router loaded with the TomatoUSB firmware 1.28. I want to enable the OpenVPN feature so that I can VPN to my home network while I am at work.

I tried Google search to find out the best answer to set it up and I ended up THIS one.Thanks very much for the author who wrote the excellent instructions. I did it on my Macbook Air (running Mavericks) through the Terminal app. There are two things I want to point out when I was following the instructions:
1. When I ran the command
git clone git@github.com:OpenVPN/easy-rsa.git

It did not work. It says the following:
Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.

So I have to visit the site (https://github.com/OpenVPN/easy-rsa), and download it by Clone in Desktop or Download ZIP from the right side of the web page.

2. In the last step about Generating Client Certificate and Key, after I ran the commands, I don’t know where is the certificate file (the client.crt) located because it did not tell. It only tells where the ca.key is. The answer is it’s located under the /home/user/openvpn/easy-rsa/easyrsa3/pki/issued/ directory.

SSH Public and Private keys

As a SSH client, when you run command, ssh-keygen -t rsa, under your user’s .ssh directory, you generate a key pair (bolded),like below:

l-fung-2:.ssh fung$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/fung/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/fung/.ssh/id_rsa.
Your public key has been saved in /Users/fung/.ssh/id_rsa.pub.
The key fingerprint is:
3d:30:b0:79:be:3e:80:42:09:0b:51:33:42:74:8d:f0 fung@L-Fung-2.local
The key’s randomart image is:
+–[ RSA 2048]—-+
|=*=.o .          |
|o.o+ . +         |
|.o E  o +        |
|. o    o +       |
| .   .  S o      |
|  . . .  . .     |
|   .   ..        |
|       ..        |
|        ..       |
+—————–+

The id_rsa.pub is a public key needs to be uploaded to the server you want to access. The id_rsa is a private key (confidential and don’t lose it) used to verify with the id_rsa.pub key. On the server side, you will need to add the id_rsa.pub key to the file called known_hosts.