[TriLUG] linode, VPN, SSH
Kevin Otte
nivex at nivex.net
Thu Aug 28 11:00:36 EDT 2014
OpenVPN can be run without any encryption. It will bark at you, but it
will run.
For my IPv6 lab I just use the static key mode. Unlike TLS, if that key
is ever compromised, all previous traffic could be decrypted. I mostly
use it as an authentication layer (yes, this is my lab) and the weaker
encryption is just a side bonus.
I think the screwier part of this whole scenario is the requirement of a
static endpoint address for a piece of software that was *designed* for
roaming access. Sounds like someone got their SHOULD and MUST (RFC
terms) conflated.
-- Kevin
On 08/27/2014 05:23 PM, Igor Partola wrote:
> 4. Let's pause and thing about how insane this situation is: we are talking
> about wrapping an encrypted SSH connection into an SSL VPN connection,
> which will then be wrapped into an OpenVPN connection? SECOORITY!
More information about the TriLUG
mailing list