Talk:OpenVPN

From What The Wiki?!

[edit]

discussion topics

you might wanna use CAcert certificates for openVPN

--Gramels 17:42, 27 Jun 2005 (CEST)


[edit]

How will it be used at WTH?

The key distribution will be the hardest organisatorical challange, thus I (Felix) recommend the following:

  1. a ssh connection (user, pass, hostname) will be broadcasted to interested users
  2. the ssh servers' fingerprint will be securely broadcasted to the users, so they can verify it on first connect
    1. this will be done by
      1. a ssl connection with a root-ca signed certificate (preferred) (anyone has this?)
      2. on paper hanging around, advertising the openvpn server and noting the ssh fingerprint
  3. once logged in via ssh, the user can inform him- or herself about the installation (hashes of rpms, tgz, exes avaible on the net) and will be guided thru it with a script
  4. if he or she has openvpn installed, the script will guide the user thru the process of key creation, the key and the config will be transported to the client over the ssh (copy n paste)
  5. then the uses recieves the command to run the openvpn client and hopefully everything will work fine
Retrieved from "http://wiki.whatthehack.org/index.php/Talk:OpenVPN"