-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 29/09/14 14:15, David Sommerseth wrote: > On 26/09/14 17:04, Robin wrote: >> 1. I am using Ubuntu 14.04 and have set up OpenVpn previously >> with VPNbook and so know that at least 3 configuration >> certificates are needed to run OpenVpn. Where do I find them to >> access the openvpn server. > > This question quite vague. The certificates is where you saved > them when you configured your own CA. Ideally, your CA keys are > saved on an offline media. Your server only needs the CA > certificate, server key+cert and a dhparam file. The client only > needs the CA certificate, client key+cert. > > The CA key should never ever reside on an OpenVPN server, as that > can be used to sign new certificates and impose itself to be a > trusted client. > >> 2. Although I managed to get it working, I stopped using VPNbook >> because of rumours that it is a honeypot. OTH it would suit some >> agencies to have that rumour spread. Does anyone here know the >> truth?
I suddenly realised we're talking about two very different things. <http://www.vpnbook.com/> vs <https://www.packtpub.com/networking-and-servers/openvpn-2-cookbook> That's an epic fail! Sorry about that! Any public VPN provider where you get access, either for free or as a paid service, that provider controls the server. When someone external controls the server, you are enforced to trust that provider. If you don't trust them, then you can be a user or customer of that service. If vpnbook is trustworthy or not, I have no idea. I have rather set up my own VM or physical servers and configures the OpenVPN server myself. At that point I can trust the server, but anyone with access to the network outside by server can see the unencrypted traffic. If you want anonymity, TOR is probably a better solution, but you sacrifice speed for this anonymity. It all depends on what your purpose of the VPN is. - -- kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlQpV4QACgkQDC186MBRfro4SgCgrPLlG5j6+pOMMmNgvgzO2Wvy yEcAmwWBW0ycj83YcMDyjHrWJ5VA3eoX =yLDn -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Slashdot TV. Videos for Nerds. Stuff that Matters. http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
