On 4/20/2015 4:50 AM, Gert Doering wrote: > Hi, > > On Mon, Apr 20, 2015 at 09:47:03AM +0200, j.witvl...@mindef.nl wrote: >> Everything has its pro/cons.... >> If a connection stands, it only consumes cycles and battery power. >> >> I was wondering, even if a connection was re-established with the peer-id, >> would full negotiation take place, requiring the access to your private key, >> and in some cases the prompting for the PIN? > The sole point of peer-id is to avoid having to re-establish a session > (and, for that matter, tear down the previous session). > > The server will just update its "what IP/port is the client on?" table > entry, without restarting anything. > > gert What I'm wondering is how secure that is, such as how easily one could fake such a reconnect to get in on someone else's session, where they wouldn't even need a key? I hope this is just good ol' fashion paranoia on my part, but it would be nice to know. Thanks.
-blz ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
