Hi,
On Sat, Jan 06, 2024 at 07:03:37AM +, Peter Davis wrote:
> 1- But I need to put the server and client keys in /etc/openvpn/server and
> /etc/openvpn/client directories. Am I wrong?
Server keys go to the server file system.
Client keys go to the client file system.
CA cert goes everywhe
>On Wednesday, January 3rd, 2024 at 7:53 PM, Gert Doering
>wrote:
> Hi,
>
> On Wed, Jan 03, 2024 at 04:04:02PM +, Peter Davis via Openvpn-users wrote:
>
> > I have two questions:
> > 1- Is it possible to transfer server and client keys from one server to
> > another or must the keys be g
Hi,
On Sat, Jan 06, 2024 at 10:05:50AM +, Peter Davis wrote:
> I'm using OpenVPN 2.6.3 x86_64-pc-linux-gnu.
>
> I removed "cipher AES-256-GCM" from the configuration file and I see the
> following message in the log file:
>
> 2024-01-06 13:28:03 Note: --cipher is not set. OpenVPN versions b
>On Saturday, January 6th, 2024 at 12:27 PM, Gert Doering
>wrote:
> Hi,
>
> On Sat, Jan 06, 2024 at 07:03:37AM +, Peter Davis wrote:
>
> > 1- But I need to put the server and client keys in /etc/openvpn/server and
> > /etc/openvpn/client directories. Am I wrong?
>
>
> Server keys go to
Hi,
On 03/01/2024 23:28, Gert Doering wrote:
Hi,
On Wed, Jan 03, 2024 at 10:45:50PM +0100, Antonio Quartulli wrote:
On 03/01/2024 20:03, Gert Doering wrote:
Not sure I can come up with a good attack scenario
in an OpenVPN PKI scenario where the CA would be stopped from doing
something nasty b
Hi,
On Wed, Jan 03, 2024 at 10:45:50PM +0100, Antonio Quartulli wrote:
> On 03/01/2024 20:03, Gert Doering wrote:
> > Not sure I can come up with a good attack scenario
> > in an OpenVPN PKI scenario where the CA would be stopped from doing
> > something nasty by doing the full .csr dance (because
Hi,
On 03/01/2024 20:03, Gert Doering wrote:
Not sure I can come up with a good attack scenario
in an OpenVPN PKI scenario where the CA would be stopped from doing
something nasty by doing the full .csr dance (because it could still just
create arbitrary .key/.crt on its own, thus getting access
Hi,
On Wed, Jan 03, 2024 at 01:37:54PM -0500, Joe Patterson wrote:
> On Wed, Jan 3, 2024 at 11:24???AM Gert Doering wrote:
> > Ideally, you wouldn't create the keys "on the server" anyway - in a
> > secure world, the CA key never leaves a *secure* machine for key generation,
> > and you'd create
On Wed, Jan 3, 2024 at 11:24 AM Gert Doering wrote:
>
> Ideally, you wouldn't create the keys "on the server" anyway - in a
> secure world, the CA key never leaves a *secure* machine for key generation,
> and you'd create server key(s) and client keys on this machine, copying
> to the target machi
Hi,
On Wed, Jan 03, 2024 at 04:04:02PM +, Peter Davis via Openvpn-users wrote:
> I have two questions:
> 1- Is it possible to transfer server and client keys from one server to
> another or must the keys be generated on each server?
Ideally, you wouldn't create the keys "on the server" anywa
10 matches
Mail list logo
