On Fri, Aug 14, 2009 at 07:42:07 +0100 (+0100), Stephen Nelson-Smith wrote:
> Morning,
>
> I've just deployed an OpenVPN solution for a client, and am
> considering enhancing the security by having the users keep their keys
> on an encrypted USB stick.
We use PAM authentication on top of openvpn
Hi Jon,
>> This sounds like the way to do it. Thanks for the hint.
>
> While that would solve the problem you've described, the whole solution
> still smells of "doing it wrong". There are specialist USB devices out
> there that are designed to hold secure certificates. You should really
> be usi
On Fri, 14 Aug 2009 10:12:15 +0100
Stephen Nelson-Smith wrote:
> > * udev (see /etc/udev/rules.d/*) to create your own device node
> > (e.g. /dev/vpn-keys), identifying the device by device ID, UUID
> > or filesystem label.
>
> This sounds like the way to do it. Thanks for the hint.
Hi Hugo,
> * udev (see /etc/udev/rules.d/*) to create your own device node
> (e.g. /dev/vpn-keys), identifying the device by device ID, UUID
> or filesystem label.
This sounds like the way to do it. Thanks for the hint.
S.
--
Stephen Nelson-Smith
Technical Director
Atalanta Systems
On Fri, Aug 14, 2009 at 09:15:32AM +0100, Stephen Nelson-Smith wrote:
> My question concerned where in the filesystem the keys would appear.
> It may not aways be the same - using automatic mounting, the user may
> get /media/disk1 one day and /media/disk2 another, if something else
> was mounted a
yone.
Cheers,
Paul.
--Original Message--
From: Keith Edmunds
Sender: hampshire-boun...@mailman.lug.org.uk
To: Hampshire LUG Mailing List
ReplyTo: Hampshire LUG Mailing List
Subject: Re: [Hampshire] OpenVPN + TrueCrypt
Sent: 14 Aug 2009 07:46
On Fri, 14 Aug 2009 07:42:07 +0100, sanel...@gm
On Fri, Aug 14, 2009 at 7:46 AM, Keith Edmunds wrote:
> On Fri, 14 Aug 2009 07:42:07 +0100, sanel...@gmail.com said:
>
>> I'm wondering how the
>> openvpn client knows where to find the keys?
>
> From the configuration file (the "ca", "cert" and "key" lines).
Obviously. I'd have struggled to have
On Fri, 14 Aug 2009 07:42:07 +0100, sanel...@gmail.com said:
> I'm wondering how the
> openvpn client knows where to find the keys?
>From the configuration file (the "ca", "cert" and "key" lines).
> am
> considering enhancing the security by having the users keep their keys
> on an encrypted USB
Morning,
I've just deployed an OpenVPN solution for a client, and am
considering enhancing the security by having the users keep their keys
on an encrypted USB stick.
Have any of you done anything like this? I'm wondering how the
openvpn client knows where to find the keys? I've heard about
Tru