openvpn configuration, some problems with understanding certs

I have some problems with understanding the certs things… but I found rather clear howto at openvpn site:

Setting up your own Certificate Authority (CA) and generating certificates and keys for an OpenVPN server and multiple clients.

next tip, for much more security in openvpn is setting:

server side:

tls-auth /path/to/ta.key 0

client side:

tls-auth /path/to/ta.key 1

first you should generate this cert by:

openvpn –genkey –secret ta.key

and maybe changing the default blowfish alghoritm (128bit) with 256-bit AES by adding:

cipher AES-256-CBC

Tags: , , ,

Tuesday, August 5th, 2008 Linux, Security, Tips

No comments yet.

Leave a comment

Categories

Archive

Links

Meta