Can anyone tell me of the risks of setting up on the openvpn config file:
cipher none
auth none
Besides the obvious that the connection becomes transparent and people will be able to see the packets?
Can anyone connect to the server without the keys?
The server is using client/server/ca/dh keys of 4096 bits RSA with sha512. It also uses 2048bit RSA tls-auth static key. And it also requires user/pass credentials.
Why would I want to use cipher/auth none? The connections to the server are few and are mainly for streaming services. Using the Linux TOP command on my router with tomato OS, the openvpn app is using the CPU at 80% when streaming and keeping my router hot.
Regards
Risks of auth and cipher none
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
- disqualified
- OpenVPN User
- Posts: 40
- Joined: Fri Jun 03, 2016 7:13 pm
Re: Risks of auth and cipher none
What does the 'P' in VPN stand for ?
-
- OpenVpn Newbie
- Posts: 2
- Joined: Fri Aug 18, 2017 4:59 pm
Re: Risks of auth and cipher none
Thats what I meant regarding the obvious that it will no longer be PRIVATE (since its Transparent to everyone).
Besides the PRIVACY related issues? Any vulnerabilities related with cipher/auth none?
To be precise, besides the fact that everything transmitted is clear-text (sort of, unless the traffic is https, ssl, tls, ssh, etc, related) and can be seen/sniffed by any one in the middle, could someone gain access to the other devices on each network both at server and client side?
Besides the PRIVACY related issues? Any vulnerabilities related with cipher/auth none?
To be precise, besides the fact that everything transmitted is clear-text (sort of, unless the traffic is https, ssl, tls, ssh, etc, related) and can be seen/sniffed by any one in the middle, could someone gain access to the other devices on each network both at server and client side?