Risks of auth and cipher none

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ChuckHL
OpenVpn Newbie
Posts: 2
Joined: Fri Aug 18, 2017 4:59 pm

Risks of auth and cipher none

Post by ChuckHL » Fri Aug 18, 2017 5:19 pm

Can anyone tell me of the risks of setting up on the openvpn config file:
cipher none
auth none

Besides the obvious that the connection becomes transparent and people will be able to see the packets?

Can anyone connect to the server without the keys?
The server is using client/server/ca/dh keys of 4096 bits RSA with sha512. It also uses 2048bit RSA tls-auth static key. And it also requires user/pass credentials.

Why would I want to use cipher/auth none? The connections to the server are few and are mainly for streaming services. Using the Linux TOP command on my router with tomato OS, the openvpn app is using the CPU at 80% when streaming and keeping my router hot.

Regards

User avatar
disqualified
OpenVPN User
Posts: 40
Joined: Fri Jun 03, 2016 7:13 pm

Re: Risks of auth and cipher none

Post by disqualified » Fri Aug 18, 2017 7:24 pm

What does the 'P' in VPN stand for ?

ChuckHL
OpenVpn Newbie
Posts: 2
Joined: Fri Aug 18, 2017 4:59 pm

Re: Risks of auth and cipher none

Post by ChuckHL » Sat Aug 19, 2017 12:48 am

Thats what I meant regarding the obvious that it will no longer be PRIVATE (since its Transparent to everyone).

Besides the PRIVACY related issues? Any vulnerabilities related with cipher/auth none?

To be precise, besides the fact that everything transmitted is clear-text (sort of, unless the traffic is https, ssl, tls, ssh, etc, related) and can be seen/sniffed by any one in the middle, could someone gain access to the other devices on each network both at server and client side?

Post Reply