OpenVPN security

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
CorsicaBia
OpenVpn Newbie
Posts: 2
Joined: Mon Feb 22, 2021 4:13 pm

OpenVPN security

Post by CorsicaBia » Mon Feb 22, 2021 4:21 pm

Hello all

First sorry for my poor english

I just installed an OpenVPN server on a Debian Buster (server mode). Before opening OpenVPN and allowing the connection from the internet in warrior mode, I tried to be as secure as possible:

- Of course user need a certificate
- I also activated a module (plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so /etc/pam.d/login) which forces users to enter a login / mdp
- Finally, the key is protected by a passphrase (each key has its own passphrase).

So to connect a user must enter his login / mdp and must then enter his passphrase for the key.

Is there something else to do, would I have missed something?

cordially

User avatar
TinCanTech
Forum Team
Posts: 9363
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN security

Post by TinCanTech » Tue Feb 23, 2021 12:27 am

CorsicaBia wrote:
Mon Feb 22, 2021 4:21 pm
Is there something else to do, would I have missed something?
You can also add some custom TLS key verification steps:
https://github.com/TinCanTech/easy-tls

CorsicaBia
OpenVpn Newbie
Posts: 2
Joined: Mon Feb 22, 2021 4:13 pm

Re: OpenVPN security

Post by CorsicaBia » Tue Feb 23, 2021 12:13 pm

Thank you, i am going to look.

Post Reply