OpenVPN: Difference between revisions
Jump to navigation
Jump to search
(Created page with "OpenVPN is the VPN solution of choice used by OSE. ==See Also== * Web server configuration * Wordpress * Vanilla Forums * Mediawiki * Munin * Awstat...") |
No edit summary |
||
| Line 1: | Line 1: | ||
OpenVPN is the [[VPN]] solution of choice used by OSE. | OpenVPN is the [[VPN]] solution of choice used by OSE. | ||
==Hardening== | |||
The server (and client) configs for OpenVPN should be hardened for security. For example, the admin should investigate the time-appropriate choices the following factors: | |||
# server & client RSA key sizes | |||
# DH params key size | |||
# cipher (for data channel) | |||
# tls-cipher (for control channel) | |||
# tls-version-min | |||
* For notes on how OpenVPN was hardened for the [[OSE Development Server]] in 2019, see [[Maltfield_Log/2019_Q3#Mon_Sep_09.2C_2019]] | |||
==See Also== | ==See Also== | ||
Revision as of 12:50, 9 September 2019
OpenVPN is the VPN solution of choice used by OSE.
Hardening
The server (and client) configs for OpenVPN should be hardened for security. For example, the admin should investigate the time-appropriate choices the following factors:
- server & client RSA key sizes
- DH params key size
- cipher (for data channel)
- tls-cipher (for control channel)
- tls-version-min
- For notes on how OpenVPN was hardened for the OSE Development Server in 2019, see Maltfield_Log/2019_Q3#Mon_Sep_09.2C_2019