|
|
On Fri, 2007-01-05 at 09:39 -0800, Nick wrote:
> I've spent the last hour researching how to set up an openvpn server
> without any encryption whatsoever, not even shared keys, and it seems
> like it's impossible to do. The reason encryption is not needed is that
> client connections arrive over secure links (ssh sessions with 1 time
> passwords).
> In other words if you are able to connect to the openvpn server that's
> good enough and there
> is no need for additional overhead (i.e. yet more encryption or
> authentication).
> Why server mode you might wonder?
> Because I want the server to push several subnets to the clients.
> I want all the benefits of server mode without the cost of auth &
> encryption.
This doesn't exactly answer your question, but if you are
using Linux and just want tunnels to transport known private
network ranges over the internet you can use GRE tunnels
instead of a VPN. It's not as handy in dynamic scenarios
as openvpn but not bad for fixed locations and has the
advantage of interoperating with Cisco (and probably other)
routers. If you do stick with openvpn, blowfish encryption
is not very CPU intensive.
--
Les Mikesell
lesmikesell@xxxxxxxxx
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|