|
|
Thanks for the suggestion. Linux is the server box but clients can be anything - xp, linux, freebsd, solaris, etc., any box that can run ssh and openvpn can be a client. If I were to choose the blowfish cipher as you suggest then what is the config file specification for it? (i.e. "server a.b.c.d" or "mode server" option). I am using the latest posted version of openvpn. Thanks. On Fri, 05 Jan 2007 12:04:45 -0600, "Les Mikesell" <lesmikesell@xxxxxxxxx> said: > On Fri, 2007-01-05 at 09:39 -0800, Nick wrote: > > > I've spent the last hour researching how to set up an openvpn server > > without any encryption whatsoever, not even shared keys, and it seems > > like it's impossible to do. The reason encryption is not needed is that > > client connections arrive over secure links (ssh sessions with 1 time > > passwords). > > In other words if you are able to connect to the openvpn server that's > > good enough and there > > is no need for additional overhead (i.e. yet more encryption or > > authentication). > > Why server mode you might wonder? > > Because I want the server to push several subnets to the clients. > > I want all the benefits of server mode without the cost of auth & > > encryption. > > This doesn't exactly answer your question, but if you are > using Linux and just want tunnels to transport known private > network ranges over the internet you can use GRE tunnels > instead of a VPN. It's not as handy in dynamic scenarios > as openvpn but not bad for fixed locations and has the > advantage of interoperating with Cisco (and probably other) > routers. If you do stick with openvpn, blowfish encryption > is not very CPU intensive. > > -- > Les Mikesell > lesmikesell@xxxxxxxxx > > -- Nick z508617@xxxxxxxx -- http://www.fastmail.fm - One of many happy users: http://www.fastmail.fm/docs/quotes.html ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |