[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] OpenVPN Certificate <-> Encryption Key

  • Subject: [Openvpn-users] OpenVPN Certificate <-> Encryption Key
  • From: Patrick Cervicek <patrick.openvpn@xxxxxxxxxxx>
  • Date: Fri, 23 Mar 2007 14:52:25 +0100

Our users need a certificate(/key), username and password to connect to
our OpenVPN-Server (2.0.9). We use the certificates to proof, that the
user was at least one time at our campus. Authentication itself is
handled with username/password. The necessary certificates are issued
automatically in the internal network over a https-Script. As our Users
find the script "difficult" to use, we would like to include one
key-/certifcate-pair in the OpenVPN-NSIS-Package. So it would be the
*same* key-/certificate for all users. (I saw this setup already
somewhere else)

If we would do that, are the session-encryption-keys for all users the
same or would they be different? Could the users sniff the session-keys
or the traffic of each other? I read the security page, but I am not
sure how to interpret it.
What other kind of risks would you see in this setup?


OpenVPN mailing lists