[ale] OT have some questions about vpn security
Jim Kinney
jim.kinney at gmail.com
Sat Jul 13 17:32:08 EDT 2013
The password only accesses the VPN key. The key sets VPN "strength" based
on type of encryption and length as well as establishes user identity as
the key is signed. For SSL tunnels, the key is used to establish security
for the initial handshakes then SSL protocols take over. A symmetric key is
exchanged through the handshake that is long, strong and changeable on a
regular basis throughout the life of the tunnel. The best pattern is to
expire a symmetric key before enough data has passed to seed a successful
crack attempt. Before it expires, a new key is generated and exchanged.
On Jul 13, 2013 5:02 PM, "Ron Frazier (ALE)" <
atllinuxenthinfo at techstarship.com> wrote:
> Hi all,
>
> I've got a question about vpn operation. I have the following service
> with hotspotvpn.com.
>
> <quote>
> HotSpotVPN-2 is an OpenVPN based SSL VPN. There are three HotSpotVPN-2
> flavors differentiated by encryption; Blowfish 128 bit, AES 192 bit and AES
> 256bit.
> </quote>
>
> I have the Blowfish 128 bit service.
>
> I've imported the cryptographic credentials to the Open Vpn Client for
> Android, but also use it on my pc's. When I access the vpn for the first
> time, I enter my access password, which I allow the client to save.
>
> The password is good not but incredibly stellar, as in not 45 characters
> of random gibberish.
>
> The question is, what effect does the access password have on the security
> of the tunnel? Does it have any effect at all? Does using a somewhat
> lesser password make it easier to break into my communications if I'm on
> public wifi? Or does that just govern access to my account and the
> strength of the tunnel is the same regardless?
>
> Hope that makes any sense.
>
> Also, just as a side note, I'm sitting in a Barnes & Noble right now
> typing this. I'm using port 443 via udp on the vpn. I notice that it
> disconnects and reconnects every few minutes. Do you know if these stores
> do something funny to keep vpns from not working properly. I can run the
> tunnel at home for no hours with no problem, but have much less reason to
> use it there.
>
> Any help is appreciated.
>
> Sincerely,
>
> Ron
>
>
>
> --
>
> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
> Please excuse my potential brevity if I'm typing on the touch screen.
>
> (PS - If you email me and don't get a quick response, you might want to
> call on the phone. I get about 300 emails per day from alternate energy
> mailing lists and such. I don't always see new email messages very
> quickly.)
>
> Ron Frazier
> 770-205-9422 (O) Leave a message.
> linuxdude AT techstarship.com
> Litecoin: LZzAJu9rZEWzALxDhAHnWLRvybVAVgwTh3
> Bitcoin: 15s3aLVsxm8EuQvT8gUDw3RWqvuY9hPGUU
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130713/38d1bd2b/attachment.html>
More information about the Ale
mailing list