Re: Missing easy-rsa package

[Reinis Ivanovs <dabas@untu.ms>]

The Debian Wiki guide I linked to doesn't work without easy-rsa, and basically every guide I've seen for configuring openvpn with TLS relies on easy-rsa, so a very common use case for openvpn isn't possible without the easy-rsa package, so it should be fair to say that the openvpn package is not fully usable without the easy-rsa package. Moreover, following strict security practices isn't always necessary, so I'm not sure why it needed to be brought up. I'm not setting up openvpn for an organization, just for myself and a quick test, so it's not relevant where the CA is. Finally, it's rather clear that you're replying to keywords and not the meaning of the message, which is more consistent with skimming or scanning, not reading. Declaring that the discussion is over is also a nice touch. All in all, it's been a very pleasant experience to take the time and try and report a problem with using backports.

Cheers,
R. <http://untu.ms/>

On Sat, Dec 20, 2014 at 2:15 PM, Alexander Wirt <formorer@formorer.de> wrote:

On Sat, 20 Dec 2014, Reinis Ivanovs wrote:

> I didn't say that it doesn't work, I said that it's not fully usable,
> meaning that setting up openvpn like in these instructions is not possible
> without easy-rsa: https://wiki.debian.org/OpenVPN#TLS-enabled_VPN
>
> Would be nice if you could read what you're replying to.
I do read. And I repeat, it is of course fully usable. And additionally your
CA shouldn't be on the same machine as the openvpn server.

However, this discussion ends here.

Alex - Backports ftpmaster