Re: Ideas for securing OpenVPN on an OpenWrt router

To: debian-user@lists.debian.org
Subject: Re: Ideas for securing OpenVPN on an OpenWrt router
From: Andrej Kacian <andrej+debian@kacian.sk>
Date: Tue, 8 Mar 2011 17:40:17 +0100
Message-id: <[🔎] 20110308174017.01698b21@penny>
In-reply-to: <[🔎] 12e961ad812.1858043358806244837.-6321858723867134890@zoho.com>
References: <[🔎] 12e961ad812.1858043358806244837.-6321858723867134890@zoho.com>

On Tue, 08 Mar 2011 07:34:24 -0800
erikmccaskey64 <erikmccaskey64@zoho.com> wrote:

> OpenWrt isn't OpenBSD, so from the "ps" command i can see that the OpenVPN
> is runned by root. it's not so secure. How can i make it more secure?

In the openvpn configuration file:

user nobody
group nogroup

(or whatever equivalents OpenWrt has for these)

openvpn will run as root, do necessary stuff and drop privileges.

-- 
Andrej

Reply to:

Follow-Ups:
- Re: Ideas for securing OpenVPN on an OpenWrt router
  - From: Eero Volotinen <eero.volotinen@iki.fi>

References:
- Ideas for securing OpenVPN on an OpenWrt router
  - From: erikmccaskey64 <erikmccaskey64@zoho.com>

Prev by Date: Ideas for securing OpenVPN on an OpenWrt router
Next by Date: Re: Ideas for securing OpenVPN on an OpenWrt router
Previous by thread: Ideas for securing OpenVPN on an OpenWrt router
Next by thread: Re: Ideas for securing OpenVPN on an OpenWrt router
Index(es):
- Date
- Thread