Re: Using OpenVPN client with wicd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Jul 07, 2015 at 07:55:26AM -0400, James P. Wallen wrote:
[...]
> Hi, Tomas! Thanks for your reply.
I wish I cold've been more helpful, but hey, you're welcome.
> No, my issue has nothing to do with corporate firewalls [...]
> Network-manager, as you're aware, has plugins for various types of
> VPN software. It's easy to use, but it just seems to be awfully
> large and, occasionally, a little trouble-prone compared to wicd.
This was my impression too. Since I tend for "simple", I try to
avoid NM altogether.
> I could generally just use /etc/network/interfaces and associated
> stuff, but was looking for a fiddle-free way to make my connections
> when I'm moving around while still enabling me to use OpenVPN.
Understood.
> [...] I want to see if I can figure out how to use
> OpenVPN from the CLI or via script using a certificate and password
> to connect to my favorite VPN out on the Internet.
I see.
Again, that's what I'm doing with socat: on the server there's a
socat process running as server (duh ;) -- which unwraps the SSL
layer and feeds its thing to the ssh server; on the client, a
socat opens a local port and I connect my ssh client (courtesy
of .ssh/config magic) to that: the socat wraps it in SSL and
connects to the server: voilà -- a VPN. To the outside world
it looks like any HTTPS connection. Since I have my own certificates,
I (hope!) would notice any attempt at MITM.
What turned me away from OpenVPN was that it wanted to be a
service started at boot time, with all that; besides it wants
to do magic to the routing tables and so on.
A tad too heavyweight for my taste.
But of course, it does many things automagically you'd otherwise
have to script.
Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlWb0sAACgkQBcgs9XrR2ka8ZQCfYg3FXZuOGyx/szTt/D92peSf
S5wAn2nl4T511FKgVWiex+BfW590ISeJ
=npSQ
-----END PGP SIGNATURE-----
Reply to: