On 09/05/2018 06:30 AM, Dan Purgert wrote:
Dan Ritter wrote:On Wed, Sep 05, 2018 at 12:29:02AM -0000, Dan Purgert wrote:Dan Ritter wrote:On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote:Has anyone set up OpenVPN with ssh-keygen -t rsa ?Technically, you can do that.ssh-keygen generates ssh keys, not x.509 certificates ...An x.509 cert contains an RSA key signed by a CA. openssl can do the signing, at which point you've half-reimplemented easy-rsa. -dsr-Sure - but it just seems silly to use ssh-keygen, then openssl to convert it to the right format when openssl (or the easy-rsa wrapper thereto) can do all the work for you in one go.
Ok, then it would be better to use openssl instead of ssh-keygen?I'm looking at putting OpenVPN on an established server, and wondering if it is really nessesary to install easy-rsa when I already have established ways of generating ssh keys.
Wayne Sallee Wayne@WayneSallee.com http://www.WayneSallee.com