Scheduled OpenVPN Key Refresh



  • Hi,

    First of all for the math guys out there, this may sound like a huge waste of time, but based on all of the commotion over at Slashdot for example, http://yro.slashdot.org/story/13/09/05/1951204/nsa-foils-much-internet-encryption, I am thinking about automating let's say, Nightly… new key generation for OpenVPN between sites on pfSense.  Let's say, shared keys for now.

    What the hell for?...

    Just for fun of course.  I was told once by someone that the NSA changes their own keys every 15 minutes and thought that the concept could be a fun exercise.

    So, with that said.  Is anyone interested in a package like this?



  • Its a good idea…  Would be great if the keys changed constantly and if the last key used would be the only key accepted for the beginning for the next session also.  I guess...    :-\

    I'm guessing you would be using blowfish?  I'm guessing....  I'd never suggest not to use AES...

    AES is NSA approved after all, so it must be awesomely unbreakable?


Log in to reply