OpenVPN and security
Hi
I configured the OpenVPN settings (generated the certificate, exported the file).
On the PC-client, I installed the OpenVPN client and connected the configuration file - works.
But I wonder how safe it is. Anything else I should set? I would like to limit the hosts that can connect via VPN for specific IP addresses. Can I set it?
I would also prefer to set a user with a password so that in the event of a host compromise, only this one user will be blocked, not all. But I don't see that option (username and password is only for PPTP VPN).
In many guides I see that the configuration file is saved in: \Program Files\OpenVPN\config - I didn't find it there. Edit: I found it here: C:\Users\username\AppData\Roaming\OpenVPN Connect\profiles\*.ovpn - plain text - after hacking a computer, you just need to copy the file. Without a username and password, it will just put the file under its client and establish a VPN connection. Do I think right?
I can see the private key in the exported configuration file. Does it really have to be there? I thought private keys should stay on the server and only public keys should be released into the world.