Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Security question about VPN and Public WiFi

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
DebUs
Posts: 15
Joined: 2021-09-17 14:39

Security question about VPN and Public WiFi

#1 Post by DebUs »

Hi!
I have question about security of VPN client.
Let say I have Note with VPN client and public WIFI like regular library or cafeteria.

So when I will turn on network connection first thing start is a VPN client will send open security key to remote server.
And in this moment it possible to man-in-middle just intercept this initialization message and so no security.

Sorry for stupid question but it reasonable correct ? 8)

Bulkley
Posts: 6383
Joined: 2006-02-11 18:35
Has thanked: 2 times
Been thanked: 39 times

Re: Security question about VPN and Public WiFi

#2 Post by Bulkley »

Maybe I'm wrong but I expect your VPN is encrypted so anyone intercepting your login would be frustrated.

User avatar
Hallvor
Global Moderator
Global Moderator
Posts: 2029
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 139 times
Been thanked: 206 times

Re: Security question about VPN and Public WiFi

#3 Post by Hallvor »

Sorry, but what is an open security key? Your VPN login details? In that case, they "should" be encrypted with SSL.
[HowTo] Install and configure Debian bookworm
Debian 12 | KDE Plasma | ThinkPad T440s | 4 × Intel® Core™ i7-4600U CPU @ 2.10GHz | 12 GiB RAM | Mesa Intel® HD Graphics 4400 | 1 TB SSD

DebUs
Posts: 15
Joined: 2021-09-17 14:39

Re: Security question about VPN and Public WiFi

#4 Post by DebUs »

Hallvor wrote: 2021-09-17 21:19 Sorry, but what is an open security key? Your VPN login details? In that case, they "should" be encrypted with SSL.

Sorry, I mean that part of key that using in Assimetric encryption - Public key. Whatever. During first initial message from Note that will have Public key to stable vpn chanel can be intercepted and create a chanel3 through middle-man.

User avatar
Hallvor
Global Moderator
Global Moderator
Posts: 2029
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 139 times
Been thanked: 206 times

Re: Security question about VPN and Public WiFi

#5 Post by Hallvor »

If there is signature verification, it should be safe.

https://stackoverflow.com/questions/182 ... -signature
[HowTo] Install and configure Debian bookworm
Debian 12 | KDE Plasma | ThinkPad T440s | 4 × Intel® Core™ i7-4600U CPU @ 2.10GHz | 12 GiB RAM | Mesa Intel® HD Graphics 4400 | 1 TB SSD

Post Reply