Good day everyone,
I would like to ask everyone who has acknowledgement about setting up a VPN server.
I'm following the steps in this link: https://openwrt.org/docs/guide-user/services/vpn/openvpn/basic
but being stuck at Generate DH parameters. It keeps running without any result.
Servers and embedded devices (like routers) are notoriously low on entropy, but encryption needs high quality for generating certificates and keys - this will take a while on routers, there's nothing to speed it up (without either weakening the security or generating the keys elsewhere, on a normal computer running linux - or buying external entropy sources).
Thank you for your explanation. I will wait until a result is seen. 
I highly recommend creating the keys on a normal computer (desktop or laptop) and then moving them to the router after they have been generated. It is so much faster, and also keeps your key generation certificates on a separate system relative to where they will be used.
Hi psherman,
I would like to ask after generate VPN client profiles.Then I tried to import it to use on my phone with different network, but it not working. I do not understand why there is an IP like this.
What about haveged?
haveged helps, so do newer kernel versions, but it remains difficult to gather sufficient good entropy for cryptographic key generations.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
