Setting up OpenVPN on LEDE

Installing and Using OpenWrt Network and Wireless Configuration
1

Hello All,

I am working on setting up OpenVPN on my Linksys router. I was searching google and found some documentation on how to setup up openvpn and found this guide:

https://help.my-private-network.co.uk/support/solutions/articles/24000005597-openwrt-lede-openvpn-setup

Everything looks good in the guide, nice details and explanations, however, I have one question about the tls-auth.key part. Wouldn't this pose some type of security risk using an already generated key? I set up openvpn on a VPS running Ubuntu 14.04 using easy-rsa and it generated the keys for me.

Any how, I'm a bit of a noob but it doesn't seem safe to use a key that was already generated and published on the interweb. Any thoughts and/or advice on this would be much appreciated.

Regards,
DM

2

The TLS auth key is an extra layer of security for the server owner, intended to prevent hackers from hammering on the server trying to guess passwords. In a small private service there is some chance of distributing it only to authorized users. Most large scale public services don't bother with it. It is pointless when they outright make it public.

As a client your main concern is not connecting to an imposter server. That should not happen if their CA certificate is secure.