What is OpenVPN ?
OpenVPN is an open-source commercial
software that implements virtual private network (VPN) techniques to create
secure point-to-point or site-to-site connections in routed or bridged
configurations and remote access facilities. It uses a custom security protocol
that utilizes SSL/TLS for key exchange. It is capable of traversing network
address translators (NATs) and firewalls. It was written by James Yonan and is
published under the GNU General Public License (GPL).
OpenVPN allows peers to authenticate each other using pre-shared secret keys,
certificates or username/password. When used in a multiclient-server
configuration, it allows the server to release an authentication certificate for
every client, using signatures and certificate authority. It uses the OpenSSL
encryption library extensively, as well as the TLS protocol, and contains many
security and control features.
Encryption:
OpenVPN uses the OpenSSL library to provide encryption of both the data and
control channels. It lets OpenSSL do all the encryption and authentication work,
allowing OpenVPN to use all the ciphers available in the OpenSSL package. It can
also use the HMAC packet authentication feature to add an additional layer of
security to the connection (referred to as an "HMAC Firewall" by the creator).
It can also use hardware acceleration to get better encryption
performance.[13][14] Support for mbed TLS is available starting from version
2.3.
