OpenVPN
 |
|
| Original author(s) | James Yonan |
|---|---|
| Developer(s) | OpenVPN project / OpenVPN Technologies, Inc. |
| Initial release | 0.90 / 13 May 2001 |
| Stable release(s) | |
| 2.4.0 (27 December 2016) | |
| Preview release(s) | |
| 2.x (Git HEAD) (Every Sunday 05:00 UTC Main Mirror) | |
| Repository | sourceforge |
| Development status | Active |
| Written in | C |
| Platform |
Windows (XP or later) macOS (OS X 10.8 or later) Android (4.0 or later) iOS (6.0 or later) Linux *BSD |
| Type | VPN |
| License | GNU General Public License |
| Website | openvpn |
OpenVPN is an open-source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL).
OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates or username/password. When used in a multiclient-server configuration, it allows the server to release an authentication certificate for every client, using signature and Certificate authority. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 , and contains many security and control features.
OpenVPN has been ported and embedded to several systems. For example, DD-WRT has the OpenVPN server function. SoftEther VPN, a multi-protocol VPN server, has an implementation of OpenVPN protocol.
OpenVPN uses the OpenSSL library to provide encryption of both the data and control channels. It lets OpenSSL do all the encryption and authentication work, allowing OpenVPN to use all the ciphers available in the OpenSSL package. It can also use the HMAC packet authentication feature to add an additional layer of security to the connection (referred to as an "HMAC Firewall" by the creator). It can also use hardware acceleration to get better encryption performance. Support for mbed TLS is available starting from version 2.3.
...
Wikipedia