[peervpn] "psk <password>" bug?

Tomasz Chmielewski mangoo at wpkg.org
Wed Oct 21 07:23:01 CEST 2015


In peervpn.conf, we can see:

## Option:       psk <password>
## Description:  Specifies the PSK for the network. It can be a
##               password that is up to 512 characters long.
##               It is recommended to use a minimum of 8 characters.
##               If unspecified, the PSK will be set to "default".
## Example:      psk mytopsecretpassword

I've tried to specify a password which is 512 characters long (with 
"pwgen 512 1"), however, the nodes never connect to each other with it. 
They also don't report any error etc.

A password which was 511 characters long is working fine.


Furthermore:

1) does the password length have any influence on negotiation speed 
and/or later transfer speed?


2) I think that defaulting the password to "default" is a bad idea. 
People are lazy, often set the defaults - and it's an invitation to have 
insecure PeerVPN installations.

The program should just exit indicating the error if the password is not 
specified, if it's shorter than the minimum (8 characters seem too low, 
make the minimum 32 characters?), if it's longer than the maximum or 
otherwise invalid.


Tomasz Chmielewski



More information about the peervpn mailing list