Overall security mainly depends on client side: good passphrase and cryprographically good pseudo random number generator.
Some operating systems do not have good enough quality PRNG, bad
/dev/urandom
. You should use separate PRNG with them. GoVPN
communicates with them using
Entropy Gathering Daemon protocol.
To switch using EGD-compatible daemons instead of crypto/rand
library you provide -egd PATH
command line option, where
PATH
is the domain socket.
% ./govpn-server [...] -egd /var/run/egd.sock