Routine OpenVPN Test Successful Today

On my home server I also host a VPN, which is based on the OpenVPN protocol, and which is secured by password-challenges and encryption keys. From time to time I carry out a test of this VPN – i.e. from outside my LAN – to make sure that software-updates and other changes have not caused it to stop working.

Today I went to a public WiFi hot-spot, and carried out such a test.

This test was a bit different from earlier tests, in that it was the first time I used my new as the client.

The test was a full success. At first, after I had logged in to my VPN, I tried pinging another computer on my LAN. Then, I created a remote desktop session on one of my computers, in which the desktop session was being handed through to my tablet, by way of the VPN.

What this means is that my new is fully compatible and set up to use this feature.

Dirk

(Edit 04/18/2017 : )

I have noticed that performing this test also knocked my Google Calendar app out from syncing. This caused a famous situation, in which the app was still displaying my schedule, but the tablet was no longer giving any notifications, for the reminders programmed in my calendar. This caused me no immediate distress, because I possess sundry other devices, which give alarms to signal the same reminders.

But the way in which I got the tablet to rejoin this chorus, was by first telling the Android Application Manager to erase the Cache of this one app, and then to go into the Accounts settings panel, to go into my Google Accounts, and from there, to toggle syncing of the Calendar Off and then On again.

After that, the app has been sounding all the reminders as before.

 

An Added Note about Akonadi

In This Earlier Posting, I had written about a specific problem, which can happen, because the Linux / KDE PIM software (Personal Information Manager) uses Akonadi, and because Akonadi (still) runs a MySQL server-process, in the user-name of the user, within the personal folders of this user.

I also wrote that I use this, to sync my calendar, on my Linux machines, with my Google Calendar, and for nothing else.

I suppose that one fear which people might get from reading this, is that their Google Tokens might be stored in the Akonadi server. This is in fact untrue.

When Akonadi starts – which is when a user logs in to a new session – Akonadi actually retrieves any credentials it is going to use, from an additional KDE service called “Kwallet”. Kwallet is a miniscule store of secretive information, such as log-ins and tokens, which are protected by a password, which is used to encrypt all the contents of this wallet.

Hence, when I log in a user-session, I am also greeted by a password prompt from Kwallet, without which Akonadi could not retrieve its tokens. Certain other KDE applications also use this wallet feature.

So it is not actually the case, that KDE somehow muffs up the security, and stores such credentials anywhere in plain-text.

If we forget our password to Kwallet, then what we must ultimately do is delete our Kwallet, which also deletes any store of the secretive information we may have had. Doing so also does not recover the previous version of such information. That would need to be recreated from scratch.

Also, these types of issues make me happy, not to be using ‘KMail’ as my email client. KMail would store my email folders on Akonadi as well. And, seeing as I may frequently need to wipe Akonadi, due to certain reliability / configuration quirks, I would be losing all my email folders each time as well.

The email client I use under Linux is called ‘Icedove’, and is the unbranded version of ‘Thunderbird’. It has all the features which Thunderbird would have, but runs perfectly under Linux. It does not depend on Akonadi, nor on anything else KDE specifically.

Dirk