Keys to iPhone? Best practices thoughts?

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)
Locked
CabbagesForChristmas

Keys to iPhone? Best practices thoughts?

Post by CabbagesForChristmas » Fri Feb 03, 2017 1:18 am

So CS is great for iPhone users.

There is little ability to protect yourself and your browser, unlike desktop Firefox for instance.

The built in adblocking and stuff makes CS a no brainer for iPhone browsing.


BUT, getting OVPN files there is a pain. I use emails, since I don't run iTunes. But even so, would you put your key in an OVPN file and send it via email or iTunes?


So far I try buy larger tokens because sitting for 5 minutes copying the key across is a laborious task, but it's the only safe way I think I can copy akey to it.


So merely as a thought game, can anyone think of an OpSec (or ConfSec?) way to get a key to the iPhone in a way that is easy and not error prone (ah, missed chars or mis-copied chars!!!)
Top
Khariz
Posts: 147
Joined: Sun Jan 17, 2016 7:48 am

Re: Keys to iPhone? Best practices thoughts?

Post by Khariz » Tue Feb 07, 2017 11:37 am

Khariz wrote:I wrote up a little guide on how to do this:
1. Download the app OpenVPN. Go into the iPhone's Settings app, locate OpenVPN, and enable "Force AES-CBC ciphersuites"

2. Download the app ZipViewer

3. Go to https://github.com/cryptostorm/cryptost ... tion_files

4. If you are on the mobile version of the page, scroll down to the bottom and click "Desktop Version"

5. Click the green "Clone or Download" button.

6. Click "Download ZIP".

7. Click "Open in..." in the upper left hand corner.

8. Select "Copy to ZipViewer".

9. Drill down into the Mac folder.

10. Select the .ovpn file of your choice.

11. Click the icon in the lower left that looks like a box with an arrow pointing up.

12. Select "Copy to OpenVPN".

13. Click the Green + sign.

14. Leave the certificate as "none selected"

15. Put your hashed (or un-hashed) token into the User ID box.

16. Put anything you want in the password field (I put a single letter).

17. Click save.

18. Connect and Enjoy.
Top
mjyxx

Re: Keys to iPhone? Best practices thoughts?

Post by mjyxx » Mon Feb 13, 2017 10:15 pm

would QR codes help after i have imported the vanilla .ovpn configs ?
Top
User avatar
parityboy
Site Admin
Posts: 1261
Joined: Wed Feb 05, 2014 3:47 am

Re: Keys to iPhone? Best practices thoughts?

Post by parityboy » Tue Feb 14, 2017 1:09 am

@mjyxx

If you mean creating QR codes from the (un)hashed access token, then yes that is a useful tool. It's something I do for my Nexus 4, and would actually be a nice addition for the in-browser token delivery page.
Top
Locked

Return to “general chat, suggestions, industry news”