I'm setting up a Teltonika device for OOB access for a remote location. I wanted to go with Opengear but they don't have anything in stock for 14-16 weeks!<p>Anyways, Teltonika is a pretty nice product and their RMS central hub makes using the product even easier by allowing you to connect to their device at all times.<p>But there's one huge caveat for me. They allow the downloading of openvpn configs even after you create them and those configs contain all the keys in the clear, no passphrase required.<p>If someone were to hack their RMS app, they could essentially connect directly to all the internal networks of their customers by downloading these openvpn configs.<p>Am I right in being paranoid about this ? I suggested they stop storing what's essentially their customers' passwords in the clear or at least add a passphrase but they claim their security is top notch and I shouldn't be worried: about a third party having direct access to our internal network while they store all the vpn keys in the clear.<p>Am I paranoid here ?