Re: [Openvpn-users] question about "WARNING: this cipher's block size is less than 128 bit"

Sat, 17 Dec 2016 02:15:53 -0800 

Hi,

some small (but significant!) followup on this discussion...

On Tue, Nov 08, 2016 at 12:17:55PM +1300, Jason Haar wrote:
[..]
> All right, let's get this clear for me and for others :-)
> 
> If I have a 2.4 server, I can set it to "cipher BF-CBC" and keep all the
> 2.3 clients happy. Then I can migrate the clients to 2.4 (even with "cipher
> BF-CBC" too), and as they come in, they  negotiate before "cipher" matters
> and go AES-256-GCM: basically "--cipher" is ignored in 2.4+ transactions?

This is still true, but there is new magic to 2.4 now :-)

You can run a 2.4 server on "cipher BF-CBC" now, and add the following
to your 2.4 server config:

ncp-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC:AES-192-CBC:AES-256-CBC

and having *that*, you can just add

  "cipher AES-128-CBC"

to your 2.3 *client* config (any of the ciphers in the list which are
supported in 2.3, -GCM variants are not).


When the 2.3 client connects, it will send its configure options to
the server for OCC validation - and with the latest and greatest patches
from Steffan, the server will look at the client's "cipher", validate
it against its "ncp-cipher" list, and if the cipher is permitted, just
switch the server side to use the same cipher.

You'll see it in the logs on the server:

Dec 16 15:37:03 serv2 openvpn[74863]: SomeUser/1.2.3.4 Using peer cipher 
'AES-192-CBC'

(the client will warn about option mismatch, but this is harmless in 
this particular situation)


I use this to migrate my users one-by-one away from BF-CBC - so the server
is ready, and clients can decide to ugpgrade to 2.4_rc*, or just stick to
what they have and add "cipher AES-192-CBC" to their config, and done.

Not saying that this is the way it has to be done, but it's a nice way
to transact a large user base without a flag day.

(Main reason we can't stick to BF-CBC is that we use OTP passwords and
with "reneg-bytes 64M" it's asking way too often for user+password...)

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             g...@greenie.muc.de
fax: +49-89-35655025                        g...@net.informatik.tu-muenchen.de

Attachment: signature.asc
Description: PGP signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to