Hi,
On Mon, Apr 26, 2021 at 09:16:39PM +, Marc Lasch via Openvpn-users wrote:
> WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This
> allows attacks like SWEET32. Mitigate by using a --cipher with a larger
> block size (e.g. AES-256-CBC).
>
> Somehow BF-CBC seems to
Hello,
I have a rather large installation with 2.4.9 clients connecting to 2.4.4
servers. Servers and clients use the default cipher and ncp-cipher settings
which points to BF-CBC and AES-256-GCM:AES-128-GCM respectively, according to
the documentation.
The cipher negotiation works in most case
