Browse code
doc: fix typos in cipher-negotiation.rst
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20200815120522.1404-3-mkroken@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20748.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit e33f44754a5f81ea013070dba3cdc162f41d1257)
Magnus Kroken authored on 2020/08/15 21:05:22Showing 1 changed files
| ... | ... |
@@ -38,7 +38,7 @@ options to avoid this behaviour. |
| 38 | 38 |
OpenVPN 3 clients |
| 39 | 39 |
----------------- |
| 40 | 40 |
Clients based on the OpenVPN 3.x library (https://github.com/openvpn/openvpn3/) |
| 41 |
-do not have a configurable ``--ncp-ciphers`` or ``--data-cipher`` option. Instead |
|
| 41 |
+do not have a configurable ``--ncp-ciphers`` or ``--data-ciphers`` option. Instead |
|
| 42 | 42 |
these clients will announce support for all their supported AEAD ciphers |
| 43 | 43 |
(`AES-256-GCM`, `AES-128-GCM` and in newer versions also `Chacha20-Poly1305`). |
| 44 | 44 |
|
| ... | ... |
@@ -90,7 +90,7 @@ version. The default was never changed to ensure backwards compatibility. |
| 90 | 90 |
In OpenVPN 2.5 this behaviour has now been changed so that if the ``--cipher`` |
| 91 | 91 |
is not explicitly set it does not allow the weak ``BF-CBC`` cipher any more |
| 92 | 92 |
and needs to explicitly added as ``--cipher BFC-CBC`` or added to |
| 93 |
-``-data-ciphers``. |
|
| 93 |
+``--data-ciphers``. |
|
| 94 | 94 |
|
| 95 | 95 |
We strongly recommend to switching away from BF-CBC to a |
| 96 | 96 |
more secure cipher as soon as possible instead. |