As reported in trac #732, the man page text for --cipher is no longer
accurate. Update the text to represent current knowledge, about NCP and
SWEET32.
This does not hint at changing the default cipher, because we did not make
a decision on that yet. If we do change the default cipher, we'll have to
update the text to reflect that.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1473605431-20842-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12439.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -4110,25 +4110,26 @@ Encrypt data channel packets with cipher algorithm |
4110 | 4110 |
The default is |
4111 | 4111 |
.B BF-CBC, |
4112 | 4112 |
an abbreviation for Blowfish in Cipher Block Chaining mode. |
4113 |
-Blowfish has the advantages of being fast, very secure, and allowing key sizes |
|
4114 |
-of up to 448 bits. Blowfish is designed to be used in situations where |
|
4115 |
-keys are changed infrequently. |
|
4116 | 4113 |
|
4117 |
-For more information on blowfish, see |
|
4118 |
-.I http://www.counterpane.com/blowfish.html |
|
4114 |
+Using BF-CBC is no longer recommended, because of it's 64-bit block size. This |
|
4115 |
+small block size allows attacks based on collisions, as demonstrated by SWEET32. |
|
4119 | 4116 |
|
4120 |
-To see other ciphers that are available with |
|
4121 |
-OpenVPN, use the |
|
4117 |
+To see other ciphers that are available with OpenVPN, use the |
|
4122 | 4118 |
.B \-\-show\-ciphers |
4123 | 4119 |
option. |
4124 | 4120 |
|
4125 |
-OpenVPN supports the CBC, CFB, and OFB cipher modes, |
|
4126 |
-however CBC is recommended and CFB and OFB should |
|
4127 |
-be considered advanced modes. |
|
4128 |
- |
|
4129 | 4121 |
Set |
4130 | 4122 |
.B alg=none |
4131 | 4123 |
to disable encryption. |
4124 |
+ |
|
4125 |
+As of OpenVPN 2.4, cipher negotiation (NCP) can override the cipher specified by |
|
4126 |
+.B \-\-cipher\fR. |
|
4127 |
+See |
|
4128 |
+.B \-\-ncp-ciphers |
|
4129 |
+and |
|
4130 |
+.B \-\-ncp-disable |
|
4131 |
+for more on NCP. |
|
4132 |
+ |
|
4132 | 4133 |
.\"********************************************************* |
4133 | 4134 |
.TP |
4134 | 4135 |
.B \-\-ncp\-ciphers cipher_list |
... | ... |
@@ -4141,6 +4142,19 @@ is a colon-separated list of ciphers, and defaults to |
4141 | 4141 |
For servers, the first cipher from |
4142 | 4142 |
.B cipher_list |
4143 | 4143 |
will be pushed to clients that support cipher negotiation. |
4144 |
+ |
|
4145 |
+Cipher negotiation is enabled in client-server mode only. I.e. if |
|
4146 |
+.B \-\-mode |
|
4147 |
+is set to 'server' (server-side, implied by setting |
|
4148 |
+.B \-\-server |
|
4149 |
+), or if |
|
4150 |
+.B \-\-pull |
|
4151 |
+is specified (client-side, implied by setting \-\-client). |
|
4152 |
+ |
|
4153 |
+If both peers support and do not disable NCP, the negotiated cipher will |
|
4154 |
+override the cipher specified by |
|
4155 |
+.B \-\-cipher\fR. |
|
4156 |
+ |
|
4144 | 4157 |
.\"********************************************************* |
4145 | 4158 |
.TP |
4146 | 4159 |
.B \-\-ncp\-disable |