How to change Cipher to avoid SWEET32?

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
bluudz
OpenVpn Newbie
Posts: 6
Joined: Wed Mar 29, 2017 10:46 am

How to change Cipher to avoid SWEET32?

Post by bluudz » Wed Mar 29, 2017 11:03 am

Hello. I have recently set up my VPN server. Everything is working fine, but I'm getting error to use better cipher to avoid SWEET32 attack. I have access to both server and client so upgrading Cipher should be possible. I'm not very experienced and I'm afraid of breaking something to be honest. Could someone let me know how exactly update cipher to AES-256-CBC on both server and client side?

Thank you very much
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to change Cipher to avoid SWEET32?

Post by TinCanTech » Wed Mar 29, 2017 12:02 pm

https://community.openvpn.net/openvpn/wiki/SWEET32
Top
bluudz
OpenVpn Newbie
Posts: 6
Joined: Wed Mar 29, 2017 10:46 am

Re: How to change Cipher to avoid SWEET32?

Post by bluudz » Wed Mar 29, 2017 3:09 pm

Ok so if I understand correctly only think I have to do is to change server.conf and client.ovpn entry of cipher to AES-256-CBC? Is that correct?
Top
Post Reply

Return to “Server Administration”