OpenVPN 2.4 and pure elliptic curve crypto setup

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
matt3226
OpenVPN User
Posts: 35
Joined: Wed May 17, 2017 4:24 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by matt3226 » Tue Jul 18, 2017 12:40 pm

Congratulation in making openvpn with ec work!! This is for sure achievement!
Nah, it's all thanks to you ! If you didn't help me troubleshoot, I was likely to have never figured it out (or it could take a really long time :lol: )

root account? it's super easy that's why I do it, hate typing in sudo command everytime, just do sudo -s once. Much easier, I only do sudo -s when I'm making lots of changes, typing in sudo command can be very annoying.

I followed the github link and added one more option: reneg-sec 300

Last thing, why did you install the openssl in the /opt directory ? I could just install it anywhere right?

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Tue Jul 18, 2017 12:42 pm

yes. you can install anywhere

matt3226
OpenVPN User
Posts: 35
Joined: Wed May 17, 2017 4:24 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by matt3226 » Tue Jul 18, 2017 12:45 pm

Okay, great !

I think this thread (and the troubleshooting) is concluded.

It's been great, what an informative thread this is ! There's a tutorial and there's a troubleshooting, just perfect...learned a lot from you !

Thanks a bunch man !

matt3226
OpenVPN User
Posts: 35
Joined: Wed May 17, 2017 4:24 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by matt3226 » Tue Jul 18, 2017 1:52 pm

Okay, so I've started fresh and did the init-pki command

On connect, I get:

Code: Select all

Tue Jul 18 13:45:45 2017 VERIFY OK: depth=1, C=, ST=, L=, CN=vpn-server
Tue Jul 18 13:45:45 2017 VERIFY KU OK
Tue Jul 18 13:45:45 2017 Validating certificate extended key usage
Tue Jul 18 13:45:45 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jul 18 13:45:45 2017 VERIFY EKU OK
Tue Jul 18 13:45:45 2017 VERIFY X509NAME ERROR: C=, ST=, L=, CN=vpn-server,must be EC-test 
Tue Jul 18 13:45:45 2017 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Tue Jul 18 13:45:45 2017 TLS_ERROR: BIO read tls_read_plaintext error
Tue Jul 18 13:45:45 2017 TLS Error: TLS object -> incoming plaintext read error
Tue Jul 18 13:45:45 2017 TLS Error: TLS handshake failed

I've updated my common name to vpn-server and the one old was EC-test

VERIFY X509NAME ERROR: C=, ST=, L=, CN=vpn-server,must be EC-test


It seems that not everything is switching to the new common name vpn-server, what should I do with this?

I promise this is the last thing ! :D



EDIT: This too, something worth mentioning:
WARNING: mbed TLS builds do not support specifying an ECDH curve, using default curves.
Last edited by matt3226 on Tue Jul 18, 2017 1:59 pm, edited 1 time in total.

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Tue Jul 18, 2017 1:57 pm

well... as I told you there are many possible options in openvpn configs. You have to read about them and use accordingly.

For above problem for me it looks that removing

verify-x509-name EC-test name

from client config would solve the issue. But you have to test:)

matt3226
OpenVPN User
Posts: 35
Joined: Wed May 17, 2017 4:24 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by matt3226 » Tue Jul 18, 2017 2:00 pm

I removed it, still showing same problem..rebooted too !

Now it's verify-x509-name vpn-server name

Should work, it worked before..?


EDIT: Okay, I overlooked the most simplest thing, I forgot to import the updated config in the vpn gui ! :lol:

Fun fact, the ovpn file sizes are smaller too on ECC ! Here's an imgur


Left is old right is new.

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Tue Jul 18, 2017 2:23 pm

If it worked before it means you changed something - isn't it obvious? Happy debugging:)

Removing it all together is fastest way to fix it. Unless you need it for specific reasons.

matt3226
OpenVPN User
Posts: 35
Joined: Wed May 17, 2017 4:24 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by matt3226 » Mon Jul 24, 2017 1:06 am

How to make the latest OpenVPN version backwards compatible with older versions?

tls-crypt is not supported on both android and ios at the moment (if using the openvpn connect app)

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Mon Jul 24, 2017 7:39 am

the latest OpenVPN is backwards compatible.

If you want use the mix environment with different clients you have to go for the lowest common denominator. Simply only use parameters supported by all versions you have to use.

yunkpoon2
OpenVpn Newbie
Posts: 4
Joined: Sun Aug 10, 2014 7:29 am

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by yunkpoon2 » Sat Sep 30, 2017 5:54 am

Hi, I have tried this configuration and connect to server via Mac client. However, when I try to do the same on iOS client. I get mismatched TLS error from server side log. Any luck?

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Fri Oct 13, 2017 3:09 am

iOS client does not support elliptic crypto nor any new openvpn features introduced in 2.4

jimdoe
OpenVPN User
Posts: 41
Joined: Fri Oct 13, 2017 10:22 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by jimdoe » Sat Oct 14, 2017 8:04 am

Unfortunately I haven't gotten off to a great start on this forum as a moderator moved my post from this thread as they deemed it a thread hijack :( anyway, seeing as my thanks was moved along with it, just wanted to thank you for this thread and all the helpful posts. I got into openvpn because of my interest in EC crypto, and seeing as there wasn't much documentation for 2.4 or ec crypto back when I started in the summer, this was one of the first things that popped up in google, and it's been an excellent reference guide to setting it up on a pi :)

Since I guess I have to keep it to ec only, I will ask the second part of my post: do you think ChaCha20-Poly1305 will be easier for the pi to handle? It seems from some reading that it benefits openvpn clients on older phones that don't have hardware AES, but does it make a difference to the server pi?

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Sun Oct 15, 2017 1:49 pm

Yes. RPi platform is perfect example where cha cha makes a lot of sense due to lack of hardware support for AES encryption. Cha cha performance is superior to AES when implemented in software.

On the other hand because there is no support for ec in openvpn client on iOS devices I run two instances of openvpn. One with classic RSA keys on port 443/TCP - perfect to connect even on most restrictive WiFi networks and working on my phone as well. And one using standard openvpn port/UDP and pure ec setup for more demanding tasks when working on my laptop.

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Tue Oct 17, 2017 10:21 am

Also below my openvpn_ec.conf part with crypto parameters definition:

Code: Select all

ecdh-curve brainpoolP512r1

# Data channel
ncp-ciphers AES-256-GCM
cipher AES-256-GCM
auth SHA512

# Control channel (TLS)
tls-cipher TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
tls-version-min 1.2
tls-crypt /etc/openvpn/ECCkeys/tc.key

GainfulShrimp
OpenVpn Newbie
Posts: 12
Joined: Tue May 12, 2015 10:00 am

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by GainfulShrimp » Fri Jan 12, 2018 10:43 am

dariusz wrote:
Mon Jul 17, 2017 7:03 pm
and systemd. It is relatively simple and you will find plenty of info on the net.

quick hack as you have already 2.3.4 installed is just edit /lib/systemd/system/openvpn@.service

and make sure that below line points into your 2.4 openvpn file instead of 2.3

ExecStart=/usr/local/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf

also you will have to recompile your openvpn to enable systemd if not done already.

./configure \
--enable-systemd \
--with-crypto-library=mbedtls

Happy tinkering:)
I've just been looking at this - i.e. amending systemd config to use my self-built version of OpenVPN rather than the system default version.

I'm not an expert on systemd by any stretch, but I worked out a 'better' way to override the vendor-supplied systemd file with local customisations, without touching the original service template (which is considered bad practice). I thought I'd share it here in case it helps anyone else.

You need to create an 'override.conf' file for the relevant service. In this case, it's a service template, because you can have multiple instances of openvpn-client and/or openvpn-server on the same box (running on different ports, of course).

The template I wanted to override was:

Code: Select all

/lib/systemd/system/openvpn-server@.service
Which means I need to create the following path/file:

Code: Select all

/etc/systemd/system/openvpn-server@.service.d/override.conf
Rather than creating the correct path and file myself, systemd can do it. You just:

Code: Select all

sudo systemctl edit openvpn-server@
This will open your default text editor with a blank document (unless you've already got an override file with previous changes), into which you can insert new sections or items in the unit file, or if you re-use exiting sections/items, you *override* the existing values with your own new ones.

In this case, we want to amend the ExecStart item within the [Service] section:

Code: Select all

[Service]
ExecStart=
ExecStart=/usr/local/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
Notice that the first, empty, setting for ExecStart effectively resets it to blank. This is necessary for the next line (with our new path to openvpn executable) to work properly, as you can only have one ExecStart item.

Save and exit, then you'll find the override file has been created in the correct location for you.

To apply the new override, you just need to:

Code: Select all

sudo systemctl daemon-reload
Then, if you (stop and) start a openvpn-server service instance, you'll find it uses your custom version of openvpn. So, for example, if your openvpn server config is at /etc/openvpn/server/myudpserver.conf, then you'd stop, start, enable and check the service using these commands:

Code: Select all

sudo systemctl stop openvpn-server@myudpserver
sudo systemctl start openvpn-server@myudpserver
sudo systemctl enable openvpn-server@myudpserver
sudo systemctl status openvpn-server@myudpserver

bbuckm
OpenVPN User
Posts: 39
Joined: Thu Apr 26, 2018 2:45 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by bbuckm » Thu Apr 26, 2018 2:50 pm

dariusz, thank you for publishing your reasearch into this topic. I have taken the liberty of turning it into a tutorial, featuring the new Ubuntu 18.04, which launches today: OpenVPN with Elliptic Curve Cryptography on Ubuntu 18.04

dariusz
OpenVPN Power User
Posts: 94
Joined: Sat Jan 14, 2017 1:42 pm

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by dariusz » Sat May 12, 2018 1:06 pm

@bbuckm Thanks for mentioning this thread:)

yurtesen
OpenVpn Newbie
Posts: 3
Joined: Fri Mar 20, 2020 11:09 am

Re: OpenVPN 2.4 and pure elliptic curve crypto setup

Post by yurtesen » Fri Mar 20, 2020 12:14 pm

One question, I am using elliptic curve and did NOT setup `tls-auth` or `tls-crypt` files. Yet in logs I see:

Code: Select all

Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 521 bit EC, curve: secp521r1
So the control channel is encrypted, what extra security does using `tls-crypt` add to this? and does it make difference if one is using UDP or TCP?

Post Reply