OpenVPN using SHA1 instead of SHA512

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
petrocelli1966
OpenVPN User
Posts: 22
Joined: Wed Dec 23, 2020 10:12 pm

OpenVPN using SHA1 instead of SHA512

Post by petrocelli1966 » Fri Dec 25, 2020 5:17 am

Hi All,
I am seeing a strange entry on the logs. I am trying to get OpenVPN gping on OmniOS and I am having two difficulties. One is that in the logs I am seeing
"using 160 bit message hash 'SHA1' for hmac authentication. This is strange because in the vars file, I selected EASYRSA_DIGEST "sha512" so I can't figure why it's still using sha1. Can anyone help me out please?
Top
petrocelli1966
OpenVPN User
Posts: 22
Joined: Wed Dec 23, 2020 10:12 pm

Re: OpenVPN using SHA1 instead of SHA512 [SOLVED]

Post by petrocelli1966 » Fri Dec 25, 2020 6:08 am

Ouch. My bad. Sorry. I just realized i missed "auth SHA512" in the server.conf file.
Top
TinCanTech
OpenVPN Protagonist
Posts: 11139
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN using SHA1 instead of SHA512

Post by TinCanTech » Fri Dec 25, 2020 3:50 pm

Just so you understand, using SHA512 is wasting CPU cycles on your VPN nodes.

--auth SHA1 (The default) is absolutely all you need as the Auth HMAC.
Top
petrocelli1966
OpenVPN User
Posts: 22
Joined: Wed Dec 23, 2020 10:12 pm

Re: OpenVPN using SHA1 instead of SHA512

Post by petrocelli1966 » Thu Dec 31, 2020 8:13 am

Thanks for that reminder. That is true.
Top
Post Reply

Return to “Configuration”