Open DanielSmedegaardBuus opened 3 years ago
I do not see rc4
as part of the official list of supported ciphers: https://openvpn.net/vpn-server-resources/change-encryption-cipher-in-access-server/
Am I missing something?
Hmm... Good question. I kinda assumed that it would support anything that openssl
supports, since it seems to be using its libraries for encryption. But it might not. none
is in the list, though, that would be nice, too :D
I think we should test OpenVPN 2.5 with --data-ciphers AES-128-GCM:AES-256-GCM:none
to see if all 3 algorithms are possible. This has to be tested by changing the config both on the server side and on the client side.
I think it is worth it to try it out, but I can not promise a date at this point.
I noticed that in the desktop client I could select none
for encryption. So at least for feature parity's sake, it'd be nice if these scripts would support that, too :)
Feature parity is also achieved by removing none
from the apps. 😄
Feature parity is also achieved by removing
none
from the apps. 😄
Ha ha :D Very true!
Hi :)
Absolutely awesome that you've made this option available for us Linux folk. I found an old Android TV stick in the drawer, threw Armbian on it, and off we go to the races! Well, the pony races :D Because this is a seriously underpowered device.
I can manage ~ 4MBps data transfer via OpenVPN and this script. However, doing a bit of openssl performance testing, it reveals that if only I could use the
rc4
cipher rather thanaes-128-cbc
, I'd get about twice the performance.Beggars can't be choosers, I get that, but here's one beggar begging for the ability (even unofficially, as I already tried this unofficially by editing the ovpn config file) to chose between more ciphers — at least this one, which AFAIR from my semi-sysadmin days, is a stellar performer always, even if not as secure as the rest of them.
Still, if not, thanks anyway for this piece of awesomeness :)