Closed navarroaxel closed 6 years ago
This is indeed a problem and did not had priority yet.
I think its best to check on application start if default keys are installed and give an option to autogenerate them or manually set them as not everyone uses .deb packages.
Thanks and best regards Rene
Since version 0.4.0 there is now a setup wizard which change the AES key.
The
config.h
has theaeskey
andaesiv
installed by default. Thisaeskey
is copied to a config file on my home folder when I install the Deb package. Could be autogenerated on the .deb package installation?The IV is not configurable. Right?
I think this is a security issue. And makes my VPN password easily readable with the default config.
OS Ubuntu MATE 16.04.3 LTS amd64