Tweet
Hello,
I am submitting an errata report for the tutorial at https://openvpn.net/community-resources/how-to/.
The section titled “Larger symmetric keys” needs to be verified because it appears to be outdated. It states, “By default OpenVPN uses Blowfish, a 128 bit symmetrical cipher.” But when I use Google AI to search, it states that AES-256-GCM is the default cipher for OpenVPN. Therefore, this section may need to be updated, especially where it states, “For example, the 256-bit version of AES (Advanced Encryption Standard) can be used by adding the following to both server and client configuration files: cipher AES-256-CBC.” But the AES-256-GCM cipher is preferable versus AES-256-CBC and is the default for OpenVPN? Please verify.
Kind regards,
Travis Bean
I am submitting an errata report for the tutorial at https://openvpn.net/community-resources/how-to/.
The section titled “Larger symmetric keys” needs to be verified because it appears to be outdated. It states, “By default OpenVPN uses Blowfish, a 128 bit symmetrical cipher.” But when I use Google AI to search, it states that AES-256-GCM is the default cipher for OpenVPN. Therefore, this section may need to be updated, especially where it states, “For example, the 256-bit version of AES (Advanced Encryption Standard) can be used by adding the following to both server and client configuration files: cipher AES-256-CBC.” But the AES-256-GCM cipher is preferable versus AES-256-CBC and is the default for OpenVPN? Please verify.
Kind regards,
Travis Bean