Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
julowelu2017-02-07 12:23:19
linux
julowelu, 2017-02-07 12:23:19

What are the strange errors that OpenVPN gives out while running?

Strange nonsense happens after connecting to OpenVPN on Linux.
At first, everything is fine:
Initialization Sequence Completed
But then, at some point, garbage begins, while vpn does not fall off and continues to work.
Here is what appears in the console

WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
TLS: soft reset sec=0 bytes=165368510/-1 pkts=204373/0
VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=server1, [email protected]
VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server1, name=server1, [email protected]
Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

What does it mean?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
vaut, 2017-02-07
@vaut

It also clearly says that you are using weak encryption.

Similar questions
O
OKNOZA2015-06-21 23:31:05
Can I not use NodeJS templating engine? 7Reply
E
elementalist2021-06-02 17:15:04
2 subnets on Mikrotik - LAN and video surveillance. How to get access from LAN to the DVR? 3Reply
H
HoShik2021-02-26 20:05:03
Why is the server not rebooting via cron? 2Reply
R
Rozello2021-02-26 20:05:08
Is the partition with the GRUB bootloader encrypted in Ubuntu if you specify during installation that you want to use disk encryption? 2Reply
D
Dmitry Skogorev2015-02-25 15:54:59
What is the easiest and best way to make an incremental backup? 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question