Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
julowelu2017-02-07 12:23:19
linux
julowelu, 2017-02-07 12:23:19

What are the strange errors that OpenVPN gives out while running?

Strange nonsense happens after connecting to OpenVPN on Linux.
At first, everything is fine:
Initialization Sequence Completed
But then, at some point, garbage begins, while vpn does not fall off and continues to work.
Here is what appears in the console

WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
TLS: soft reset sec=0 bytes=165368510/-1 pkts=204373/0
VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=server1, [email protected]
VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server1, name=server1, [email protected]
Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

What does it mean?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
vaut, 2017-02-07
@vaut

It also clearly says that you are using weak encryption.

Similar questions
T
TreShk02018-02-09 17:55:24
How to solve the problem with GParted? 2Reply
R
Ruslan Absalyamov2018-02-10 14:04:26
How to set up yii2 on linux? 1Reply
V
Vitaliy Vvitto2015-10-06 14:16:49
How to reinstall Ubuntu from a flash drive? 3Reply
M
magicwbp2020-04-21 12:48:16
Linux on External SSD issues Reboot and select proper boot device, how to fix it? 1Reply
D
DILYAR2018-02-11 02:30:14
How to automatically change the password in the config? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question