Changes between Version 7 and Version 8 of Openvpn24ManPage
- Timestamp:
- 12/27/16 12:42:52 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Openvpn24ManPage
v7 v8 3659 3659 <P> 3660 3660 IV_LZ4=1 -- if the client supports LZ4 compressions. 3661 <P>3662 IV_RGI6=1 -- if the client supports3663 <B>--redirect-gateway</B>3664 3665 for ipv63666 3661 <P> 3667 3662 IV_PROTO=2 -- if the client supports peer-id floating mechansim … … 5940 5935 <B>n</B> 5941 5936 5942 bytes sent or received (disabled by default ).5937 bytes sent or received (disabled by default with an exception, see below). 5943 5938 OpenVPN allows the lifetime of a key 5944 to be expressed as a number of bytes encrypted/decrypted, a number of packets, or5945 a number of seconds. A key renegotiation will be forced5939 to be expressed as a number of bytes encrypted/decrypted, a number of packets, 5940 or a number of seconds. A key renegotiation will be forced 5946 5941 if any of these three criteria are met by either peer. 5942 <P> 5943 If using ciphers with cipher block sizes less than 128-bits, --reneg-bytes is 5944 set to 64MB by default, unless it is explicitly disabled by setting the value to 5945 0, but this is 5946 <B>HIGHLY DISCOURAGED</B> 5947 5948 as this is designed to add some protection against the SWEET32 attack vector. 5949 For more information see the --cipher option. 5947 5950 5948 5951 <DT><B>--reneg-pkts n</B> … … 6122 6125 gives a peer nothing more than the power to initiate a TLS 6123 6126 handshake. It is not used to encrypt or authenticate any tunnel data. 6127 <P> 6128 Use 6129 <B>--tls-crypt</B> 6130 6131 instead if you want to use the key file to not only authenticate, but also 6132 encrypt the TLS control channel. 6124 6133 6125 6134 <DT><B>--tls-crypt keyfile</B> … … 8961 8970 <A HREF="/cgi-bin/man/man2html">man2html</A>, 8962 8971 using the manual pages.<BR> 8963 Time: 12: 29:11 GMT, December 16, 20168972 Time: 12:41:06 GMT, December 27, 2016 8964 8973 }}}