OpenVPN Cipher Negotiation (Quick reference)
This wiki defines the expected behaviour of Cipher Negotiation between common configurations of OpenVPN servers and clients.
OpenVPN would like to know about any unexpected behaviour.
For full details please see:
https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/cipher-negotiation.rst
Effective directives
2.5: --data-ciphers ALG:ALG
- Data channel ciphers. Default ALG
AES-256-GCM:AES-128-GCM
2.5: --data-cipher-fallback ALG
- Fallback data channel cipher.
All: --cipher ALG
- Data channel cipher. Will be deprecated.
In OpenVPN 2.5 --cipher
does not have a default ALG
.
In OpenVPN upto 2.4 the default ALG
is BF-CBC.
2.4: --ncp-disable
- Disable NCP - Deprecated.
Common configurations
Commonly expected configurations of the Effective directives above.
Servers
- Version 2.5
- Default configuration: No effective directives specified.
- Configuring:
--data-ciphers
and --cipher
- Version 2.4
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Configuring:
--cipher
and --ncp-disable
- Version 2.3
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.2
- Default configuration: No effective directives specified.
- Configuring: All bets are off - Upgrade now!
Clients
- Version 2.5
- Default configuration: No effective directives specified.
- Version 2.4
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.3
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.2
- Default configuration: No effective directives specified.
- Configuring: All bets are off - Upgrade now!
Expected Behaviour indexed by Server version
Server version 2.5
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP
|
---|
- | - | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | Yes | OK. AES-256-GCM
|
AES-256-CBC | Yes | OK. AES-256-GCM
|
BF-CBC | Yes | OK. AES-256-GCM
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.5 Configuring: --data-ciphers
and --cipher
--cipher | --data-ciphers | -fallback | NCP
|
---|
BF-CBC | AES-256-GCM:AES-128-GCM:AES-256-CBC | - | Yes
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.4
Default configuration: No effective directives specified.
--cipher | --ncp-ciphers | NCP
|
---|
- | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.4 Configuring: --cipher
--cipher | --ncp-ciphers | NCP
|
---|
AES-256-CBC | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.4 Configuring: --cipher
and --ncp-disable
--cipher | --ncp-ciphers | NCP
|
---|
AES-256-CBC | - | No
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-CBC
|
---|
BF-CBC | - | - | Yes | Fail (no shared cipher)
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Yes | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Yes | OK. AES-256-CBC
|
---|
BF-CBC | - | Yes | Fail (no shared cipher)
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.3
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Weak BF-CBC
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | Denied | Weak BF-CBC
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.3 Configuring: --cipher
--cipher | NCP
|
AES-256-CBC | No
|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | Denied | Fail (no shared cipher)
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.2
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Weak BF-CBC
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Weak BF-CBC
|
---|
AES-256-CBC | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | Denied | Weak BF-CBC
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.2 Configuring: --cipher
--cipher | NCP
|
CAMELLIA-128-CBC | No
|
- Medal to you if you know what to do ..
Corner case: OpenVPN built with --enable-small
TODO.
Only effects .. ?
Please contact OpenVPN if you have issues related to --enable-small
And some fun ;-) An early version.
--cipher
|
--data-cipher
|
-fallback
|
NCP
|
Expected
|
Client
|
Server
|
Client
|
Server
| |
Client
|
Server
| |
-
|
-
|
-
|
AES-256-GCM:AES-128-GCM
| |
YES
|
YES
|
OK
|
Even ..
|