OpenVPN Cipher Negotiation (Quick reference)
This wiki defines the expected behaviour of Cipher Negotiation between common configurations of OpenVPN servers and clients.
- OpenVPN would like to know about any:
- Unexpected behaviour.
- Errors on this page.
For full details please see:
https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/cipher-negotiation.rst
Effective directives
2.5: --data-ciphers ALG:ALG
- Data channel ciphers. Default ALG
AES-256-GCM:AES-128-GCM
2.5: --data-ciphers-fallback ALG
- Fallback data channel cipher.
All: --cipher ALG
- Data channel cipher. Will be deprecated.
In OpenVPN 2.5 --cipher
does not have a default ALG
.
In OpenVPN up to 2.4 the default ALG
is BF-CBC.
2.4: --ncp-disable
- Disable NCP - Deprecated.
Common configurations
Commonly expected configurations of the Effective directives above.
Servers
- Version 2.5
- Default configuration: No effective directives specified.
- Configuring:
--data-ciphers
and --cipher
- Version 2.4
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Configuring:
--cipher
and --ncp-disable
- Version 2.3
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.2
- Default configuration: No effective directives specified.
- Configuring: All bets are off - Upgrade now!
Clients
- Version 2.5
- Default configuration: No effective directives specified.
- Version 2.4
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.3
- Default configuration: No effective directives specified.
- Configuring:
--cipher
- Version 2.2
- Default configuration: No effective directives specified.
- Configuring: All bets are off - Upgrade now!
Expected Behaviour indexed by Server version
Server version 2.5
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP
|
---|
- | - | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
- | AES-256-GCM: AES-128-GCM: AES-256-CBC: BF-CBC | - | Yes | OK. AES-256-GCM
|
---|
- | AES-256-CBC | - | Yes | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | Yes | OK. AES-256-GCM
|
AES-256-CBC | Yes | OK. AES-256-GCM
|
BF-CBC | Yes | OK. AES-256-GCM
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.5 Configuring: --data-ciphers
and --cipher
--cipher | --data-ciphers | -fallback | NCP
|
---|
BF-CBC | AES-256-GCM:AES-128-GCM:AES-256-CBC | - | Yes
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.4
Default configuration: No effective directives specified.
--cipher | --ncp-ciphers | NCP
|
---|
- | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.4 Configuring: --cipher
--cipher | --ncp-ciphers | NCP
|
---|
AES-256-CBC | - | Yes
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | - | Yes | OK. AES-256-GCM
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Yes | OK. AES-256-GCM
|
---|
AES-256-CBC | - | Yes | OK. AES-256-GCM
|
---|
BF-CBC | - | Yes | OK. AES-256-GCM
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.4 Configuring: --cipher
and --ncp-disable
--cipher | --ncp-ciphers | NCP
|
---|
AES-256-CBC | - | No
|
---|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | Denied | Fail (no shared cipher)
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.3
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Weak BF-CBC
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | Denied | Weak BF-CBC
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.3 Configuring: --cipher
--cipher | NCP
|
AES-256-CBC | No
|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | Denied | Fail (no shared cipher)
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
Server version 2.2
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Weak BF-CBC
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Weak BF-CBC
|
---|
AES-256-CBC | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | Denied | Weak BF-CBC
|
---|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
--cipher | NCP | Connection
|
- | No | Weak BF-CBC
|
AES-256-CBC | No | Fail (no shared cipher)
|
BF-CBC | No | Weak BF-CBC
|
Server version 2.2 Configuring: --cipher
--cipher | NCP
|
AES-256-CBC | No
|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
--cipher | --ncp-ciphers | NCP | Connection
|
---|
- | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | Denied | OK. AES-256-CBC
|
---|
BF-CBC | - | Denied | Fail (no shared cipher)
|
---|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
--cipher | NCP | Connection
|
- | No | Fail (no shared cipher)
|
AES-256-CBC | No | OK. AES-256-CBC
|
BF-CBC | No | Fail (no shared cipher)
|
Corner case: OpenVPN built with --enable-small
Server version 2.3 built with --enable-small
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
- | - | BF-CBC | Denied | Weak BF-CBC
|
---|
Server version 2.3 built with --enable-small
Configuring: --cipher
--cipher | NCP
|
AES-256-CBC | No
|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
- | - | AES-256-CBC | Denied | OK. AES-256-CBC
|
---|
Client version 2.3 built with --enable-small
Default configuration: No effective directives specified.
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
- | - | BF-CBC | Denied | Weak BF-CBC
|
---|
Client version 2.3 built with --enable-small
Configuring: --cipher
--cipher | NCP
|
AES-256-CBC | No
|
--cipher | --data-ciphers | -fallback | NCP | Connection
|
---|
- | - | - | Denied | Fail (no shared cipher)
|
---|
AES-256-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
BF-CBC | - | - | Denied | Fail (no shared cipher)
|
---|
- | - | AES-256-CBC | Denied | OK. AES-256-CBC
|
---|