Context Navigation

Changes between Version 16 and Version 17 of HOWTO

Timestamp:: 07/25/14 15:22:04 (10 years ago)
Author:: Samuli Seppänen
Comment:: Continued fixing formatting

Legend:

: Unmodified
: Added
: Removed
: Modified

HOWTO

-                      v16
+                      v17
 == Larger symmetric keys ==
 By default OpenVPN uses Blowfish, a 128 bit symmetrical cipher.
+By default OpenVPN uses '''Blowfish''', a 128 bit symmetrical cipher.
 OpenVPN automatically supports any cipher which is supported by the OpenSSL library, and as such can support ciphers which use large key sizes. For example, the 256-bit version of AES (Advanced Encryption Standard) can be used by adding the following to both server and client configuration files:
     cipher AES-256-CBC
+Keep the root key (ca.key) on a standalone machine without a network connection
+{{{
+cipher AES-256-CBC
+}}}
+== Keep the root key (ca.key) on a standalone machine without a network connection ==
 One of the security benefits of using an X509 PKI (as OpenVPN does) is that the root CA key (ca.key) need not be present on the OpenVPN server machine. In a high security environment, you might want to specially designate a machine for key signing purposes, keep the machine well-protected physically, and disconnect it from all networks. Floppy disks can be used to move key files back and forth, as necessary. Such measures make it extremely difficult for an attacker to steal the root key, short of physical theft of the key signing machine.
+Revoking Certificates
+Revoking a certificate means to invalidate a previously signed certificate so that it can no longer be used for authentication purposes.
+= Revoking Certificates =
+''Revoking a certificate'' means to invalidate a previously signed certificate so that it can no longer be used for authentication purposes.
 Typical reasons for wanting to revoke a certificate include:
     The private key associated with the certificate is compromised or stolen.
     The user of an encrypted private key forgets the password on the key.
     You want to terminate a VPN user's access.
+Example
 As an example, we will revoke the client2 certificate, which we generated above in the "key generation" section of the HOWTO.
 First open up a shell or command prompt window and cd to the easy-rsa directory as you did in the "key generation" section above. On Linux/BSD/Unix:
     . ./vars
     ./revoke-full client2
+ * The private key associated with the certificate is compromised or stolen.
+ * The user of an encrypted private key forgets the password on the key.
+ * You want to terminate a VPN user's access.
+== Example ==
+As an example, we will revoke the '''client2''' certificate, which we generated above in the "key generation" section of the HOWTO.
+First open up a shell or command prompt window and cd to the '''easy-rsa''' directory as you did in the "key generation" section above. On Linux/BSD/Unix:
+{{{
+. ./vars
+./revoke-full client2
+}}}
 On Windows:
     vars
     revoke-full client2
+{{{
+vars
+revoke-full client2
+}}}
 You should see output similar to this:
     Using configuration from /root/openvpn/20/openvpn/tmp/easy-rsa/openssl.cnf
     DEBUG[load_index]: unique_subject = "yes"
     Revoking Certificate 04.
     Data Base Updated
     Using configuration from /root/openvpn/20/openvpn/tmp/easy-rsa/openssl.cnf
     DEBUG[load_index]: unique_subject = "yes"
     client2.crt: /C=KG/ST=NA/O=OpenVPN-TEST/CN=client2/emailAddress=me@myhost.mydomain
     error 23 at 0 depth lookup:certificate revoked
+{{{
+Using configuration from /root/openvpn/20/openvpn/tmp/easy-rsa/openssl.cnf
+DEBUG[load_index]: unique_subject = "yes"
+Revoking Certificate 04.
+Data Base Updated
+Using configuration from /root/openvpn/20/openvpn/tmp/easy-rsa/openssl.cnf
+DEBUG[load_index]: unique_subject = "yes"
+client2.crt: /C=KG/ST=NA/O=OpenVPN-TEST/CN=client2/emailAddress=me@myhost.mydomain
+error 23 at 0 depth lookup:certificate revoked
+}}}
 Note the "error 23" in the last line. That is what you want to see, as it indicates that a certificate verification of the revoked certificate failed.
 The revoke-full script will generate a CRL (certificate revocation list) file called crl.pem in the keys subdirectory. The file should be copied to a directory where the OpenVPN server can access it, then CRL verification should be enabled in the server configuration:
     crl-verify crl.pem
+The '''revoke-full''' script will generate a CRL (certificate revocation list) file called '''crl.pem''' in the '''keys''' subdirectory. The file should be copied to a directory where the OpenVPN server can access it, then CRL verification should be enabled in the server configuration:
+{{{
+crl-verify crl.pem
+}}}
 Now all connecting clients will have their client certificates verified against the CRL, and any positive match will result in the connection being dropped.
+CRL Notes
+    When the crl-verify option is used in OpenVPN, the CRL file will be re-read any time a new client connects or an existing client renegotiates the SSL/TLS connection (by default once per hour). This means that you can update the CRL file while the OpenVPN server daemon is running, and have the new CRL take effect immediately for newly connecting clients. If the client whose certificate you are revoking is already connected, you can restart the server via a signal (SIGUSR1 or SIGHUP) and flush all clients, or you can telnet to the management interfaceand explicitly kill the specific client instance object on the server without disturbing other clients.
+    While the crl-verify directive can be used on both the OpenVPN server and clients, it is generally unnecessary to distribute a CRL file to clients unless a server certificate has been revoked. Clients don't need to know about other client certificates which have been revoked because clients shouldn't be accepting direct connections from other clientsin the first place.
+    The CRL file is not secret, and should be made world-readable so that the OpenVPN daemon can read it after root privileges have been dropped.
+    If you are using the chrootdirective, make sure to put a copy of the CRL file in the chroot directory, since unlike most other files which OpenVPN reads, the CRL file will be read after the chroot call is executed, not before.
+    A common reason why certificates need to be revoked is that the user encrypts their private key with a password, then forgets the password. By revoking the original certificate, it is possible to generate a new certificate/key pair with the user's original common name.
+Important Note on possible "Man-in-the-Middle" attack if clients do not verify the certificate of the server they are connecting to.
+== CRL Notes ==
+ * When the crl-verify option is used in OpenVPN, the CRL file will be re-read any time a new client connects or an existing client renegotiates the SSL/TLS connection (by default once per hour). This means that you can update the CRL file while the OpenVPN server daemon is running, and have the new CRL take effect immediately for newly connecting clients. If the client whose certificate you are revoking is already connected, you can restart the server via a signal (SIGUSR1 or SIGHUP) and flush all clients, or you can telnet to the management interfaceand explicitly kill the specific client instance object on the server without disturbing other clients.
+ * While the crl-verify directive can be used on both the OpenVPN server and clients, it is generally unnecessary to distribute a CRL file to clients unless a server certificate has been revoked. Clients don't need to know about other client certificates which have been revoked because clients shouldn't be accepting direct connections from other clientsin the first place.
+ * The CRL file is not secret, and should be made world-readable so that the OpenVPN daemon can read it after root privileges have been dropped.
+ * If you are using the chrootdirective, make sure to put a copy of the CRL file in the chroot directory, since unlike most other files which OpenVPN reads, the CRL file will be read after the chroot call is executed, not before.
+ * A common reason why certificates need to be revoked is that the user encrypts their private key with a password, then forgets the password. By revoking the original certificate, it is possible to generate a new certificate/key pair with the user's original common name.
+= Important Note on possible "Man-in-the-Middle" attack if clients do not verify the certificate of the server they are connecting to =
 To avoid a possible Man-in-the-Middle attack where an authorized client tries to connect to another client by impersonating the server, make sure to enforce some kind of server certificate verification by clients. There are currently five different ways of accomplishing this, listed in the order of preference:
+    [OpenVPN 2.1 and above]Build your server certificates with specific key usage and extended key usage. The RFC3280 determine that the following attributes should be provided for TLS connections:
+    Mode        Key usage       Extended key usage
+    Client      digitalSignature        TLS Web Client Authentication
+    keyAgreement
+. OpenVPN 2.1 and above: Build your server certificates with specific key usage and extended key usage.
+The RFC3280 determine that the following attributes should be provided for TLS connections:
+{{{#!html
+<table border="1" cellspacing="0" cellpadding="8">
+<tbody>
+<tr><th>Mode</th><th>Key usage</th><th>Extended key usage</th></tr>
+<tr>
+<td rowspan="3">Client</td>
+<td>digitalSignature</td>
+<td rowspan="3">TLS Web Client Authentication</td>
+</tr>
+<tr>
+<td>keyAgreement</td>
+</tr>
+<tr>
+<td>digitalSignature, keyAgreement</td>
+</tr>
+<tr>
+<td rowspan="2">Server</td>
+<td>digitalSignature, keyEncipherment</td>
+<td rowspan="2">TLS Web Server Authentication</td>
+</tr>
+<tr>
+<td>digitalSignature, keyAgreement</td>
+</tr>
+</tbody>
+</table>
+}}}
+Mode Key usage Extended key usage
+Client digitalSignature TLS Web Client Authentication
+keyAgreement
     digitalSignature, keyAgreement
     Server      digitalSignature, keyEncipherment       TLS Web Server Authentication