We have an OpenVPN v2.3.2 server running on Ubuntu 14.04, using openvpn-auth-ldap v2.0.3 to authenticate users against our AD server. This setup is working fine and all our users can connect without issues, but I did notice recurring user authentication messages in the openvpn server log, and I'm curious if this is typical behaviour.
The error messages are logged every 5 - 10 minutes for each connected user like so: Mon Dec 14 06:27:59 2020 user.name/user.ip TLS: Username/Password authentication succeeded for username 'user.name' [CN SET] Mon Dec 14 06:27:59 2020 user.name/user.ip Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Dec 14 06:27:59 2020 user.name/user.ip WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size. Mon Dec 14 06:27:59 2020 user.name/user.ip Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Dec 14 06:27:59 2020 user.name/user.ip Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Mon Dec 14 06:27:59 2020 user.name/user.ip WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size. Mon Dec 14 06:27:59 2020 user.name/user.ip Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Dec 14 06:27:59 2020 user.name/user.ip Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA Does anyone know why it repeatedly authenticates like this? Thanks, Guy -- <http://www.bluebatgames.com> Guy Knights • Senior Systems Engineer c: 778-996-2687p: 778-379-5120 <https://www.facebook.com/BlueBatGames/> <https://www.linkedin.com/company/bluebat-games> <https://twitter.com/BlueBatGames> <http://www.bluebatgames.com>
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users