Re: [Openvpn-users] PKCS11 problems with 2.5.1 under windows 10

2021-04-21 Thread Selva Nair 
Hi Mike,

On Wed, Apr 21, 2021 at 4:55 PM mike tancsa  wrote:

> On 4/21/2021 12:05 PM, Selva Nair wrote:
> > I think that patch is still not applied upstream. I tested softhsm
> > using your instructions and it works for TlS 1.3 and PSS -- softhsm2
> > gets request to sign pre-padded PSS data as Raw RSA and it seems to
> > handle that.
> >
> > I can understand some hardware tokens may refuse to sign pre-padded
> > data, so we need to find a fix for this.
> >
> If it would help development efforts, I am happy to donate a couple of
> keys to the project.  I have an assortment of old (CardOS based)  and
> new (SafeNet5110 which supports ECC).  I would be mailing from Canada,
> so ideally anyone close by, but happy to send internationally too.
>

Thanks for the offer, this could help. Tokens I have are some fairly
ancient one's that do not support RSA-PSS nor ECC.  Would be good to have
some newer tokens.

Domestic mail would work for me.

Selva
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] PKCS11 problems with 2.5.1 under windows 10

2021-04-21 Thread mike tancsa 
On 4/21/2021 12:05 PM, Selva Nair wrote:
> I think that patch is still not applied upstream. I tested softhsm
> using your instructions and it works for TlS 1.3 and PSS -- softhsm2
> gets request to sign pre-padded PSS data as Raw RSA and it seems to
> handle that.
>
> I can understand some hardware tokens may refuse to sign pre-padded
> data, so we need to find a fix for this.
>
If it would help development efforts, I am happy to donate a couple of
keys to the project.  I have an assortment of old (CardOS based)  and
new (SafeNet5110 which supports ECC).  I would be mailing from Canada,
so ideally anyone close by, but happy to send internationally too.

    ---Mike





___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] Why is the tun0 mtu 52 bytes lower than the link-mtu I set?

2021-04-21 Thread Nikolaos Kakouros 
I am experimenting with openvpn and I try to understand how the mtu is 
calculated. If I set `--link-mtu 1460`, then the tun0 mtu I see with `ip a` is 
1408. I understand that the IP + UDP headers are 28 bytes. What are the other 
24 bytes openvpn substracts? I thought it would have sth to do with encryption, 
so I disabled encryption (using `--cipher none`), but the same happened.

___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Joe Patterson 
On Wed, Apr 21, 2021 at 1:55 PM Selva Nair  wrote:
>
> Hi,
>
> On Wed, Apr 21, 2021 at 1:35 PM Joe Patterson  wrote:
>>
>> I stand corrected!  That's very useful to know.
>>
>> Does the "OTP" keywork in the plugin correspond to the OTP argument in
>> the static challenge?
>
>
> No, the argument to static-challenge is local to the client and only used for 
> prompting the user. It's not passed to the server. You can write it 
> differently in each client config if you wish.
>

I thought that seemed like it would be weird.  :)

>>
>> Like if my static challenge was "static-challenge 'enter the number
>> from your authenticator' 1", I'd use auth_pam.so "openvpn login:
>> USERNAME Password: PASSWORD Verification 'enter the number from your
>> authenticator'"?
>
>
> The capitalized words, USERNAME, PASSWORD and OTP are hard coded and stand 
> for the values for username, password and otp received from the client. These 
> get used against the corresponding prompts, "login:", "Password:" and 
> "Verification" in my example. So those latter words are specific to your set 
> up. Only the beginning of the prompt is matched, so "Verification" would also 
> match, say, a pam prompt of "Verification PIN:".
>

Fantastic.

> It's also possible to expose the common name to PAM -- use COMMONNAME as the 
> place-holder. See README.auth-pam.

I know.  I wrote that code.  :)

Thanks!

-Joe


___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Selva Nair 
Hi,

On Wed, Apr 21, 2021 at 1:35 PM Joe Patterson 
wrote:

> I stand corrected!  That's very useful to know.
>
> Does the "OTP" keywork in the plugin correspond to the OTP argument in
> the static challenge?
>

No, the argument to static-challenge is local to the client and only used
for prompting the user. It's not passed to the server. You can write it
differently in each client config if you wish.


> Like if my static challenge was "static-challenge 'enter the number
> from your authenticator' 1", I'd use auth_pam.so "openvpn login:
> USERNAME Password: PASSWORD Verification 'enter the number from your
> authenticator'"?
>

The capitalized words, USERNAME, PASSWORD and OTP are hard coded and stand
for the values for username, password and otp received from the client.
These get used against the corresponding prompts, "login:", "Password:"
and "Verification" in my example. So those latter words are specific to
your set up. Only the beginning of the prompt is matched, so "Verification"
would also match, say, a pam prompt of "Verification PIN:".

It's also possible to expose the common name to PAM -- use COMMONNAME as
the place-holder. See README.auth-pam.

Selva
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Joe Patterson 
I stand corrected!  That's very useful to know.

Does the "OTP" keywork in the plugin correspond to the OTP argument in
the static challenge?

Like if my static challenge was "static-challenge 'enter the number
from your authenticator' 1", I'd use auth_pam.so "openvpn login:
USERNAME Password: PASSWORD Verification 'enter the number from your
authenticator'"?

Thanks,

-Joe

On Wed, Apr 21, 2021 at 12:40 PM Selva Nair  wrote:
>
> Hi
>
> On Wed, Apr 21, 2021 at 11:48 AM Joe Patterson  
> wrote:
> >
> > What you're looking for is the openvpn challenge/response protocol,
> > which can be used when authentication is done via the management
> > interface.
> >
> > https://openvpn.net/community-resources/management-interface/
> > describes it a bit.
> >
> > I know that the MFA portion of the management interface system I wrote
> > (https://github.com/j-m-patterson/ovpnherder) supports passing TOTP
> > tokens via static challenge (which is where you put the
> > "static-challenge" directive in the client config) as well as
> > concatenating them with the password.
> >
> > Unfortunately, as far as I can tell, static and dynamic
> > challenge-response isn't available if you're using a plugin or script
> > for authentication. So if you're ready to take the plunge into using
> > the management interface, you can do it.  Otherwise, you're stuck with
> > concatenating the OTP token to the password.
>
> Static challenge can be used with plugins and scripts on the server --
> management-auth not required. Here is a pared down example of what I
> use:
>
> Add to client config
>
> static-challenge "OTP " 1
>
> This causes the  openvpn client (or its UI/GUI) to prompt separately for
> username, password and OTP . The prompt text for the latter is taken
> from the first argument to static-challenge. The second arg (1
> above) controls echo-ing of the pin. See the man page of openvpn for
> details. This prompt is also supported by OpenVPN-GUI on windows and,
> I think, by tunnelblick, viscosity and probably others.
>
> On the server, details vary depending on the need and verification
> mechanism used. I use PAM for which one adds to the server config:
>
> plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so "openvpn login:
> USERNAME Password: PASSWORD Verification OTP"
>
> (See README.auth-pam distributed with OpenVPN for how to format the
> above line to match your pam setup).
>
> And have a pam config /etc/pam.d/openvpn with, say,
>
> @include common-auth
> account  required pam_access.so
> @include common-account
> @include common-password
> @include common-session
>
> where common-auth has
>
> auth required pam_google_authenticator.so
>
> among other modules. There are so many ways of setting up PAM
> depending on how the user is authenticated (unix user db, ldap, Active
> Directory, ...), what kind of OTP is in use etc. The above is only
> meant to describe the essentials.
>
> Selva


___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Dajka Tamás 
Hi,

 

sometimes it’s not easy – at first sight – do accomplish it. I’ve written a bit 
advanced script based on Selva’s expamle. The solition used the management 
interface for authentication and can handle static and dynamic OTPs as well. 

 

We needed both static and dynamic OTP, because we used SecurID RSA as OTP, and 
if the user inputs wrong token for 3 times, than the RSA blocks and requests 
for the next token… (and this is done via dynamic challenge-response).

 

If interested, I can send the script over ( PAM is used for user auth against 
an MS AD, and Radius is used for SecurID, since that handle’s 
challenge-response auths, so we can wait for the user’s answer to dynamic 
questions without blocking the whole auth flow).

 

So, if you want to do a bit more complex stuff, than the management interface 
will be your friend (a perl/python/php/whatever daemon will be needed to 
connect to the mgmt interface and handle the requests from the openvpn server).

For simple tasks a static-challenge + PAM auth can be more than enough.

 

Cheers,

 

   Tom

 

From: Selva Nair [mailto:selva.n...@gmail.com] 
Sent: Wednesday, April 21, 2021 6:41 PM
To: Joe Patterson 
Cc: Openvpn Users 
Subject: Re: [Openvpn-users] How to send 2nd factor to server ?

 

Hi

On Wed, Apr 21, 2021 at 11:48 AM Joe Patterson http://gmail.com> > wrote:
>
> What you're looking for is the openvpn challenge/response protocol,
> which can be used when authentication is done via the management
> interface.
>
> https://openvpn.net/community-resources/management-interface/
> describes it a bit.
>
> I know that the MFA portion of the management interface system I wrote
> (https://github.com/j-m-patterson/ovpnherder) supports passing TOTP
> tokens via static challenge (which is where you put the
> "static-challenge" directive in the client config) as well as
> concatenating them with the password.
>
> Unfortunately, as far as I can tell, static and dynamic
> challenge-response isn't available if you're using a plugin or script
> for authentication. So if you're ready to take the plunge into using
> the management interface, you can do it.  Otherwise, you're stuck with
> concatenating the OTP token to the password.

Static challenge can be used with plugins and scripts on the server --
management-auth not required. Here is a pared down example of what I
use:

Add to client config

static-challenge "OTP " 1

This causes the  openvpn client (or its UI/GUI) to prompt separately for
username, password and OTP . The prompt text for the latter is taken
from the first argument to static-challenge. The second arg (1
above) controls echo-ing of the pin. See the man page of openvpn for 

details. This prompt is also supported by OpenVPN-GUI on windows and, 

I think, by tunnelblick, viscosity and probably others.

On the server, details vary depending on the need and verification
mechanism used. I use PAM for which one adds to the server config:

plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so "openvpn login:
USERNAME Password: PASSWORD Verification OTP"

(See README.auth-pam distributed with OpenVPN for how to format the
above line to match your pam setup).

And have a pam config /etc/pam.d/openvpn with, say,

@include common-auth
account  required pam_access.so
@include common-account
@include common-password
@include common-session

where common-auth has

auth required pam_google_authenticator.so

among other modules. There are so many ways of setting up PAM
depending on how the user is authenticated (unix user db, ldap, Active
Directory, ...), what kind of OTP is in use etc. The above is only
meant to describe the essentials.

 

Selva

___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Selva Nair 
Hi

On Wed, Apr 21, 2021 at 11:48 AM Joe Patterson 
wrote:
>
> What you're looking for is the openvpn challenge/response protocol,
> which can be used when authentication is done via the management
> interface.
>
> https://openvpn.net/community-resources/management-interface/
> describes it a bit.
>
> I know that the MFA portion of the management interface system I wrote
> (https://github.com/j-m-patterson/ovpnherder) supports passing TOTP
> tokens via static challenge (which is where you put the
> "static-challenge" directive in the client config) as well as
> concatenating them with the password.
>
> Unfortunately, as far as I can tell, static and dynamic
> challenge-response isn't available if you're using a plugin or script
> for authentication. So if you're ready to take the plunge into using
> the management interface, you can do it.  Otherwise, you're stuck with
> concatenating the OTP token to the password.

Static challenge can be used with plugins and scripts on the server --
management-auth not required. Here is a pared down example of what I
use:

Add to client config

*static-challenge "OTP " 1*

This causes the  openvpn client (or its UI/GUI) to prompt separately for
username, password and OTP . The prompt text for the latter is taken
from the first argument to static-challenge. The second arg (1
above) controls echo-ing of the pin. See the man page of openvpn for
details. This prompt is also supported by OpenVPN-GUI on windows and,
I think, by tunnelblick, viscosity and probably others.

On the server, details vary depending on the need and verification
mechanism used. I use PAM for which one adds to the server config:


*plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so "openvpn login:USERNAME
Password: PASSWORD Verification OTP"*

(See README.auth-pam distributed with OpenVPN for how to format the
above line to match your pam setup).

And have a pam config /etc/pam.d/openvpn with, say,





*@include common-authaccount  required pam_access.so@include
common-account@include common-password@include common-session*

where common-auth has

*auth required pam_google_authenticator.so*

among other modules. There are so many ways of setting up PAM
depending on how the user is authenticated (unix user db, ldap, Active
Directory, ...), what kind of OTP is in use etc. The above is only
meant to describe the essentials.

Selva
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] PKCS11 problems with 2.5.1 under windows 10

2021-04-21 Thread Selva Nair 
Hi,

On Wed, Apr 21, 2021 at 6:32 AM Jan Just Keijser  wrote:
>
> Hi,
>
> On 20/04/21 20:05, Selva Nair wrote:
> > On Tue, Apr 20, 2021 at 6:47 AM Jan Just Keijser  wrote:
> >> [...]
>
> >> This is surprising. SoftHSM would support raw RSA signatures and hence
> >> should work with OpenVPN + pkcs11-helper 1.26 and later even with TLS
> >> 1.3 and PSS signatures.  The problem should arise only for tokens that
> >> insist on doing the padding internally.
> >>
> >> By any chance, are you using an older pkcs11-helper library?
> >>
> >>
>
> I was using the "default" pkcs11-helper library from Fedora Core 32,
> which is still at version 1.22; note that Fedora 33 *also* uses
> pkcs11-helper 1.22 (the upcoming Fedora 34 will include v1.27).
>
> I grabbed pkcs11-helper from github and compiled it then recompiled
> OpenVPN 2.5.1 with it. Now, when using softhsm, I get
>
> 2021-04-21 10:12:01 us=639135 PKCS#11: Adding PKCS#11 provider
> '/usr/lib64/libsofthsm2.so'
> 2021-04-21 10:12:01 us=640607 PKCS#11: Cannot deserialize id
> 19-'CKR_ATTRIBUTE_VALUE_INVALID'
> 2021-04-21 10:12:01 us=640614 Cannot load certificate
> "pkcs11:model=SoftHSM%20v2;token=SoftToken1;..." using PKCS#11 interface

The deserialize error seems to indicate it's not able to parse the id.
What does openvpn --show-pkcs11-ids /usr/lib64/libsoftshsm2.so.

To use the id like "pkcs11:." you would need the RFC7512 patch
which we apply in our Windows builds. Or use the old style id like:

pkcs11-id 
'SoftHSM\x20project/SoftHSM\x20v2/serial-goes-here/SoftToken1/20210420'

I think that patch is still not applied upstream. I tested softhsm
using your instructions and it works for TlS 1.3 and PSS -- softhsm2
gets request to sign pre-padded PSS data as Raw RSA and it seems to
handle that.

I can understand some hardware tokens may refuse to sign pre-padded
data, so we need to find a fix for this.

Selva


___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] How to send 2nd factor to server ?

2021-04-21 Thread Joe Patterson 
What you're looking for is the openvpn challenge/response protocol,
which can be used when authentication is done via the management
interface.

https://openvpn.net/community-resources/management-interface/
describes it a bit.

I know that the MFA portion of the management interface system I wrote
(https://github.com/j-m-patterson/ovpnherder) supports passing TOTP
tokens via static challenge (which is where you put the
"static-challenge" directive in the client config) as well as
concatenating them with the password.

Unfortunately, as far as I can tell, static and dynamic
challenge-response isn't available if you're using a plugin or script
for authentication. So if you're ready to take the plunge into using
the management interface, you can do it.  Otherwise, you're stuck with
concatenating the OTP token to the password.

On Tue, Apr 20, 2021 at 3:59 PM Bogdan Rudas via Openvpn-users
 wrote:
>
> Hello!
>
> I've read a couple of guidelines regarding MFA with OpenVPN and all of them 
> mention that the 2nd factor could be either sent as password (with client 
> cert auth) or appended to the password string. Well, people tend to enter a 
> password when they see the password field.
> At the moment the only straightforward and more or less human-friendly way to 
> set up login+password+2fa authentication is to use a kind of 'push token' MFA 
> (so the user confirms login in some mobile application).
> OTP, password cards and any other way that demands text input from the user 
> demands to much from the users, they need blindly enter the password, then 
> type 2nd factor, can't see what they type and don't even know if 
> authentication failed because of wrong password or wrong OTP numbers (for 
> example).
> Is it possible to ask the user for the 2nd factor like OpenVPN client asks 
> for login and password and send discrete error messages for password and for 
> 2nd factor failures?
>
> Thank you.
> --
> Bogdan Rudas
> Director of IT Europe
> Exadel Inc.
> http://www.exadel.com/
> E-mail: bru...@exadel.com
> Skype ID: bogdan.rudas
>
>
>
> CONFIDENTIALITY NOTICE: This email and files attached to it are confidential. 
> If you are not the intended recipient you are hereby notified that using, 
> copying, distributing or taking any action in reliance on the contents of 
> this information is strictly prohibited. If you have received this email in 
> error please notify the sender and delete this email.
>
> ___
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users


___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] PKCS11 problems with 2.5.1 under windows 10

2021-04-21 Thread Jan Just Keijser 

Hi,

On 20/04/21 20:05, Selva Nair wrote:

On Tue, Apr 20, 2021 at 6:47 AM Jan Just Keijser  wrote:

[...]



This is surprising. SoftHSM would support raw RSA signatures and hence
should work with OpenVPN + pkcs11-helper 1.26 and later even with TLS
1.3 and PSS signatures.  The problem should arise only for tokens that
insist on doing the padding internally.

By any chance, are you using an older pkcs11-helper library?




I was using the "default" pkcs11-helper library from Fedora Core 32, 
which is still at version 1.22; note that Fedora 33 *also* uses 
pkcs11-helper 1.22 (the upcoming Fedora 34 will include v1.27).


I grabbed pkcs11-helper from github and compiled it then recompiled 
OpenVPN 2.5.1 with it. Now, when using softhsm, I get


2021-04-21 10:12:01 us=639135 PKCS#11: Adding PKCS#11 provider 
'/usr/lib64/libsofthsm2.so'
2021-04-21 10:12:01 us=640607 PKCS#11: Cannot deserialize id 
19-'CKR_ATTRIBUTE_VALUE_INVALID'
2021-04-21 10:12:01 us=640614 Cannot load certificate 
"pkcs11:model=SoftHSM%20v2;token=SoftToken1;..." using PKCS#11 interface


so no luck there; with my trusty old Aladdin/Safenet eToken I get the 
same error, so I'm guessing there's something wrong with v1.27 as well...


JJK



___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] OpenVPN 2.4.11 released

2021-04-21 Thread Samuli Seppänen 
The OpenVPN community project team is proud to release OpenVPN 2.4.11. 
It fixes two related security vulnerabilities (CVE-2020-15078) which 
under very specific circumstances allow tricking a server using delayed 
authentication (plugin or management) into returning a PUSH_REPLY before 
the AUTH_FAILED message, which can possibly be used to gather 
information about a VPN setup. This release also includes other bug 
fixes and improvements. Updated OpenSSL and OpenVPN GUI are included in 
Windows installers.


Source code and Windows installers can be downloaded from our download page:



Debian and Ubuntu packages are available in the official apt repositories:



--
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock


___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] OpenVPN 2.5.2 released

2021-04-21 Thread Samuli Seppänen 
The OpenVPN community project team is proud to release OpenVPN 2.5.2. It 
fixes two related security vulnerabilities (CVE-2020-15078) which under 
very specific circumstances allow tricking a server using delayed 
authentication (plugin or management) into returning a PUSH_REPLY before 
the AUTH_FAILED message, which can possibly be used to gather 
information about a VPN setup. In combination with "--auth-gen-token" or 
a user-specific token auth solution it can be possible to get access to 
a VPN with an otherwise-invalid account. OpenVPN 2.5.2 also includes 
other bug fixes and improvements. Updated OpenSSL and OpenVPN GUI are 
included in Windows installers.


Source code and Windows installers can be downloaded from our download page:



Debian and Ubuntu packages are available in the official apt repositories:



On Red Hat derivatives we recommend using the Fedora Copr repository.



---

Overview of changes since OpenVPN 2.4

  Faster connections

Connections setup is now much faster

  Crypto specific changes

ChaCha20-Poly1305 cipher in the OpenVPN data channel
  Requires OpenSSL 1.1.0 or newer)
Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
Client-specific tls-crypt keys (--tls-crypt-v2)
Improved Data channel cipher negotiation
Removal of BF-CBC support in default configuration (see below for
possible incompatibilities)

  Server-side improvements

HMAC based auth-token support for seamless reconnects to standalone
  servers or a group of servers.
Asynchronous (deferred) authentication support for auth-pam plugin
Asynchronous (deferred) support for client-connect scripts and
  plugins

  Network-related changes

Support IPv4 configs with /31 netmasks now
802.1q VLAN support on TAP servers
IPv6-only tunnels
New option --block-ipv6 to reject all IPv6 packets (ICMPv6)

  Linux-specific features

VRF support
Netlink integration (OpenVPN no longer needs to execute
  ifconfig/route or ip commands)

Windows-specific features

Wintun driver support, a faster alternative to tap-windows6
Setting tun/tap interface MTU
Setting DHCP search domain
Allow unicode search string in --cryptoapicert option
EasyRSA3, a modern take on OpenVPN CA management
MSI installer

---

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly
changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no
"default cipher BF-CBC" anymore because it is no longer considered a
reasonable default. BF-CBC is still available, but it needs to be
explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both
ends will be able  to negotiate a better cipher than BF-CBC. By default
they will select one of the AES-GCM ciphers, but this can be influenced
using the --data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no --cipher setting
in the config (= defaulting to BF-CBC and not being negotiation-capable)
must be updated. Unless BF-CBC is included in --data-ciphers or there is
a "--cipher BF-CBC" in the OpenVPN 2.5 config, a v2.5 client or server
will refuse to talk to a v2.3 server or client, because it has no common
data channel cipher and negotiating a cipher is not possible. Generally,
we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading
is not possible we recommend adding data-ciphers
AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC
(v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older)
release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5
based client will need a config file change to re-enable BF-CBC.  But be
warned that BF-CBC and other related weak ciphers will be removed in
coming OpenVPN major releases.

For full details see the Data channel cipher negotiation section on the
man page.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN
service that
implemented their own cipher negotiation method that always reports back
that it is using BF-CBC to the client is broken in v2.5. This has always
caused warning about mismatch ciphers. We have been in contact with some
service providers and they are looking into it.  This is not something
the OpenVPN community can fix. If your commercial VPN does not work with
a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated
features and user-visible changes are available in Changes.rst:



---

Linux packages are available from