Pushing ciphers

Another new feature of OpenVPN 2.4+ is the ability to "push" a cipher or HMAC algorithm from the server to the client. This makes it much easier to switch encryption or HMAC authentication algorithms, provided that all clients are using OpenVPN 2.4. This recipe provides a setup for explicitly pushing a cipher, as well as an explanation of the new cipher negotiation protocol.

Getting ready

This recipe uses the PKI files created in the first recipe from Chapter 2Client-server IP-only Networks. For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.4.0. The client was running Fedora 22 Linux and OpenVPN 2.4.0. For the server, keep the server configuration file basic-udp-server.conf from the Server-side routing recipe in Chapter 2Client-server IP-only Networks. For the Windows client, keep the corresponding client configuration file basic-udp-client.ovpn, from the Using an ifconfig-pool block recipe in Chapter 2Client-server IP-only Networks.

How to do it...

  1. Modify the server configuration file, basic-udp-server.conf, by adding the following lines:
            cipher aes-256-gcm 
            push "cipher aes-256-gcm" 
    

    Then save it as example4-10-server.conf.

  2. Start the server:
        [root@server]# openvpn --config example4-10-server.conf
    
  3. Start the client using the "standard" configuration file but with verbose logging:
        [root@client]# openvpn --config basic-udp-client.conf --
                verb 4
            Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit 
            key
            Data Channel Encrypt: Using 160 bit message hash 'SHA1' for 
            HMAC authentication
            Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit 
            key
            Data Channel Decrypt: Using 160 bit message hash 'SHA1' for 
            HMAC authentication
            Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-
            GCM-SHA384, 2048 bit RSA
            [...]
            OPTIONS IMPORT: data channel crypto options modified
            [...]
            Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 
            bit key
            Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 
            bit key
    

    The output showing that OpenVPN is now using an AES-256 cipher is shown in bold face.

  4. Verify that we can reach the server using the ping command:
          [client]$   ping -c 4  10.200.0.1
    PING 10.200.0.1 (10.200.0.1) 56(84) bytes of data.
            64 bytes from 10.200.0.1: icmp_seq=1 ttl=64 time=9.23 ms
            64 bytes from 10.200.0.1: icmp_seq=2 ttl=64 time=8.78 ms
            64 bytes from 10.200.0.1: icmp_seq=3 ttl=64 time=10.0 ms
            64 bytes from 10.200.0.1: icmp_seq=4 ttl=64 time=9.00 ms
            --- 10.200.0.1 ping statistics ---
            4 packets transmitted, 4 received, 0% packet loss, time 3004ms
            rtt min/avg/max/mdev = 8.780/9.259/10.022/0.468 ms
    

How it works...

Pushing a cipher is now just as simple as pushing other OpenVPN options. Versions prior to 2.4 did not support this, however. This allows VPN administrators to change the encryption parameters used without having to modify all (remote) client configuration files.

There's more...

Starting with OpenVPN 2.4 a new cipher negotiation protocol is introduced. At startup, the client and server will check whether both sides support the new GCM encryption protocols. The strongest cipher from this list is then chosen as the cipher. If no match is found, then OpenVPN reverts to the default BlowFish (BF-CBC) cipher, to ensure backward compatibility.

This feature can be tuned using the new directives ncp-ciphers and disable-ncp. The first directive specifies the list of ciphers to negotiate, whereas the second directive turns off cipher negotiation altogether.

When explicitly pushing a cipher from the server to the client you can only specify a cipher from the NCP cipher list. The default NCP cipher list is AES-256-GCM:AES-128-CGM:BF-CBC.

ccp-ciphers 
push "auth SHA512" 

Future enhancements

It is expected that future enhancements of this new feature will be:

  • A separate control channel HMAC algorithm so that you can switch the data channel algorithm independently
  • The ability to set a "per-client" encryption cipher, allowing you to support different ciphers for different platforms and clients
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.220.203.200