Zeroshell VPN key security

Home Page Forums Network Management ZeroShell Zeroshell VPN key security

This topic contains 0 replies, has 0 voices, and was last updated by  reaperz 1 year, 6 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #44800

    reaperz
    Member

    I was restarting my LAN-to-LAN VPN connection and saw such messages in log:

    WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).

    Is it really true, that I am using only 64-bit VPN-key? How to find out?

    If really true, why is key length not configurable in Zeroshell?

    How to use AES256 NOW?

    It is year 2017, 64-bit keys were considered insecure even 10 years ago…

    #54455

    reaperz
    Member

    I did add to all my VPN-link Parameters: –cipher AES-256-CBC

    Did I do the right thing? Am I using AES256 now?

    At least it did disconnect current VPN tunnels and did not come back up, unless both sides were configured with –cipher AES-256-CBC

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.